That depends a lot on the ui. Facebook, for example, logs out on both
sites, while Twitter doesn't. If you're worried about a security
issue, have you "log out" button say something like "Log out of XXX"
where xxx is your site name.

Another option I've seen (when relying completely on a 3rd party log
in site) was not to allow log out at all. They let the 3rd party site
deal with that, and only allow "join".

On Jul 26, 12:04 am, Vignesh Sunder <heartbreaki...@gmail.com> wrote:
> Thanks for the reply..But I feel this could be a security issue,
> considering the fact that the user (say user1) would not be aware of
> the fact that he/she has not yet been logged out of Twitter. If
> another user (say user2) gets hold of the system before user1's
> cookie/session gets timed out, and happens to access Twitter.com,
> there is a bright chance that user1's information can get compromised.
> Please correct me if I am wrong in assuming that most of the users who
> browse the internet today are still 'innocent' !

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Reply via email to