Session data in URL *or* in cookie
Hello! As I found how Zope's sessions work, I'd like to write script which would handle this: 1. If user comes to the website and he has cookies DISABLED, he will have the session data stored in URLs, as I have set up in "browser_id_manager" object checking the "Automatically Encode Zope-Generated URLs With A Browser Id" option - so his URL www.mysite.com/mypage will be encoded to http://www.mysite.com/_ZopeId/38936190A0sgFZ2i4l0/mypage for example. 2. BUT (and here comes the point) - if user browses the web and he has cookies ENABLED, he will browse with *classic* URLs without encoded session data, so for example www.mysite.com/mypage (he doesn't need to have session data in URLs, because they will be read from cookies). So the question is - is there a way how system could detect if user has or hasn't cookies and would encode Zope-Generated URLs *only* if user has cookies disabled? Or does some session tracking product for Zope exist which does it handle this way? Thank you for answer, Lubos.
Lubos Culen wrote at 2003-2-25 15:10 +0100:
... So the question is - is there a way how system could detect if user has or hasn't cookies and would encode Zope-Generated URLs *only* if user has cookies disabled? Or does some session tracking product for Zope exist which does it handle this way?
When you see cookies, they are enabled. I think, you can check in JavaScript whether cookies are enabled. You can set a cookie and see whether it comes back. I fear that's all what is there. Dieter
Dieter, thank you very much for answer - I see I will have to encode the URLs "manually" when user has not cookies enabled. But yet one more question: Now I'm using the function encodeUrl, which transfers URL to something like http://foo.com/amethod?_ZopeId=as9dfu0adfu0ad . But - is in Zope any similar function, which will encode the URLs in a way http://foo.com/_ZopeId/as9dfu0adfu0ad/amethod (exactly as automated URL- encoding engine does it) ? This encoding has big advantage that the session will remain when relative links are used, so I would find very handy if I could encode the session data this way. Thanks, Lubos. On Tue, 25 Feb 2003 23:40:00 +0100, Dieter Maurer <dieter@handshake.de> wrote:
Lubos Culen wrote at 2003-2-25 15:10 +0100:
... So the question is - is there a way how system could detect if user has or > hasn't cookies and would encode Zope-Generated URLs *only* if user has > cookies disabled? Or does some session tracking product for Zope exist > which does it handle this way?
When you see cookies, they are enabled.
I think, you can check in JavaScript whether cookies are enabled.
You can set a cookie and see whether it comes back.
I fear that's all what is there.
Dieter
-- Regards, Lubos Culen Internet/Intranet Developer, Systinet Corp. http://www.systinet.com Personal: http://www.mirsoft.info ICQ: 658788
Lubos Culen wrote at 2003-2-26 11:34 +0100:
thank you very much for answer - I see I will have to encode the URLs "manually" when user has not cookies enabled. But yet one more question: Now I'm using the function encodeUrl, which transfers URL to something like http://foo.com/amethod?_ZopeId=as9dfu0adfu0ad . But - is in Zope any similar function, which will encode the URLs in a way http://foo.com/_ZopeId/as9dfu0adfu0ad/amethod (exactly as automated URL- encoding engine does it) ? This encoding has big advantage that the session will remain when relative links are used, so I would find very handy if I could encode the session data this way.
I do not know a function that does precisely this. The problem is that for *relative* URLs it may not be easy to know the URL path segments before the given part. As you want to add a starting path, you must effectively make the relative URL an absolute one. For absolute URLs, the problem is quite straight forward: You recognize the protocol and host part, if any, and remove it. You prepend the new segments. You prepend the protocol and host part again (if any). Dieter
I think encodeURL already does this (in 2.6+) if you call it with the proper keywords. If you pass in the keyword 'style' and set it equal to anything but 'querystring' it should generate what you're looking for. Kevin Lubos Culen wrote:
Dieter,
thank you very much for answer - I see I will have to encode the URLs "manually" when user has not cookies enabled. But yet one more question: Now I'm using the function encodeUrl, which transfers URL to something like http://foo.com/amethod?_ZopeId=as9dfu0adfu0ad . But - is in Zope any similar function, which will encode the URLs in a way http://foo.com/_ZopeId/as9dfu0adfu0ad/amethod (exactly as automated URL- encoding engine does it) ? This encoding has big advantage that the session will remain when relative links are used, so I would find very handy if I could encode the session data this way.
Thanks,
Lubos.
On Tue, 25 Feb 2003 23:40:00 +0100, Dieter Maurer <dieter@handshake.de> wrote:
Lubos Culen wrote at 2003-2-25 15:10 +0100:
... So the question is - is there a way how system could detect if user has or > hasn't cookies and would encode Zope-Generated URLs *only* if user has > cookies disabled? Or does some session tracking product for Zope exist > which does it handle this way?
When you see cookies, they are enabled.
I think, you can check in JavaScript whether cookies are enabled.
You can set a cookie and see whether it comes back.
I fear that's all what is there.
Dieter
participants (3)
-
Dieter Maurer -
Kevin Carlson -
Lubos Culen