search

dwp / accessibility-manual

The DWP Accessibility Manual is a community led effort to put guidance and best practices all in one place for anybody looking to meet the Public Sector Bodies Accessibility Regulations 2018.
https://accessibility-manual.dwp.gov.uk
MIT License
37 stars 16 forks source link

Session Timeout - how long? #56

Closed MacTheFork closed 1 year ago

MacTheFork commented 1 year ago

https://accessibility-manual.dwp.gov.uk/guidance-for-your-job-role/software-engineer-or-frontend-developer Timeouts section says "the default time limit is set to at least 20 hours"

Shouldn't this be minutes, not hours?

abbott567 commented 1 year ago

@MacTheFork no, 20 hours is correct.

The content states 20 hours because that is the exception time outlined in the Web Content Accessibility Guidelines under 2.1.1 Timing Adjustable.

If you configure your application so that every session is automatically set to expire after 20 hours, then you don't need to do extra work to make the session extendable, you just pass the criterion.

If it's less than 20 hours, like 20 minutes or even 1 hour, then you need to provide a way for the user to configure it.

MacTheFork commented 1 year ago

Thank you for your response which clarifies the matter. The reference to 2.1.1 Timing Adjustable was very helpful.

I had misunderstood the paragraph having not registered the 'one of' applying to the bullet points. Consequently I was reading the bullet points in sequence with an implicit 'and' between them.

May I suggest the phrase 'one of' is expanded to match the WCAG phrasing of 'at least one of', perhaps with added emphasis. And that an explicit 'or' between the bullet points is added (maybe use and/or to avoid the potential interpretation as an exclusive or?).

In any case I'm content for the issue to be closed.