Hi,
I notice that even after RPI reboot if browser it is not closed and cookie destroyed the authentication cookie can be re/used forever... this open the problem with cookie stealing.
Is it possible to set on controller to request authentication for every action ?
Normally the credentials are saved in browser by user so there is no need to reenter every time just to confirm them.
This behavior will protect also for unwanted action if tap by mistake on phone when scrolling the page looking in a long list.... I have 16 relays ( and I plan to add 8 more ) all used for: heating, lights, doors, power plug control... and old eyes.
Hi, I notice that even after RPI reboot if browser it is not closed and cookie destroyed the authentication cookie can be re/used forever... this open the problem with cookie stealing. Is it possible to set on controller to request authentication for every action ? Normally the credentials are saved in browser by user so there is no need to reenter every time just to confirm them. This behavior will protect also for unwanted action if tap by mistake on phone when scrolling the page looking in a long list.... I have 16 relays ( and I plan to add 8 more ) all used for: heating, lights, doors, power plug control... and old eyes.