Just one thing to add. There is a bug (at least with Mac studio and linux app server) in the Assign action. I've reported it. -- Session cookies do NOT get set with the Assign action.
The workaround is the <@ASSIGN> metatag -- this works. >Very cool stuff > >I can see how when the browser requests the page it also passes all the >values of the cookies. > >It reminds me alot of hidden args but cooler, more flexible and actualy >hidden hehe... > >Thanks for the info you guys (: > >----- Original Message ----- >From: "Scott Cadillac" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Sent: Wednesday, July 30, 2003 7:54 PM >Subject: RE: Witango-Talk: cookies > > >Hi Atrix, > >The passing of cookie assignments and values is done inside the HTTP >Headers, which are used by the Browser and Web Servers to communicate your >URL requests and webpage responses. > >Typically the HTTP Headers are hidden from view by most Browsers (and >Users), and not easily see even by web developers. You need a tool like >http://www.httpsniffer.com/ to see the Headers and to watch Cookies in >action. It's well worth the time to set up to fully appreciate what is >happening in the hidden background. > >In addition to what Ben said about Session Cookies > >> Without specifying the EXPIRES attribute >> this is a SESSION cookie (kinda of like >> Local/Request Scope) when you leave the >> domain that dropped the cookie the >> HELLO=THERE; will be deleted from the >> Cookie Jar. > >These cookies are not saved to any local Folders or harddrive, and only >reside in memory during the current Browser window session (a virtual >cookie-jar). > >These cookies only pass back their data to the Domain that assigned them, so >they are safe from capture by all other domains. Which is why Session >Cookies are not considered the same thing as regular cookies, because >regular cookies can be captured by other sites. Regular Cookies are what >those Marketing guys with the annoying popup adds are using. > >In the same Browser window session (regardless of Browser brand), if you >cruise to another site the Session Cookie is temporarily unavailable to >anybody else - but if you come back to the site that assigned it, it will be >available again to pass back. > >Once you close the Browser window that was used for "containing" these >Session cookies - the cookies are purged from memory automatically. > >The Witango <@USERREFERENCE> is a unique Session key and is stored as a >Session Cookie, called either "Tango_UserReference" or >"Witango_UserReference". > >That's why, when you close your Browser windows right after logging into a >website, and then reopen a new Browser session - you have to log back in, >even though you only logged in a moment ago. Because the "unique" Session >key has been lost and new unique key has to be generated. > >Hope this adds to Ben's Excellent Cookies (catchy name, eh). > >Cheers.... > >Scott Cadillac, >Witango.org - http://witango.org >403-281-6090 - [EMAIL PROTECTED] >-- >Information for the Witango Developer Community >--------------------- > >XML-Extranet - http://xml-extra.net >403-281-6090 - [EMAIL PROTECTED] >-- >Well-formed Development (for hire) >--------------------- > > >________________________________________________________________________ >TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > >________________________________________________________________________ >TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > Bill Conlon To the Point 345 California Avenue Suite 2 Palo Alto, CA 94306 office: 650.327.2175 fax: 650.329.8335 mobile: 650.906.9929 e-mail: mailto:[EMAIL PROTECTED] web: http://www.tothept.com ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
