[cgiapp] Persistence
Stephen Carville
stephen.carville at gmail.com
Wed Feb 6 19:22:32 EST 2008
On Feb 6, 2008 3:39 PM, Dan Horne <dan.horne at redbone.co.nz> wrote:
> Mark Fuller said:
>
> > I thought the problem with putting the session ID in the URL is that
> > the user might copy/paste the URL to others. When they try to use it,
> > the app would have no way to know it's not the real user?
> >
>
> Another problem is bookmarks. A user may bookmark a page, but when they
> come back a couple of days later, the session has expired. They might also
> email a link to others, and that link may not work for the same reason.
Seems to me it makes more sense to embed the session ID or any other
tracking as hidden variables in a form and send it back as a POST.
--
Stephen Carville
More information about the cgiapp
mailing list