If I’m using client cookies with these settings and someone pastes a cfid/cftoken in a URL, does Lucee still do a lookup on the values entered in the URL? Can I force Lucee to ignore it?
this.clientManagement = true;
this.setClientCookies = true;
this.httpOnlyCookies = true;
this.secureJSON = true;
this.sessionTimeout = CreateTimeSpan(0, 0, 20, 0);
4 posts - 2 participants