Re: Determination if a client has sessions enabled or not.
Ben, I don't know of any way of checking (someone correct me if I'm wrong!). What I have done is to attach an attribute to the session, redirect to a small .jsp page with a div visibility: hidden; tag surronding a form that automatically submits back to the servlet. The servlet can then check if the attribute is still there and if not, you know sessions are disabled. -Mike Fowler I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it Ben Bookey wrote: Dear List, I would like to check if a client has cookies/sessions enabled in the start page of my webapp. whats the best way of doing this? regards Ben - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Determination if a client has sessions enabled or not.
hi, this begs the question, is it bad practice to require users to enable cookies? --- Mike Fowler [EMAIL PROTECTED] wrote: Ben, I don't know of any way of checking (someone correct me if I'm wrong!). What I have done is to attach an attribute to the session, redirect to a small .jsp page with a div visibility: hidden; tag surronding a form that automatically submits back to the servlet. The servlet can then check if the attribute is still there and if not, you know sessions are disabled. -Mike Fowler I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it Ben Bookey wrote: Dear List, I would like to check if a client has cookies/sessions enabled in the start page of my webapp. whats the best way of doing this? regards Ben - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Determination if a client has sessions enabled or not.
It may also be asked if it is bad practice to require the user to enable pop-ups. I would think not as many businesses force internal users to disable cookies and pop-ups. If your application requires either then it is not always useable. Food for thought. Robert S. Harper 801.265.8800 ex. 255 -Original Message- From: Woodchuck [mailto:[EMAIL PROTECTED] Sent: Friday, June 25, 2004 9:29 AM To: Tomcat Users List Subject: Re: Determination if a client has sessions enabled or not. hi, this begs the question, is it bad practice to require users to enable cookies? --- Mike Fowler [EMAIL PROTECTED] wrote: Ben, I don't know of any way of checking (someone correct me if I'm wrong!). What I have done is to attach an attribute to the session, redirect to a [snip] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Determination if a client has sessions enabled or not.
I tend to agree and would advocate the use of URL encoding for all stateful web-apps. However they have the drawback of making your URL look something like: http://localhost:8080/manager/html/list;jsessionid=C76172F9BD3E29A9AFDEBDA349F853DF So you use cookies for tidy URLs. -Mike Fowler I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it Woodchuck wrote: hi, this begs the question, is it bad practice to require users to enable cookies? --- Mike Fowler [EMAIL PROTECTED] wrote: Ben, I don't know of any way of checking (someone correct me if I'm wrong!). What I have done is to attach an attribute to the session, redirect to a small .jsp page with a div visibility: hidden; tag surronding a form that automatically submits back to the servlet. The servlet can then check if the attribute is still there and if not, you know sessions are disabled. -Mike Fowler I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it Ben Bookey wrote: Dear List, I would like to check if a client has cookies/sessions enabled in the start page of my webapp. whats the best way of doing this? regards Ben - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Determination if a client has sessions enabled or not.
it used to be more common to have warnings on websites that say cookies are required. nowadays, these warnings are not there anymore and it's assumed cookies will be available. and if cookies are disabled by the user, and the website requires it, the user will be promptly halted. i'm coming from a web developer perspective, so i guess what i'm getting at is that it seems to me something is wrong when a website has to cater to non-cookie-enabled browsers/users. this argument can also be extended to other things like browser make/version, javascript (on/off), etc. etc. is it really harsh to say no cookies = no website nowadays? in my humble opinion, this is no. --- Robert Harper [EMAIL PROTECTED] wrote: It may also be asked if it is bad practice to require the user to enable pop-ups. I would think not as many businesses force internal users to disable cookies and pop-ups. If your application requires either then it is not always useable. Food for thought. Robert S. Harper 801.265.8800 ex. 255 -Original Message- From: Woodchuck [mailto:[EMAIL PROTECTED] Sent: Friday, June 25, 2004 9:29 AM To: Tomcat Users List Subject: Re: Determination if a client has sessions enabled or not. hi, this begs the question, is it bad practice to require users to enable cookies? --- Mike Fowler [EMAIL PROTECTED] wrote: Ben, I don't know of any way of checking (someone correct me if I'm wrong!). What I have done is to attach an attribute to the session, redirect to a [snip] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Determination if a client has sessions enabled or not.
I think it's a good idea to try as much as possible to cater to cookieless users, differing browsers and so on as this allows you to create a single web-app that will function and look the same across a multitude of browsers. As a Mozilla user I come across site after site that takes advantage of non-standard IE extensions that make the page virtually unviewable for me. Of course, trying to develop to cater to all these possibilities does make life a lot more difficult that it may need to be! -Mike Fowler I could be a genius if I just put my mind to it, and I, I could do anything, if only I could get 'round to it Woodchuck wrote: it used to be more common to have warnings on websites that say cookies are required. nowadays, these warnings are not there anymore and it's assumed cookies will be available. and if cookies are disabled by the user, and the website requires it, the user will be promptly halted. i'm coming from a web developer perspective, so i guess what i'm getting at is that it seems to me something is wrong when a website has to cater to non-cookie-enabled browsers/users. this argument can also be extended to other things like browser make/version, javascript (on/off), etc. etc. is it really harsh to say no cookies = no website nowadays? in my humble opinion, this is no. [snip] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Determination if a client has sessions enabled or not.
I agree that cookies are a very useful tool. My point is that we have two conflicting interests, the user's desire to protect themselves from malicious attacks and loss of privacy and the developer's need to keep information about the current session. If you want to work in all cases, then some other method should be used. If it is OK with your business model to loose customers/users due to loss of some feature, then that is OK. Often the sales people and other managers are not OK with any loss. Just a thought. Robert S. Harper 801.265.8800 ex. 255 -Original Message- From: Woodchuck [mailto:[EMAIL PROTECTED] Sent: Friday, June 25, 2004 10:16 AM To: Tomcat Users List; [EMAIL PROTECTED] Subject: RE: Determination if a client has sessions enabled or not. it used to be more common to have warnings on websites that say cookies are required. nowadays, these warnings are not there anymore and it's assumed cookies will be available. and if cookies are disabled by the [snip] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]