[Zope] Zope cookies data point

Andreas Kostyrka andreas@kostyrka.priv.at
07 Sep 2002 09:03:50 +0200


Am Die, 2002-08-27 um 00.40 schrieb Kyler Laird:
> On Mon, Aug 26, 2002 at 06:26:19PM -0400, Chris McDonough wrote:
> 
> > FWIW, Shane mentioned that sessions use cookies, but on the 2.6 branch
> > (the trunk) it's possible to do "cookieless" sessioning via the
> > automatic embedding of browser ids in the URL.  It makes for very ugly
> > URLs, though, and you still need to either post to forms with
> > Zope-generated URLs or embed the browser id in a hidden form element.
> 
> Yeah, I've gone through those contortions.  I'd like to
> avoid doing it again.
> 
> My preference is to avoid trying to weld "sessions" into
> HTTP.  When *I* cut something, it should be in *my*
> "clipboard".  I'm authenticated as me.  That should be
Well, there is no such thing as a YOUR clipboard. Especially in cases
where there are multiple client sessions open. So associating a
clipboard with an user object is plain wrong.
> enough information to find what I just cut.  It will
> also work when I'm using multiple browsers (because I
As long as there is only "one user transaction in progress". Consider
cases where you are interrupted, do something in another browser (or
someplace else) and then return to your orginal work, ...

> still haven't figured out how to use tabs in textareas
> in Mozilla/Galeon).
Well, konqueror works like a charm, I use Mozilla for user testing (as I
can kill it easily and make it forget the auth-info in this way :) )
> 
> I like the idea of using the authentication ID as the
> key for a session manager, but it seems like something
> much simpler should suffice.
Well, a clipboard by design must be connected with the session in some
way. Either a direct Cookie or some Sessionbased stuff, ...
Or you rename Cut,Copy and Paste (because you change the semantics of
the clipboard completly).

Andreas