On 02/10/2009 10:55 AM, Peter Saint-Andre wrote: Hi!
> 1. Nathan Fritz raised the issue of session collisions, which they've > seen at Seesmic. As far as I know, no conclusions were reached on this > issue. Feel free to expland on this if you were part of the discussions. If I remember correctly, the conclusion was to take it to this list to explore the problem further. My understanding of this problem is this: Most BOSH-pages behave like an application that logs on (with all the SASL stuff and more) when you open the page. On pages like these, a reload results in a new login, opening a new tab of the same page results in a second connection. But not at Seesmic, there they decided to store the state of BOSH in cookies. This to make it possible to visit another page and return to your old session. When a second tab is opened this results in two BOSH connections to the same session. This results in unpredictable behaviour of the session manager: pubsub pushes are distributed iteratively or randomly over the different tabs. As a workaround the tigase sessionmanager now closes the first read connection if a second one is opened at the same time (I hope I say this correctly). This workaround has a disadvantage: it looks like a good way to enable session-hijacking. An other possible solution that was discussed was giving each tab an own resource, but it was not clear if this was an option in Seesmics situation. More additions are welcome. > 3. In a hallway discussion at 2 AM one morning, Fabio Forno mentioned to > me that the spec might explicitly say that a BOSH connection manager > could support HTTP cookies as an optimization (support would be > completely optional). I don't know if he brought this up during the > meetings because I was roving around from group to group. This was not discussed during the meeting. > What am I missing? Another hallway discussion on off-beat times that was not discussed in the group, was on JSON over XMPP/BOSH. Does somebody feel the need to discuss it here? best wishes, Winfried -- http://www.tilanus.com xmpp:[email protected] tel. 015-3613996 / 06-23303960 fax. 015-3614406
