Beefy Boxes and Bandwidth Generously Provided by pair Networks
XP is just a number
 
PerlMonks  

Re: If you do away with server-side state, you don't need cookies

by mpeters (Chaplain)
on Jul 05, 2005 at 16:48 UTC ( [id://472521]=note: print w/replies, xml ) Need Help??


in reply to Eliminate server-side state to obviate cookies
in thread "omniscient debugging" for Perl

Whether you send the data to the client as a hidden field in a form, or as a cookie it's basically the same thing. And by using a cookie you can be sure that the data will be in every request the user sends (GET's, links, images, media, etc) from then on, not just the results of a form.

While this would reduce the need for server side storage of sessions, this can already be done. There are lots of people who instead of sending a session id in the cookie (or hidden field) will send a serialized version of an object or hash which they can then unserialize at the next request.

-- More people are killed every year by pigs than by sharks, which shows you how good we are at evaluating risk. -- Bruce Schneier
  • Comment on Re: If you do away with server-side state, you don't need cookies

Replies are listed 'Best First'.
Re^2: If you do away with server-side state, you don't need cookies
by tmoertel (Chaplain) on Jul 05, 2005 at 17:07 UTC
    Whether you send the data to the client as a hidden field in a form, or as a cookie it's basically the same thing.
    Not really. The complete-state-in-a-form method allows for easy session forking. It also allows users to undo state transitions by backing up into the browser history. Cookies don't support either of these.

    Cheers,
    Tom

    Tom Moertel : Blog / Talks / CPAN / LectroTest / PXSL / Coffee / Movie Rating Decoder

[reply]
      Not really. The complete-state-in-a-form method allows for easy session forking. It also allows users to undo state transitions by backing up into the browser history. Cookies don't support either of these.

      Session forking isn't that hard with IDs (whether cookie or URL based). Just have the ID index into a tree of state transitions on the server side. It's something I've done on several sites (and I've a vague memory that somebody has implemented a CPAN module that makes doing this fairly simple, but am to lazy to go find it :-)

      Keeping the state server side can be handy, and having a small ID means I can stick it in a URL and have a more RESTful bookmarkable API.

[reply]

In Section Meditations

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://472521]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others studying the Monastery: (2)
As of 2024-04-26 05:03 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found