Feb 23, 2007 03:50:04 UTC

by Sana

Hi Luis,

I think 30 minutes, as sessions default expiry is 30 minutes, so this cookie should be 30 minutes expiry time.

Feb 23, 2007 07:29:14 UTC

by Dan Wilson

Luis,

Perhaps it could be left up to the user to clear the cookie when they have finished the debugging?

A link or a special URL perhaps to clear the cookie?

Dan

Feb 23, 2007 10:00:43 UTC

by reuben

I agree with Sana that the time out for a cookie should be defaulted to the session timeout. If you are working constantly on the site, the debug will last beyond 30 minutes. The big issue is that if you stop work and come back to the site, you don't always want debug still enabled. I think having it auto expire is a good thing.

Feb 23, 2007 10:24:47 UTC

by Luis Majano

Dan,

You can clear the cookie by just setting debugmode=false once you are done. But we all know that sometimes we are lazy and basically forget, like 90 year old brians!!

So an automatic timeout, would allow security and also peace of mind.

I think 30 minutes is reasonable. Any more suggestions.