Moving to 2.8
Locked
 
|
In attempting to move Gjallar from 2.7 to 2.8 I am looking to find the
equivalent of redirectWithCookie: am I missing something? Keith _______________________________________________ Seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
> In attempting to move Gjallar from 2.7 to 2.8 I am looking to find the
> equivalent of redirectWithCookie: am I missing something? This was a relict from the old API. It should probably be put into the deprecated code, if it is not there. Lukas -- Lukas Renggli http://www.lukas-renggli.ch _______________________________________________ Seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
> > In attempting to move Gjallar from 2.7 to 2.8 I am looking to find the
> > equivalent of redirectWithCookie: am I missing something? > > This was a relict from the old API. It should probably be put into the > deprecated code, if it is not there. Sorry, I was talking about #heading:level:. #redirectWithCookie: is not needed anymore, I didn't consider it a public method. Have a look at WACookieSession to see how you can add a cookie. Lukas -- Lukas Renggli http://www.lukas-renggli.ch _______________________________________________ Seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
2007/7/10, Lukas Renggli <[hidden email]>:
> > > In attempting to move Gjallar from 2.7 to 2.8 I am looking to find the > > > equivalent of redirectWithCookie: am I missing something? > > > > This was a relict from the old API. It should probably be put into the > > deprecated code, if it is not there. > > Sorry, I was talking about #heading:level:. > > #redirectWithCookie: is not needed anymore, I didn't consider it a > public method. Have a look at WACookieSession to see how you can add a > cookie. IMHO WASession should offer an easy way to add a generic cookie. Philippe > Lukas > > -- > Lukas Renggli > http://www.lukas-renggli.ch > _______________________________________________ > Seaside mailing list > [hidden email] > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside > Seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
> > > > In attempting to move Gjallar from 2.7 to 2.8 I am looking to find the
> > > > equivalent of redirectWithCookie: am I missing something? > > > > > > This was a relict from the old API. It should probably be put into the > > > deprecated code, if it is not there. > > > > Sorry, I was talking about #heading:level:. > > > > #redirectWithCookie: is not needed anymore, I didn't consider it a > > public method. Have a look at WACookieSession to see how you can add a > > cookie. > > IMHO WASession should offer an easy way to add a generic cookie. What do you need cookies for? Using cookies is usually a bad smell in Seaside. Cookies are just stupid strings. Lukas -- Lukas Renggli http://www.lukas-renggli.ch _______________________________________________ Seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
2007/7/10, Lukas Renggli <[hidden email]>:
> > > > > In attempting to move Gjallar from 2.7 to 2.8 I am looking to find the > > > > > equivalent of redirectWithCookie: am I missing something? > > > > > > > > This was a relict from the old API. It should probably be put into the > > > > deprecated code, if it is not there. > > > > > > Sorry, I was talking about #heading:level:. > > > > > > #redirectWithCookie: is not needed anymore, I didn't consider it a > > > public method. Have a look at WACookieSession to see how you can add a > > > cookie. > > > > IMHO WASession should offer an easy way to add a generic cookie. > > What do you need cookies for? If someone has already voted in a poll. If someone has already seen the fucking annoying flash intro. SSO I'm sure I could come up with more. Philippe > Using cookies is usually a bad smell in Seaside. Cookies are just > stupid strings. > > Lukas > > -- > Lukas Renggli > http://www.lukas-renggli.ch > _______________________________________________ > Seaside mailing list > [hidden email] > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside > Seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
> I'm sure I could come up with more. > > Philippe Gjallar uses them for login, I think (since I didn't write the code) that the reason is that at least you can stay logged in, even if you cant keep your seaside session alive indefinitely. Since it is common to subclass WASession, I am not convinced that putting extra behaviour in WACookieSession is helpful. Fortunately we arent using session cookies. Keith _______________________________________________ Seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
In reply to this post by Lukas Renggli
Lukas Renggli wrote:
>> > > > In attempting to move Gjallar from 2.7 to 2.8 I am looking to >> find the >> > > > equivalent of redirectWithCookie: am I missing something? >> > > >> > > This was a relict from the old API. It should probably be put into >> the >> > > deprecated code, if it is not there. >> > >> > Sorry, I was talking about #heading:level:. >> > >> > #redirectWithCookie: is not needed anymore, I didn't consider it a >> > public method. Have a look at WACookieSession to see how you can add a >> > cookie. >> >> IMHO WASession should offer an easy way to add a generic cookie. > > What do you need cookies for? > > Using cookies is usually a bad smell in Seaside. Cookies are just > stupid strings. > > Lukas > to copy and paste a URL to someone else, allowing them to effectively hijack their session, be it on purpose (to share a subscription service or similar) or by accident. It also allows for session fixation by someone trying to manipulate a user... "Hey, use this link! http://www.somesite.com/?_s=1234" user logs in, then the "attacker" can hijack the users session (by using the same id - 1234.) Not so easy with Cookies. However, I noticed a bug - but can't remember if I already mailed this list about it or not - it appears when using cookies for session variable, the #initialRequest: method is bypassed completely - it may not have been this method but it was one equally as important; I shall investigate once again when I get time to, but just incase anyone remembers me mailing about it before? John www.pinesoft.co.uk Pinesoft Computers are registered in England, Registered number: 2914825. Registered office: 266-268 High Street, Waltham Cross, Herts, EN8 7EA This message has been scanned for viruses by BlackSpider MailControl - www.blackspider.com _______________________________________________ Seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
In reply to this post by Philippe Marschall
> > What do you need cookies for?
> > If someone has already voted in a poll. > If someone has already seen the fucking annoying flash intro. All things I don't like ... Anyway, I added #redirectWithCookie: to WASession again. Please note that this might do something slightly different than in 2.7, where this was supposed to be used for session-cookies only. Now the session cookies have been separated into WACookieSession and don't pollute the generic session class anymore, however I don't know if that was a good idea. Lukas -- Lukas Renggli http://www.lukas-renggli.ch _______________________________________________ Seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
On 7/10/07, Lukas Renggli <[hidden email]> wrote:
> Now the session cookies have been separated into WACookieSession and > don't pollute the generic session class anymore, however I don't know > if that was a good idea. I suspect it's not - it's nice to be able to switch back and forth easily between using cookies for sessions and using URL params (roughly speaking, I prefer cookies for deployment and URL params for dev). Apart from session keys, the other "legitimate" use of cookies IMO is for the "remember me" boxes on login screens that let the user bypass the login for the next 2 weeks or whatever. It wouldn't be a bad idea to have some standard support in Seaside for this, I think. Avi _______________________________________________ Seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
In reply to this post by John Thornborrow
> However, I noticed a bug - but can't remember if I already mailed this
> list about it or not - it appears when using cookies for session > variable, the #initialRequest: method is bypassed completely - it may > not have been this method but it was one equally as important; I shall > investigate once again when I get time to, but just incase anyone > remembers me mailing about it before? Yes, we are aware of it. http://bugs.squeak.org/view.php?id=6527 Hover since I prefer to eat cookies, it has a low priority for me. If you have any suggestions or patches ready we would really appreciate that. Lukas -- Lukas Renggli http://www.lukas-renggli.ch _______________________________________________ Seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
In reply to this post by Avi Bryant-2
> I suspect it's not - it's nice to be able to switch back and forth
> easily between using cookies for sessions and using URL params > (roughly speaking, I prefer cookies for deployment and URL params for > dev). Ok, I see. It was an experiment. Lukas -- Lukas Renggli http://www.lukas-renggli.ch _______________________________________________ Seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
RE: Moving to 2.8
|
|
In reply to this post by Avi Bryant-2
Hmm, how do you get embedded flash components to submit proper cookies
when making requests from inside flash back to some callbacks? Last time I tried to get our fusion charts to pass the right cookie when using Firefox I failed miserable, it seemed to be passing some old cookie and who knows where that came from... So I abandoned cookie'd session for now, but would love to bring them back at some point, any hints would be appreciated. Cheers! -Boris -- +1.604.689.0322 DeepCove Labs Ltd. 4th floor 595 Howe Street Vancouver, Canada V6C 2T5 http://tinyurl.com/r7uw4 [hidden email] CONFIDENTIALITY NOTICE This email is intended only for the persons named in the message header. Unless otherwise indicated, it contains information that is private and confidential. If you have received it in error, please notify the sender and delete the entire message including any attachments. Thank you. > -----Original Message----- > From: [hidden email] [mailto:seaside- > [hidden email]] On Behalf Of Avi Bryant > Sent: Tuesday, July 10, 2007 10:10 AM > To: Seaside - general discussion > Subject: Re: [Seaside] Moving to 2.8 > > On 7/10/07, Lukas Renggli <[hidden email]> wrote: > > > Now the session cookies have been separated into WACookieSession and > > don't pollute the generic session class anymore, however I don't > > if that was a good idea. > > I suspect it's not - it's nice to be able to switch back and forth > easily between using cookies for sessions and using URL params > (roughly speaking, I prefer cookies for deployment and URL params for > dev). > > Apart from session keys, the other "legitimate" use of cookies IMO is > for the "remember me" boxes on login screens that let the user bypass > the login for the next 2 weeks or whatever. It wouldn't be a bad idea > to have some standard support in Seaside for this, I think. > > Avi > _______________________________________________ > Seaside mailing list > [hidden email] > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside Seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
In reply to this post by Lukas Renggli
Cool, I couldn't remember if I had logged it or not.
I've got some work coming up soon that will involve that area, so I'll certainly do my best to resolve the issue and of course share what I find. Regards, John www.pinesoft.co.uk Lukas Renggli wrote: >> However, I noticed a bug - but can't remember if I already mailed this >> list about it or not - it appears when using cookies for session >> variable, the #initialRequest: method is bypassed completely - it may >> not have been this method but it was one equally as important; I shall >> investigate once again when I get time to, but just incase anyone >> remembers me mailing about it before? > > Yes, we are aware of it. > > http://bugs.squeak.org/view.php?id=6527 > > Hover since I prefer to eat cookies, it has a low priority for me. If > you have any suggestions or patches ready we would really appreciate > that. > > Lukas > Pinesoft Computers are registered in England, Registered number: 2914825. Registered office: 266-268 High Street, Waltham Cross, Herts, EN8 7EA This message has been scanned for viruses by BlackSpider MailControl - www.blackspider.com _______________________________________________ Seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
«
Return to Seaside General
|
1 view|%1 views
| Free forum by Nabble | Edit this page |