HTTP state management without cookies?
Geoffrey Talvola
gtalvola at nameconnector.com
Thu Feb 21 08:58:55 EST 2002
Paul Rubin wrote:
> "Steve Holden" <sholden at holdenweb.com> writes:
> > > http://foo.bar/_SID_=2374820394/myscript.cgi/
> > >
> > > into:
> > >
> > > http://foo.bar/myscript.cgi?_SID_=2374820394
> > >
> > > so the same trick will work for CGI?
> > >
> > Geoff:
> >
> > I appreciate the slightly unusual nature of thios scheme,
> but I don't
> > see how it isn't included under the heading "pass session
> id through all
> > URLs" as mentioned in my original post.
>
> Why would you want to pass the session ID to off-site URL's?
I didn't express myself properly. What I meant is, in a CGI application if
you're including the session ID in the query string, then you have to make
sure all of your relative links within the site are constructed to include
that session ID. In other words, your links will have to be written like:
'<a href="SomeOtherScript.cgi?_SID_=%s">Link to Some Other Script</a>' %
sessionID
Whereas if you use the mod_rewrite trick, your relative links within the
site can just be static strings:
'<a href="SomeOtherScript.cgi">Link to Some Other Script</a>'
which is much cleaner. Since the session ID is "higher up" in the URL, it
is preserved between requests.
- Geoff
More information about the Python-list
mailing list