Cookies in ColdFusion
There are two kinds of cookies, as follows: A. In-memory cookies OR Session cookies:If you create a cookie without specifying an expiration date, you are creating an in-memory/session cookie, which lives for that browser session only. An in-memory cookie goes away when the user shuts the browser down. Session cookie resides in the browsers memory and not on the hard drive. When the user closes the browser or the user surfs to a new site the session cookie is dropped. Session cookies are used to store state information only (eg. shopping carts) within a session. JSessionID is a session cookie. B. Persistent cookies:
If you want the cookie information to persist beyond the session, you should create a persistent cookie by specifying an expiration date. Supplying an expiration date causes the browser to save the cookie on the client computer. Until the cookie expiration date is reached, the data in the persistent cookie will stay on the client machine. Any request to the original Web site will automatically attach the cookie that was created by that site. Cookies go only to the sites that created them because part of the Web site name and file make up the data in the cookie. Persistent cookies are stored for a length of time that is set by the Web server when it passes the cookie to browser. Coldfusion uses CFCOOKIE to set the cookie. ColdFusion uses two cookies set on the user's computer, CFID and CFTOKEN, to tie them to a set of session variables. By default, these two cookies are persistent cookies and are set to never expire. Hence, a session never ends on browser close. You can end a session on browser close By re-saving the cookies with the same name and value, any existing session variables will be maintained but the browser will set the cookies to automatically delete when the browser closes. If the user opens their browser back up and goes back to your page, the ColdFusion server detects that there is no CFID/CFTOKEN cookies set and will generate a new combination - thus a new session. The following code will convert the persistent cookies CFID and CFTOKEN to session cookie, thus allowing the cookies to be deleted automatically by the browser on browser close.
How to end a coldfusion session on browser close
<cfif IsDefined("cookie.CFID") AND IsDefined("cookie.CFTOKEN")>
<!---
write this code in Application.cfm
re-saving the cookies with the same name and value will
set the cookies to automatically delete when the browser closes
--->
<cfset cfid_local = cookie.CFID>
<cfset cftoken_local = ccookie.CFTOKEN>
<cfcookie name="CFID" value="#cfid_local#">
<cfcookie name="CFTOKEN" value="#cftoken_local#">
</cfif>
Ginger CMS
the future of cms, a simple and intuitive content management system ... ASP.NET MVC Application
best practices like Repository, LINQ, Dapper, Domain objects ... CFTurbine
cf prototyping engine, generates boilerplate code and views ... Search Engine LITE
create your own custom search engine for your web site ... JRun monitor
monitors the memory footprint of JRun engine and auto-restarts a hung engine ... Validation Library
complete validation library for your web forms ...
the future of cms, a simple and intuitive content management system ... ASP.NET MVC Application
best practices like Repository, LINQ, Dapper, Domain objects ... CFTurbine
cf prototyping engine, generates boilerplate code and views ... Search Engine LITE
create your own custom search engine for your web site ... JRun monitor
monitors the memory footprint of JRun engine and auto-restarts a hung engine ... Validation Library
complete validation library for your web forms ...