[thelist] Cookies and Session state for Authentication
Anthony Baratta
Anthony at Baratta.com
Thu May 13 16:27:38 CDT 2004
At 01:45 PM 5/13/2004, pouncyisdead wrote:
>What is the best combination of cookies, sessions or anything else for
>browsers with high privacy settings, when trying to maintain state?
You can use the session info in the URL e.g. ?sID=9384848jd94737nndnd
What we did once was to interrogate the browser to see if it was accepting
cookies and if not, put the session id in the URL string. Then on the other
page if the session was not found via conventional methods we looked for
the URL string. Of course you need to make sure that EVERY URL built for
the protected area has the session id in the string.
More information about the thelist
mailing list