[Zope3-Users] Authentication without cookies
Hermann Himmelbauer
dusty at qwer.tk
Tue Apr 15 03:48:02 EDT 2008
Am Montag, 14. April 2008 19:17 schrieb Jonathan:
> ----- Original Message -----
> From: "Peter Bengtsson" <peter at fry-it.com>
> To: "Hermann Himmelbauer" <dusty at qwer.tk>
> Cc: <zope3-users at zope.org>
> Sent: Monday, April 14, 2008 12:55 PM
> Subject: Re: [Zope3-Users] Authentication without cookies
>
> > Slightly off-topic: What mobile browsers that support XHTML don't
> > support cookies these days? Don't need an accurate answer but I'm
> > curious about rough numbers.
>
> Here is an interesting read on mobile web site authoring
> http://www.passani.it/gap/. It indicates that '80%' of devices have some
> level/form of cookie support.
Thanks, that's an interesting read! It's astonishing, how bad standards are
implemented in mobile browsers. The summary seems to be to either use
adaptation, which means to optimize the code to a variety of browsers/phone
models (recommended way) or to use a very limited subset, a least common
denomiator. Things that are not recommended to use for mobile pages are such
simple things such as:
- Use only simple inline-CSS or none
- Do not try to colour links
- Cookies are not reliable
- Page caching may lead to problems
> Hermann, as a test you could try setting a cookie, do an http redirect and
> see if your cookie is accessible.
Yes that's an option, thanks. However, it seems, the better praxis is to
entirely avoid cookies for mobile clients and store a session key in the URL.
Best Regards,
Hermann
--
hermann at qwer.tk
GPG key ID: 299893C7 (on keyservers)
FP: 0124 2584 8809 EF2A DBF9 4902 64B4 D16B 2998 93C7
More information about the Zope3-users
mailing list