From: Joerg Heinicke <[EMAIL PROTECTED]>
Sonny Sukumar wrote:
Anyhow, 2 other reasons I'd prefer URL/link rewriting not to occur when cookies are enabled:
1.) It takes up precious time to parse a document and rewrite links.
IMO this can be ignored. The second reason is much more important.
Ignore performance? I don't think you meant that per se, but I get what you're saying in light of the good point you made below.
We do the link rewriting ourself in a XSLT stylesheet when generating the page. This is especially useful if you need rewritten JavaScript links.
Does the include/exclude params offered by the EncodeURLTransformer make it to hard to encode JS links? I haven't done too much with JS myself, so I was just wondering.
2.) If someone closes the browser, the session is gone, whereas a cookie still remains even after closing the browser and can be used to re-establish the same session, provided the session is still valid on the server.
This is true and maybe important for you or your user's comfort. As we develope mostly applications related to banking or payment the security issues are more important for us. If anybody leaves his PC for 5 minutes for smoking or coffee nobody else shall simply open the browser and order something with the other one's identity. So we abstain from cookies completely.
Ok, I get why you prefer rewriting now. :-) It is a very good point actually, and while I'm working on B2C e-commerce and not for a major financial institution, I think I would do well to keep that in mind.
It seems like some of the major ecomm sites (like bn.com, amazon) use link rewriting whereas some others (like vicoriassecret.com) don't. I just gleaned this info from a cursory glance at these sites.
Sonny
Joerg
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
_________________________________________________________________
Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
