Hi,
Maybe I didn't understand well the question, but if the user wants to create
a session that works only in a certain window, but doesn't work in the other
windows, a simple cookie can be used if its expiry date is set to 0.
This way the cookie won't be saved, but it will be memorised by the current
window of the browser, and if the browser window is closed, the session ID
is lost, and the user must log in again for creating another session.
Same thing if he wants to use another window.
Isn't this what is needed?
Octavian
----- Original Message -----
From: "Hermida, Leandro" <[EMAIL PROTECTED]>
To: "The elegant MVC web framework" <[email protected]>
Sent: Monday, January 08, 2007 3:48 PM
Subject: RE: [Catalyst] Browser window/tab independent sessions
-----Original Message-----
From: Perrin Harkins [mailto:[EMAIL PROTECTED]
Sent: Friday, January 05, 2007 22:26
To: [EMAIL PROTECTED]; The elegant MVC web framework
Subject: Re: [Catalyst] Browser window/tab independent sessions
On Fri, 2007-01-05 at 20:44 +0000, Ian Docherty wrote:
> Does anyone try to keep different state information in different
> browser windows/tabs?
Back in the old days, when we used to make websites with our
stone knives and bear skins, we used to keep state
information in hidden form fields and query strings. These
techniques have none of the "global state" problems that cookies do.
Putting things that are specific to a window/tab in a
cookie-based session is a pet peeve of mine actually, since
it can break things so spectacularly. If you check, you'll
see that all of the major web sites like Yahoo and Amazon are
careful to avoid this kind of issue (multiple tabs don't
interfere with each other) and they generally seem to use the
old-school techniques.
> How would I create these URI's for each window. I suppose I
would have
> to have a 'create new window' button in the application
that generated
> a new window with a unique window_session?
Users are not going to like that. You'll never be able to
get something like this working without becoming totally
dependent on JavaScript to manipulate your URLs and tell you
when new windows are opening. At that point, the hidden form
fields will look really easy by comparison.
- Perrin
The way cookies work for holding application state has the limitation of
being for every window/tab of that browser type (someone please correct
me if I am wrong). Use Catalyst::Plugin::Session::State::URI to pass
the session IDs through the URI but please read the POD on security
issues related to this!!! I also had to write an app sometime ago where
I didn't use cookies so I just passed the session ID in form hidden
fields (for POSTs) and in the URI (for GETs). Then each browser
window/tab will have its own independent session no prob..
Leandro
_______________________________________________
List: [email protected]
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[email protected]/
Dev site: http://dev.catalyst.perl.org/
_______________________________________________
List: [email protected]
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[email protected]/
Dev site: http://dev.catalyst.perl.org/
