On 10/3/05, Sylvain Wallez <[EMAIL PROTECTED]> wrote: > Tony Collen wrote: > > > Pier Fumagalli wrote: > > > >> I found this on the Jetty list, and thought it was relevant as in the > >> examples we tend to encode the continuation ID into the URL... > >> > >> This is f***ing scary!!! > >> > >> Pier > > > > > > > > Maybe it's time we make Cocoon automatically pull the continuation ID > > from a session tied to a cookie. > > > That won't work as a continuation is related to the page displayed in > the browser rather than to the browser itself, as is a cookie.
We did this for a while; our user base doesn't generally fork the browser and rarely uses back (all menu driven). However, it's simpler to just automatically add the continuation to the form as a hidden field. We've got a 80 line (or so) transformer that finds all forms and adds the continuation. We just add this transformer to the end of any pipeline that might be creating forms... > I'm with Reinhard: let's tie continuations to sessions, which should be > fine for 99.9% of the use cases. Even if the continuation ID is in the > URL, it won't be accessible without the session id cookie. > > Sylvain > > -- > Sylvain Wallez Anyware Technologies > http://people.apache.org/~sylvain http://www.anyware-tech.com > Apache Software Foundation Member Research & Technology Director > > -- Peter Hunsberger
