Hi.
I have found that having a session object is a rather bad idea. What
happens if there is such a beast is essentially communication of functions
through global variables. So I thought about the cure and found that having
server side "objects" that can be retrieved through an id enables "passing
of parameters by reference". The client does a request and gets an id with
the response, which he will return to the server with further requests to
refer to an object created with the first request.
The question however is: If I create an object on the server that is only
accessible to the requesting client (the id can be thaught of as a
password) - may this be done with a GET request? RFC 2616 says that the
idea of GET is that the client can not be held accountable for the side
effects of GET. If I however return an id to the client so that only this
client has access to the effects of the request this client is in full control.
An application for this would be to have a request that creates a result
set for an expensive search and returns an id to this.
Any comments appreciated,
Joachim
Is there a better place to discuss such a question?
--
"... ein Geschlecht erfinderischer Zwerge, die fuer alles gemietet werden
koennen." - Bertolt Brecht - Leben des Galilei
