[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnumed-devel] GNUmed web interface - state of affairs
From: |
Sebastian Hilbert |
Subject: |
Re: [Gnumed-devel] GNUmed web interface - state of affairs |
Date: |
Fri, 16 Jul 2010 08:05:25 +0200 |
User-agent: |
KMail/1.13.3 (Linux/2.6.33-6-desktop; KDE/4.4.5; i686; ; ) |
Am Freitag 16 Juli 2010, 03:58:27 schrieb Jim Busser:
> On 2010-07-15, at 7:47 AM, Sebastian Hilbert wrote:
> > as long as
> > the user does not clear the browser's cache, the user will always be
> > connected to the exact same back-end web server process.
>
> Will the backend need a special table in which to store these cookies?
>
No.
> Is the need for permanent cookies or (for example) would once-a-day cookies
> be sufficient?
>
Depends on how often the user wants to log in. There will be some sort of
cookie lives until timeout and/or browser-closes.
> If the backend cannot know which cookies will never again be used, because
> the user
>
> may upgrade a browser, without bringing forward the cookies
> may use a variety of browsers, and not use them again
> may use a guest machine, and never use it again (risk)
> may turn off cookies and generate new ones
> (what happens to the old browser side cookies?)
>
> should the server be designed to refuse connections from browsers that will
> not accept cookies, and to periodically (daily) flush all cookies?
>
Flushing all cookies is a good idea. I am not sure if refusing connections is
possible. There is no way for the browser to tell if the browser accepts a
cookie. One can however in the login page (client-side) detect that cookies
are turned of and refuse to connect to the server unless cookies are turned on
(or at least the browser reports it)
Sebastian