On Wed, Jun 27, 2001 at 10:59:16AM -0700, Rob Bloodgood wrote:
me, on the other hand, i don't see the problem with
on incoming request
if has-cookie 'session'
{
update serverside 'accesstime' for session[this] to NOW
On Mon, Jun 25, 2001 at 04:54:59PM -0700, Rob Bloodgood wrote:
maybe storing 'last-access-time' on the server, instead of in
the client-side, via cookie, would solve this snafu?
But if you want to give out a new cookie on every request ?
How would you prevent them from copying or
me, on the other hand, i don't see the problem with
on incoming request
if has-cookie 'session'
{
update serverside 'accesstime' for session[this] to NOW
Oh yeah? HOW???
if not-modified-since
On Fri, Jun 22, 2001 at 12:32:28PM -0700, Doug MacEachern wrote:
quoting his email:
The cookie records, in part, the time of the last access to
the site. Therefore for each access the cookie is updated.
that to me sounds like a header which may have changed independently of
the
will trillich wrote:
On Fri, Jun 22, 2001 at 12:32:28PM -0700, Doug MacEachern wrote:
quoting his email:
The cookie records, in part, the time of the last access to
the site. Therefore for each access the cookie is updated.
that to me sounds like a header which may have changed
maybe storing 'last-access-time' on the server, instead of in
the client-side, via cookie, would solve this snafu?
But if you want to give out a new cookie on every request ?
How would you prevent them from copying or tampering with the contents?
a MD5-hash would stop them from changing
Hi Randal,
the reason i want this, is that i am building a authentication-scheme which
uses tickets to make sure that only one user can be logged in on one account.
When the ticket expires and the old user wants another page i want to silently
reissue a new ticket if nobody else tried to
Randal L. Schwartz writes
Uh, it seems a bit fishy to me. nothing's changed, but by the way,
set this cookie please. Why change a cookie if nothing else has
changed?
If the HTTP headers were only about the document then I would agree.
However, if we look at this set of headers from a
Doug == Doug MacEachern [EMAIL PROTECTED] writes:
Doug i passed it along the same day:
Doug http://hypermail.linklord.com/new-httpd/2001/Jun/0507.html
Doug still awaiting response on my interpretation of the rfc, seems perfectly
Doug valid to include the set-cookie header with a 304 response.
Hi,
Thanks for your answer, saved me days of probably fruitless fidling around with
modperl.
Your solution solved my problems (see Sending Cookies on Page-Reload)
the question remains if this violates some RFC's (or breaks some browsers),
and if there is some other way - like faking that the
How can I force Apache to send the Set-Cookie header even if the
document being delivered has not changed? I suspect that I am not
the
first person to run into this problem. A search of the list was
unsuccessful, unfortunately.
i've not tested, but it looks like Set-Cookie is left out
11 matches
Mail list logo
