> > Somehow it also manages to recover when cookies are turned
> off in the
> > middle of the session. �I'm not sure how.
>
> I don't believe you. :-)
>
> Except for form submission. It could embed the id in each
> form which could mitigate the problem, but not solve it.
>
It's probably easier to look at how PHP does it but maybe we could put
javascript in each page that makes sure the cookie __SID__ equals the
current session ID, if not equal, redirect to the ugly URL? Here's my
normal cookie enforcement stuff. Maybe modify it to hard code the
__SID__ in the comparison.
def writeCookieCheck(self):
self.writeln("""
<script language="javascript">
document.cookie = 'CookiesEnabled=1';
loc = document.location.toString();
if (document.cookie == '' &&
!loc.match(/NoCookies/))
{document.location.href='NoCookies';}
</script>
""")
-Jeff
_______________________________________________
Webware-discuss mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/webware-discuss
