[Newbie] Storing state in cookie instead of URL

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

[Newbie] Storing state in cookie instead of URL

Stef Telford
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello Everyone,
    So, I am playing around with Seaside.. generally digging it and
glad that I can do web development in my favourite language (Ruby is
nice, but, well, Smalltalk is nicer ;). I have taken the first
rudimentary steps, running Wakom, creating a simple page and storing
state.

    However, when I was in the configure panel for my application, I
switched the 'Use Session Cookie' to 'true', yet I still get the _k in
my URL. I would have expected the value for _k to be stored in the
session cookie. If this doesn't do this, then I have two questions;

    1) how do I get Seaside to use _k in cookies ?
    and
    2) what -does- 'use session cookie' do, if it doesn't put the
state (_k) into the cookie ?

    Also, if anyone has some nice fileouts of more examples, that
would be great. I tend to learn from taking things apart :)

    Thanks and Kudos on giving Smalltalk a nice web framework :D
    Regards
    Stef
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkjED8YACgkQANG7uQ+9D9U52QCghE1tU3GFKWpaRyXxI72+SOOr
xz4AmwdXSB7K1vSnpnoS9rHhPn+TVaQf
=Rs+7
-----END PGP SIGNATURE-----

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Reply | Threaded
Open this post in threaded view
|

Re: [Newbie] Storing state in cookie instead of URL

Philippe Marschall
2008/9/7 Stef Telford <[hidden email]>:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello Everyone,
>    So, I am playing around with Seaside.. generally digging it and
> glad that I can do web development in my favourite language (Ruby is
> nice, but, well, Smalltalk is nicer ;). I have taken the first
> rudimentary steps, running Wakom, creating a simple page and storing
> state.
>
>    However, when I was in the configure panel for my application, I
> switched the 'Use Session Cookie' to 'true', yet I still get the _k in
> my URL. I would have expected the value for _k to be stored in the
> session cookie. If this doesn't do this, then I have two questions;
>
>    1) how do I get Seaside to use _k in cookies ?

Not at all.

>    2) what -does- 'use session cookie' do, if it doesn't put the
> state (_k) into the cookie ?

the _s value (he session key)

Cheers
Philippe
_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Reply | Threaded
Open this post in threaded view
|

Re: [Newbie] Storing state in cookie instead of URL

Lukas Renggli
>  >    1) how do I get Seaside to use _k in cookies ?
>
> Not at all.

The back-button of you web-browser would stop to work, because
browsers don't backtrack cookies.

Cheers,
Lukas

--
Lukas Renggli
http://www.lukas-renggli.ch
_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Reply | Threaded
Open this post in threaded view
|

Re: [Newbie] Storing state in cookie instead of URL

Stef Telford
In reply to this post by Philippe Marschall
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Philippe Marschall wrote:

> 2008/9/7 Stef Telford <[hidden email]>:
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>>
>> Hello Everyone, So, I am playing around with Seaside.. generally
>> digging it and glad that I can do web development in my favourite
>> language (Ruby is nice, but, well, Smalltalk is nicer ;). I have
>> taken the first rudimentary steps, running Wakom, creating a
>> simple page and storing state.
>>
>> However, when I was in the configure panel for my application, I
>> switched the 'Use Session Cookie' to 'true', yet I still get the
>> _k in my URL. I would have expected the value for _k to be stored
>> in the session cookie. If this doesn't do this, then I have two
>> questions;
>>
>> 1) how do I get Seaside to use _k in cookies ?
>
> Not at all.
Ahhh.. judging from the reply, am I correct then in thinking that the
_s (session key) is then stored in the cookie after login/authn/authz
and because Smalltalk/Seaside has to grab objects from the
continuation, it has to know the _k value so that it can then find the
user objects, page objects, etc ?

In other words; To be able to get the objects (including the cookie
object), we need the _k outside so Smalltalk/Seaside can find it. If
that's the case, then the _k outside makes sense, and something I may
have to live with :)

Thanks for the quick reply btw.. pretty amazed - thank you :)
Stef

>> 2) what -does- 'use session cookie' do, if it doesn't put the
>> state (_k) into the cookie ?
>
> the _s value (he session key)
>
> Cheers Philippe _______________________________________________
> seaside mailing list [hidden email]
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkjEFH8ACgkQANG7uQ+9D9U8fgCaApVhjFJiP0E471cppgHYAy8m
i0cAn3pFpRAF651M216bgKD0xt0pOqbC
=qHLM
-----END PGP SIGNATURE-----

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Reply | Threaded
Open this post in threaded view
|

Re: [Newbie] Storing state in cookie instead of URL

Randal L. Schwartz
In reply to this post by Lukas Renggli
>>>>> "Lukas" == Lukas Renggli <[hidden email]> writes:

Lukas> The back-button of you web-browser would stop to work, because
Lukas> browsers don't backtrack cookies.

And even storing _s in a cookie is problematic if you want two different
windows open with two different "sessions", which I'll often do when I'm
comparing different flights on the same airline.

--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<[hidden email]> <URL:http://www.stonehenge.com/merlyn/>
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Reply | Threaded
Open this post in threaded view
|

Re: [Newbie] Storing state in cookie instead of URL

Philippe Marschall
In reply to this post by Stef Telford
2008/9/7 Stef Telford <[hidden email]>:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Philippe Marschall wrote:
>> 2008/9/7 Stef Telford <[hidden email]>:
>>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>>>
>>> Hello Everyone, So, I am playing around with Seaside.. generally
>>> digging it and glad that I can do web development in my favourite
>>> language (Ruby is nice, but, well, Smalltalk is nicer ;). I have
>>> taken the first rudimentary steps, running Wakom, creating a
>>> simple page and storing state.
>>>
>>> However, when I was in the configure panel for my application, I
>>> switched the 'Use Session Cookie' to 'true', yet I still get the
>>> _k in my URL. I would have expected the value for _k to be stored
>>> in the session cookie. If this doesn't do this, then I have two
>>> questions;
>>>
>>> 1) how do I get Seaside to use _k in cookies ?
>>
>> Not at all.
> Ahhh.. judging from the reply, am I correct then in thinking that the
> _s (session key) is then stored in the cookie after login/authn/authz

No, it is stored when you view the first "page".

> and because Smalltalk/Seaside has to grab objects from the
> continuation, it has to know the _k value so that it can then find the
> user objects, page objects, etc ?
>
> In other words; To be able to get the objects (including the cookie
> object), we need the _k outside so Smalltalk/Seaside can find it. If
> that's the case, then the _k outside makes sense, and something I may
> have to live with :)

No, the value of _k changes over the session lifetime. The value of _s does not.

Cheers
Philippe
_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Reply | Threaded
Open this post in threaded view
|

RE: [Newbie] Storing state in cookie instead of URL

Sebastian Sastre-2
In reply to this post by Stef Telford
...am I correct then in thinking that the
> _s (session key) is then stored in the cookie after login/authn/authz
> and because Smalltalk/Seaside has to grab objects from the
> continuation, it has to know the _k value so that it can then find the
> user objects, page objects, etc ?
>

_s tells Seaside which session is the request about and _k which continuation performs the next step. The continuation has a snapshot of the state of all the objects that process needs to continue from there. So it wont find, it is :)  not become water, be water my friend, be water... ;)

Cheers and welcome to the beach!

Sebastian

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside