* Dave Rolsky <[EMAIL PROTECTED]> [2008-01-21 07:10]: > On Mon, 21 Jan 2008, Aristotle Pagaltzis wrote: >> The part where web browsers really do suck – and I really mean >> suck utterly terribly – is HTTP Auth, which makes you have to… >> well, you don’t quite have to violate REST constraints, but >> you are forced to traipse into grey areas like cookie-based >> auth (not sessions!). > > I think sessions _can_ be RESTful if they are part of the URI, > though you probably wouldn't want to use them for auth.
Yes – my focus was on cookies, not sessions. * Jonathan Rockway <[EMAIL PROTECTED]> [2008-01-21 08:55]: > Along these lines, how is everyone doing multi-page forms? I > like to do GET/POST/redirect, but that needs the session to get > the data from page 1 to page 2. Without a session, I use the > old "POST returns the form with hidden fields that is page 1", > but i *hate* that technique. So I use the session. (I also use > the Flash for "You've added a record successfully!" messages. > Totally non-RESTful, but the users seem to like it.) Just like Dave described above: instead of using a cookie to pull in the session, but the session ID in the URI, so the redirect after the POST sends the browser to a URI that is unique to that user. Personally, I don’t use the session stuff at all, I just throw the “flash” info and such in the database and pull it out manually. It’s really not much work thanks to Catalyst, though once I grok Catalyst itself better I might create an Action plus Plugin or something like that to abstract away some of the work, so one doesn’t need to wire up everything manually for flyweight minting of resources and URIs. The idea is you’d stow away bits of data pertaining to a particular anticipated request, rather than pertaining to a “session.” I guess in a way it’ll feel more like Apache::Session::Counted than a traditional session API. Regards, -- Aristotle Pagaltzis // <http://plasmasturm.org/> _______________________________________________ List: [email protected] Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
