lynx-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev cookies in an anonymous user environ

From: Bela Lubkin
Subject: Re: lynx-dev cookies in an anonymous user environ
Date: Thu, 30 Jul 1998 05:28:36 -0700 
Greg Barniskis wrote:

> SCLS hosts an anonymous lynx user account on an HP-UX 10.20 server for 
> use with public library terminals. Currently we have a patched-up lynx 
> 2.7.1 in place and are preparing to move to the current version.
> 
> As configured, all anonymous users share a highly restricted common login 
> account. They have no access to the server's file system, no bookmark 
> support, no cookie support, etc. This all works great so far and adheres 
> to the beloved KISS principle. 
> 
> There've been minor problems with the absence of cookie support (sites 
> that don't work or get flaky without 'em). Oh well... we've been able to 
> access everything that we intended to grant access to -- mostly 
> non-commerical, non-cookie-reliant government sites and reference info. 
> But now we need access to periodicals databases purchased under a new 
> state contract. The database servers require some authentication and 
> session tracking info from our library users... i.e. cookies.
> 
> Are we going to have problems enabling cookies in a shared lynx 
> environment with multiple simultaneous sessions in the same home 
> directory? Should we segregate the users instead (first user to request a 
> lynx session is logged in as user lynx1, next lynx2, ..., lynxN)? 

Lynx doesn't yet save cookies across sessions.  They're stored in the
memory of the running Lynx process, and nowhere else.  So you should not
have a problem with one user getting access to another user's cookies.

Ever since Lynx first started dealing with cookies, people have been
requesting that they be saved from one session to the next.  A patch for
such persistent cookies has just been incorporated (this week!) into the
ongoing development version.  The current version of the patch does not
appear to give you the option of *not* saving cookies.  Now that you've
identified a good reason for that option, I imagine it will appear.  In
any case, the code is considered experimental and is only compiled in if
you tell it to be.  So for your purpose you would just leave it out.

>Bela<
reply via email to
[Prev in Thread] Current Thread [Next in Thread]