The Wikipedia Review: A forum for discussion and criticism of Wikipedia
Wikipedia Review Op-Ed Pages

Welcome, Guest! ( Log In | Register )

 
Reply to this topicStart new topic
> Auto log out
thekohser
post Mon 23rd November 2009, 3:02pm
Post #1


Member
*********

Group: Regulars
Posts: 10,274
Joined: Thu 1st Feb 2007, 10:21pm
Member No.: 911



Ain't there some way on Wikipedia to automatically log out your account based on some pre-set parameters (such as 30 minutes without an edit, or upon closure of one's browser, etc.)?
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Nerd
post Mon 23rd November 2009, 3:11pm
Post #2


Über Member
*****

Group: Regulars
Posts: 672
Joined: Sat 30th May 2009, 7:52pm
From: Cloud cuckoo land
Member No.: 11,945



QUOTE(thekohser @ Mon 23rd November 2009, 3:02pm) *

Ain't there some way on Wikipedia to automatically log out your account based on some pre-set parameters (such as 30 minutes without an edit, or upon closure of one's browser, etc.)?


I expect there's a way using javascript. That sounds like a good idea actually.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
dogbiscuit
post Mon 23rd November 2009, 3:29pm
Post #3


Could you run through Verifiability not Truth once more?
********

Group: Members
Posts: 2,972
Joined: Tue 4th Dec 2007, 12:42am
From: The Midlands
Member No.: 4,015



QUOTE(Nerd @ Mon 23rd November 2009, 3:11pm) *

QUOTE(thekohser @ Mon 23rd November 2009, 3:02pm) *

Ain't there some way on Wikipedia to automatically log out your account based on some pre-set parameters (such as 30 minutes without an edit, or upon closure of one's browser, etc.)?


I expect there's a way using javascript. That sounds like a good idea actually.

Yes, a nice big checkbox saying "Sock-puppeteer protection enabled" evilgrin.gif
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
CharlotteWebb
post Mon 23rd November 2009, 6:22pm
Post #4


Postmaster General
********

Group: Regulars
Posts: 2,740
Joined: Mon 18th Jun 2007, 2:09am
Member No.: 1,727

WP user page - talk
check - contribs



QUOTE(thekohser @ Mon 23rd November 2009, 3:02pm) *

Ain't there some way on Wikipedia to automatically log out your account based on some pre-set parameters (such as 30 minutes without an edit, or upon closure of one's browser, etc.)?

Wikipedia can't tell whether you've closed your browser and opened it again, but you can configure the browser to delete all cookies at that time (for some, this is the default privacy setting) regardless of the duration the server intends.

Checking whether you have edited in the last N minutes would be a little more difficult, but I'm sure I could do it using javascript if somebody actually has a need for it.

But no, there's no currently built-in feature to this effect.

This post has been edited by CharlotteWebb: Mon 23rd November 2009, 6:23pm
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
dogbiscuit
post Mon 23rd November 2009, 7:00pm
Post #5


Could you run through Verifiability not Truth once more?
********

Group: Members
Posts: 2,972
Joined: Tue 4th Dec 2007, 12:42am
From: The Midlands
Member No.: 4,015



QUOTE(CharlotteWebb @ Mon 23rd November 2009, 6:22pm) *

QUOTE(thekohser @ Mon 23rd November 2009, 3:02pm) *

Ain't there some way on Wikipedia to automatically log out your account based on some pre-set parameters (such as 30 minutes without an edit, or upon closure of one's browser, etc.)?

Wikipedia can't tell whether you've closed your browser and opened it again, but you can configure the browser to delete all cookies at that time (for some, this is the default privacy setting) regardless of the duration the server intends.

Checking whether you have edited in the last N minutes would be a little more difficult, but I'm sure I could do it using javascript if somebody actually has a need for it.

But no, there's no currently built-in feature to this effect.

Cookies have an expiration time, so a 30 minute without an edit cookie is a trivial bit of PHP to set the cookie with each interaction. You magically don't send the cookie back to Wikipedia after 31 minutes as part of browser functionality.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
CharlotteWebb
post Mon 23rd November 2009, 7:07pm
Post #6


Postmaster General
********

Group: Regulars
Posts: 2,740
Joined: Mon 18th Jun 2007, 2:09am
Member No.: 1,727

WP user page - talk
check - contribs



QUOTE(dogbiscuit @ Mon 23rd November 2009, 7:00pm) *

Cookies have an expiration time, so a 30 minute without an edit cookie is a trivial bit of PHP to set the cookie with each interaction. You magically don't send the cookie back to Wikipedia after 31 minutes as part of browser functionality.

Magically indeed, what browser functionality is this?

Well if it's greasemonkey we might be on the same page…
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
dogbiscuit
post Mon 23rd November 2009, 7:12pm
Post #7


Could you run through Verifiability not Truth once more?
********

Group: Members
Posts: 2,972
Joined: Tue 4th Dec 2007, 12:42am
From: The Midlands
Member No.: 4,015



QUOTE(CharlotteWebb @ Mon 23rd November 2009, 7:07pm) *

QUOTE(dogbiscuit @ Mon 23rd November 2009, 7:00pm) *

Cookies have an expiration time, so a 30 minute without an edit cookie is a trivial bit of PHP to set the cookie with each interaction. You magically don't send the cookie back to Wikipedia after 31 minutes as part of browser functionality.

Magically indeed, what browser functionality is this?

Well if it's greasemonkey we might be on the same page…

A cookie is just a header that is downloaded and stored. When the browser sees a cookie that matches a site domain, it automatically sends the cookie back as part of the request in brain dead fashion. At the point the cookie expiration date expires, it is no longer sent back and so the site no longer has the login information (unless it also is tracking by session and decides that it is not interested in cookies while the session is current).

However, that is the principle that something like eBay would achieve its "Keep me signed in for a day" function.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Random832
post Mon 23rd November 2009, 8:12pm
Post #8


meh
*******

Group: Regulars
Posts: 1,933
Joined: Thu 14th Feb 2008, 8:52pm
Member No.: 4,844

WP user page - talk
check - contribs



QUOTE(dogbiscuit @ Mon 23rd November 2009, 7:12pm) *
A cookie is just a header that is downloaded and stored. When the browser sees a cookie that matches a site domain, it automatically sends the cookie back as part of the request in brain dead fashion. At the point the cookie expiration date expires, it is no longer sent back and so the site no longer has the login information (unless it also is tracking by session and decides that it is not interested in cookies while the session is current).


Um, with the cookie gone, the site also no longer has the session, unless it's done something like a url parameter (which is normally only done if a browser does not support cookies at all)
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
dogbiscuit
post Mon 23rd November 2009, 8:20pm
Post #9


Could you run through Verifiability not Truth once more?
********

Group: Members
Posts: 2,972
Joined: Tue 4th Dec 2007, 12:42am
From: The Midlands
Member No.: 4,015



QUOTE(Random832 @ Mon 23rd November 2009, 8:12pm) *

QUOTE(dogbiscuit @ Mon 23rd November 2009, 7:12pm) *
A cookie is just a header that is downloaded and stored. When the browser sees a cookie that matches a site domain, it automatically sends the cookie back as part of the request in brain dead fashion. At the point the cookie expiration date expires, it is no longer sent back and so the site no longer has the login information (unless it also is tracking by session and decides that it is not interested in cookies while the session is current).


Um, with the cookie gone, the site also no longer has the session, unless it's done something like a url parameter (which is normally only done if a browser does not support cookies at all)

The session cookie would be distinct from a cookie of login info, and the session normally is killed off when you shut down the browser, again by appropriate setting of the cookie. Session variables are stored on the server, essentially indexed by the session id, whereas the login info needs to be kept on the client computer to survive across sessions.

I'm sure we are not disagreeing, the point is that it is old hat to come up with a fairly robust scheme of timing out sessions, either using server tricks, client tricks or a combination of the two, normally the latter.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 

-   Lo-Fi Version Time is now: 22nd 9 17, 8:46pm