[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev thoughts on cookie file w/multiple sessions

From: brian j. pardy
Subject: Re: lynx-dev thoughts on cookie file w/multiple sessions
Date: Thu, 19 Nov 1998 11:30:26 -0800 (PST)

On Thu, 19 Nov 1998, Lloyd G. Rasmussen wrote:

> On Thu, 19 Nov 1998 09:27:01 -0800 (PST), 
> brian j. pardy  <address@hidden> wrote:
> >On Thu, 19 Nov 1998, Klaus Weide wrote:
> >
> >> On Wed, 18 Nov 1998, brian j. pardy wrote:
> >> 
> >> > With the way I have things up there, whichever copy of Lynx is exited 
> >> > first
> >> > will be the session with the cookie that is saved.
> >> > 
> >> > So it's pretty much an even shot either way. I don't like this, and can't
> >> > really think of a way to do handle this without (for example) 
> >> > timestamping
> >> > individual cookies (possibly with comments in the cookie file?).
> >> 
> >> Give each session its own cookie file, and merge them (if you wish) after
> >> they are done?
> >
> >That can be done, probably best using temp files as is being done for 
> >downloaded files.
> >
> >However, that still doesn't do anything for us to decide which cookie to
> >keep when merging the files if we have >=2 identical domain/name/path 
> >cookies with different values.
> >
> >Example:
> >
> >Session1 has a cookie with 'uid=foo' name=value pair in it.
> >Session2 has a cookie with 'uid=foo' name=value pair.
> >
> >Session2 goes to the site that sent the uid=bar cookie, and uses their
> >'logout' function, which nulls out the cookie (thus deleting it), and
> >then the user logs in again as a different user, causing the site to send
> >a 'uid=bar' name=value pair.
> >
> >So now, upon each session's exit, they will write differing cookies to
> >their individual cookie files. How to reconcile which one is worth keeping
> >when merging them?
> If a single user runs multiple simultaneous Lynx sessions, he/she 
> deserves to have the cookies mixed up, but only in his/her workspace.  
> If multiple users are running one copy of Lynx, their cookies should 
> be kept separate.  If they are going to be persistent cookies, they 
> should be persistently separate, one file per user, I would think.  If 
> this is an anonymous site, persistent cookies are probably a bad idea, 
> but the nonpersistent variety would still be useful.  That's my two 
> cents.

Oh, yes, I'm talking about multiple simultaneous Lynx sessions by a single
user, not more than one instance invoked by different users.

I would *like* to have Lynx do something to protect an individual user
if he/she spawns more than one Lynx process (I know I do it enough, but
I haven't had many problems because there are only about three sites I
accept cookies from) because it doesn't seem right to have cookie storage
be based only on the order each instance is exited.

Netscape handles this by disabling writing to the bookmarks/cookie/etc 
files when more than one instance is running -- I certainly don't think
this is an acceptable choice.

GPG & PGP public keys: <URL:> 
PGP fingerprint: 42 57 B3 D2 39 8E 74 C3  5E 4D AC 43 25 D2 26 D4

reply via email to

[Prev in Thread] Current Thread [Next in Thread]