Problem with Cookieless Sessions on Mozilla and Netscape
I can't get cookie-less session in Mozilla. They work fine in IE. This is the python script I am using to run the test: ## Script (Python) "testSession" ##bind container=container ##bind context=context ##bind namespace= ##bind subpath=traverse_subpath ##parameters= ##title= ## session = context.REQUEST.SESSION if session.has_key('mb'): return 'second time' else: session['mb'] = 1 return 'first time' I am running the 2.5.1 binary on Windows XP. Both Mozilla (Build ID: 2002053012) and Netscape 4.51 show 'first time', no matter how many times I refresh. Any ideas? Thanks. Mark
Do you munge the URL that calls this script with the browser id by using the "encodeUrl" method of the browser id manager? ----- Original Message ----- From: "Mark Bucciarelli" <mark@easymailings.com> To: <zope@zope.org> Sent: Thursday, July 25, 2002 1:18 PM Subject: [Zope] Problem with Cookieless Sessions on Mozilla and Netscape I can't get cookie-less session in Mozilla. They work fine in IE. This is the python script I am using to run the test: ## Script (Python) "testSession" ##bind container=container ##bind context=context ##bind namespace= ##bind subpath=traverse_subpath ##parameters= ##title= ## session = context.REQUEST.SESSION if session.has_key('mb'): return 'second time' else: session['mb'] = 1 return 'first time' I am running the 2.5.1 binary on Windows XP. Both Mozilla (Build ID: 2002053012) and Netscape 4.51 show 'first time', no matter how many times I refresh. Any ideas? Thanks. Mark _______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
On Thursday 25 July 2002 05:05 pm, Chris McDonough wrote:
Do you munge the URL that calls this script with the browser id by using the "encodeUrl" method of the browser id manager?
Hi Chris, Thanks for your help. I wasn't using the encodeUrl method. I was hoping that setting the browser_id_manager to "Cookies then form" should (somehow) do this transparently, and I had to tweak some setting. I read the encodeUrl API, and I see how that can help. Is the basic idea that the request object needs to have a _ZopeId dictionary element defined? Now, how can I make all my links have that suffix? For example, is there a way parse the response just before it heads back to the client and append a "?_ZopeId=asdf" all href attributes? I suppose one way would be to make sure every ZPT and python script checks the request for _ZopeID and, if found, sticks it into the response. Thanks. Mark
Hi Mark, Mark Bucciarelli wrote:
Thanks for your help. I wasn't using the encodeUrl method. I was hoping that setting the browser_id_manager to "Cookies then form" should (somehow) do this transparently, and I had to tweak some setting.
Kapil Thangavelu's URLSessionAdapter at http://www.zope.org/Members/k_vertigo/Products/URLSessionAdapter might help you here. It performs URL-encoding automatically. I hope to roll this idea into a later revision of the sessioning stuff, but for now encodeUrl and Kapil's thing is all we've got.
I read the encodeUrl API, and I see how that can help. Is the basic idea that the request object needs to have a _ZopeId dictionary element defined?
That's right. Well, a better way to put it would be that the sessioning machinery needs to be able to find a variable named '_ZopeId' in the request object via a call to REQUEST.get('_ZopeId'), whether this variable is in the cookies namespace or the form namespace or wherever.
Now, how can I make all my links have that suffix? For example, is there a way parse the response just before it heads back to the client and append a "?_ZopeId=asdf" all href attributes?
No, if you want to use encodeURL, you'll need to encode "clickable" URLs by hand in your rendered pages. For example: <a href="<dtml-var "browser_id_manager.encodeUrl('http://www.zope.org')">">Zope.org</a> This will produce something like this when it's rendered: <a href="http://www.zope.org?_ZopeId=78978612367812678">Zope.org</a>
I suppose one way would be to make sure every ZPT and python script checks the request for _ZopeID and, if found, sticks it into the response.
No, this won't work because HTTP doesn't work that way. Each request is separate, and values you set in the RESPONSE (other thank cookies) are lost on the next request. If the user doesn't have cookies enabled, each link needs to have the browser id encoded into the URL and each form needs to include a hidden form field in the form: <input type="hidden" name="<dtml-var "browser_id_manager.getBrowserIdName()">"> value="<dtml-var "browser_id_manager.getBrowserId()">"> HTH, -- Chris McDonough Zope Corporation http://www.zope.org http://www.zope.com "Killing hundreds of birds with thousands of stones"
Chris McDonough wrote:
No, if you want to use encodeURL, you'll need to encode "clickable" URLs by hand in your rendered pages. For example:
<a href="<dtml-var "browser_id_manager.encodeUrl('http://www.zope.org')">">Zope.org</a>
This will produce something like this when it's rendered:
<a href="http://www.zope.org?_ZopeId=78978612367812678">Zope.org</a>
A possible workaround would be to use javascript to let the client append this string to all links in a site, through manipulating the a.location.href values. cheers, oliver
Mark Bucciarelli writes:
I am running the 2.5.1 binary on Windows XP. Both Mozilla (Build ID: 2002053012) and Netscape 4.51 show 'first time', no matter how many times I refresh. Are you sure, cookies are enabled?
Dieter
participants (4)
-
Chris McDonough -
Dieter Maurer -
Mark Bucciarelli -
Oliver Bleutgen