By default, SESSION variables persist until a specified timeout interval – even if the client browser is closed and then reopened. To change this behavior you must replace the CFID and CFTOKEN cookies so that they are SESSION cookies (they’ll expire when the browser session is closed). To do this, simply use to overwrite these variables, and omit the EXPIRES attribute so that the cookies expire at the end of the browser session. (Applies to: ColdFusion All)

Leave a Reply