Refering to the above topic, could someone please enlighten me on this matter? I was assigned to build this pop-up window that will be placed as a link from the master site. This pop-up can only be initiated by subscribers when they login. So, I wouldn't want people to bookmark the pop-up without having to login the next time.
However, there is this situation here, the master site has this policy -> whereby each session will expire after idling for 15 minutes. I have tried logging into the site and bookmark it and later open it again but to no avail so it's safe!
If this is the policy of the master site, do I have to exercise any prevention on the pop-up? Will the policy on the master site be applied on the pop-up as well? For your information, I don't have any knowledge on how things are done on the master site.
Any advice would be highly appreciated.

Is it possible to make a randomly encoded url, that is usable only once? If so... I would do it that way, every time the user logs in, the url to get to said page is encoded differently. And every time he closes the page it logs out.