[
Lists Home |
Date Index |
Thread Index
]
At 11:32 PM -0500 1/5/04, Rich Salz wrote:
>> Similarly other
>> information that is often stored in cookies--shopping cart contents,
>> path through a site, time of login, etc.--also need not be stored in
>> the URL. The server maintains this information as it does even with
>> cookies, at least in a secure system) and displays it to the user in
>> the content of the page. However, it need not show up in referrer
>> logs, browser location bars, and other such insecure places.
>
>I don't understand how you could do this. Can you explain? The
>client doesn't need the time of login, the server does. I don't see
>what is the point of putting it in a clickable URL that the client could
>fetch. Who cares if the client ever fetches it?
Sorry if I wasn't clear. I think we agree on this point. You don't
have to put it in the URL, and indeed shouldn't. Just store it on the
server as part of the state of whatever resources the URL refers to.
The client doesn't need to fetch it or see it.
--
Elliotte Rusty Harold
elharo@metalab.unc.edu
Effective XML (Addison-Wesley, 2003)
http://www.cafeconleche.org/books/effectivexml
http://www.amazon.com/exec/obidos/ISBN%3D0321150406/ref%3Dnosim/cafeaulaitA
|
