December 5th, 2013, 02:18 PM
I am using the below to make the cfid and the cftoken expire. But I've noticed the cfid is getting into really high numbers. Is there a way to reset the CFID after a month or two. Or is that not even an issue that it gets into high digits?
<cfcookie name="CFID" expires="now">
<cfcookie name="CFTOKEN" expires="now">
December 5th, 2013, 03:47 PM
It shouldn't matter, but you may want to look into using J2EE sessions (jsessionid) instead. It's more secure than CFID and CFTOKEN. There's info on this in various spots here: http://tinyurl.com/qhdgu86.