cookies - valid for single browser window

Hi,
I'm using a cookie to track a logged in user at my website. I'm not setting any expiration time so that the cookie expires when the browser session expires (browser is closed).

Is it possible to make the cookie expire when only the browser window my website is in is closed? In other words, it seems that the default cookie behavior is to persist until ALL browser windows are closed (ie. all Firefox windows). Given that multiple window browsing is so common I would like to make my cookie expire when just my website window is closed. Is this possible?

Thanks in advance,
Dave

Not sure if this would work but maybe look into an unload function that you can include into a header file.

Good luck and let me know if you find a solution as I would be interested in learning it.

Well, probably not in a 100% workable way. That's why it's best to just use expiries. I mean, what if a user wanders away from a public computer and leaves the browser window with your site open?

Yeah I have avoided setting an expire time as it's possible someone could log into my site and edit a document for a long time without communicating with the server. So I guess it is a trade off between setting something like a 30 minute expire or having expire occur when the browser session is over. It's not possible to have the cookie expire on the sooner of the two events is it? :o

Well, if a user is editing a document, the least he'd have to do is login again when he/she submits it? Not too much to ask for in the name of security. On a secure computer the user should have the option of automatic login via cookies and this can be then done without the user even knowing.

You could also use sessions to manage user position within the website and have conditional cookie expiration periods.