Web devel with python. Whats the best route?
echuck at mindspring.com
echuck at mindspring.com
Fri Jan 12 23:40:22 EST 2001
In article <kuofxhi4d2.fsf at lasipalatsi.fi>,
Erno Kuusela <erno-news at erno.iki.fi> wrote:
> In article <93cqvi0191h at news1.newsguy.com>, "Alex Martelli"
> <aleaxit at yahoo.com> writes:
>
> | "Session continuity" will have to be provided via cookies, but
that's
> | not really all that hard
>
> note that mod_python and mod_snake are in the same boat (modulo
> libraries they may or may not provide?) because they also run
> with multiple processes.
>
> lately i've come to the conclusion that the best way to do session
> tracking (certainly better than cookies) is to generate a unique id
> and put it in the url as a path component. something like
> http://my.site/my-program/0dj2/operation or whatever. you can use map
> the unique to (sequence of?) words from id/usr/dict/words if you want
> to make the url human-rememberable :)
>
> this has the advantage of
> a) not needing cookies enabled in the users browser
> b) making the session portable in the sense that you can
> take a url to another machine and have it work
> c) making it work with search engines
> d) being technically less ugly than cookies
>
> -- erno
As usual, there are advantages and disadvantages between two approaches.
One disadvantage with the above is that if the session data expires
after some period of inactivity (a common practice on various web
sites), then the URLs resulting from the above technique are not
bookmarkable. You might be able to detect this on the server side and
compensate to make them so, but then that's just as ugly or more so
than using cookies.
Also, is (b) really an advantage? How often do you need to take a URL
to another machine?
I'm not clear on (c) and search engines. If a session is related to a
specific user, doesn't that imply that:
1. the searchbot gets it's own session id,
2. stores the id in the URL and
3. now when a user finds the URL via the search engine, they click in
and are considered to be "AltaVista"?
On the contrary, using cookies gives you clean URLs like:
http://host.com/docs/faq/
Which when clicked through a search engine will not come in with a
session id that is either expired or inaccurate, like
http://host.com/89dfgk49f/docs/faq would.
Item (d) says cookies are ugly. What's ugly about this:?
Set-Cookie: use=webware;
Or the clean URLs described above? Session ids are for the eyes of
programmers, not users.
In summary, I think cookies are both clean and convenient, if you're
confident your user base has them.
-Chuck
--
http://webware.sourceforge.net
Sent via Deja.com
http://www.deja.com/
More information about the Python-list
mailing list