[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnumed-devel] GNUmed web interface - state of affairs

From: Sebastian Hilbert
Subject: Re: [Gnumed-devel] GNUmed web interface - state of affairs
Date: Fri, 16 Jul 2010 08:05:25 +0200
User-agent: KMail/1.13.3 (Linux/2.6.33-6-desktop; KDE/4.4.5; i686; ; )

Am Freitag 16 Juli 2010, 03:58:27 schrieb Jim Busser:
> On 2010-07-15, at 7:47 AM, Sebastian Hilbert wrote:
> > as long as
> > the user does not clear the browser's cache, the user will always be
> > connected to the exact same back-end web server process.
> Will the backend need a special table in which to store these cookies?

> Is the need for permanent cookies or (for example) would once-a-day cookies
> be sufficient?
Depends on how often the user wants to log in. There will be some sort of 
cookie lives until timeout and/or browser-closes.

> If the backend cannot know which cookies will never again be used, because
> the user
> may upgrade a browser, without bringing forward the cookies
> may use a variety of browsers, and not use them again
> may use a guest machine, and never use it again (risk)
> may turn off cookies and generate new ones
>       (what happens to the old browser side cookies?)
> should the server be designed to refuse connections from browsers that will
> not accept cookies, and to periodically (daily) flush all cookies?
Flushing all cookies is a good idea. I am not sure if refusing connections is 
possible. There is no way for the browser to tell if the browser accepts a 
cookie. One can however in the login page (client-side) detect that cookies 
are turned of and refuse to connect to the server unless cookies are turned on 
(or at least the browser reports it)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]