Just start with closing the session, eh? Otherwise the app won’t know what session to close.
And hopefully when the session is destroyed on the server, the app also deletes the client cookie. Assuming there will never be any server bugs, so that keeping the previous SessionIDs
around on the client is “no problem”, sounds like your average “famous last words” occurrence.
Yeah you really should do both. Some session cookies can just be used as tracking cookies later.
Just start with closing the session, eh? Otherwise the app won’t know what session to close.
And hopefully when the session is destroyed on the server, the app also deletes the client cookie. Assuming there will never be any server bugs, so that keeping the previous
SessionIDsaround on the client is “no problem”, sounds like your average “famous last words” occurrence.