Guess it depends on if you want to force the users to close their
browsers. Some people don't like doing that. (At least I don't). I keep
Firefox running at all times and just open and close tabs at will. If I
had to use an app that required me to close Firefox to log out, I'd
probably just forget to log out.
-----Original Message-----
From: test.future@gmail.com [mailto:test.future@gmail.com]
Sent: Tuesday, May 02, 2006 03:41
To: webappsec@securityfocus.com
Subject: Is logoff feature necessary
We have a web applicaiton which do not have logoff button.
The developer claims that it is unnecessary, since the
session can be terminated by closing the browser. Is it
correct? Thanks.
--------------------------------------------------------------
-----------
Sponsored by: Watchfire
The Twelve Most Common Application-level Hack Attacks Hackers
continue to add billions to the cost of doing business online
despite security executives' efforts to prevent malicious
attacks. This whitepaper identifies the most common methods
of attacks that we have seen, and outlines a guideline for
developing secure web applications.
Download this whitepaper today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=70130
0000007t9r
--------------------------------------------------------------
------------
-------------------------------------------------------------------------
Sponsored by: Watchfire
The Twelve Most Common Application-level Hack Attacks
Hackers continue to add billions to the cost of doing business online
despite security executives' efforts to prevent malicious attacks. This
whitepaper identifies the most common methods of attacks that we have seen,
and outlines a guideline for developing secure web applications.
Download this whitepaper today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701300000007t9r
--------------------------------------------------------------------------
