This week's book giveaway is in the Agile and Other Processes forum.
We're giving away four copies of The Little Book of Impediments (e-book only) and have Tom Perry on-line!
See this thread for details.
Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Cookies and URL encoding

 
Maulin Vasavada
Ranch Hand
Posts: 1873
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
what r benefits and drawbacks for using cookies and url encoding?
if the client doesnt support cookie then we must use URL encoding else we generally use cookie.
but why we want to use cookies if we are never sure of the client that if it has enabled/disabled cookies or does it support cookies at all? isnt it better to use URL encoding always?
my argument against my question will be,
we need to use cookies when we want something more than just a session management and embedd some profile specific information on the client machine.
is my argument right? any other pointers?
regards
maulin.
 
Axel Janssen
Ranch Hand
Posts: 2166
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi.
There is a problem with Url-rewriting. The programmer has to take care for that the
?jsessionid=xxxxx parameters are included in every call of the app, so that the servlet-engine can keep track of the session. You cannot simply include a link to a html file in the app without thinking about the ?jsessionid. And if you have the ?jsessionid parameter in all the links of your apps: What if the user pushes x times back-button of browser, so that he lost the ?jsessionid and he comes back to your app? A new session will be started, although the old session hasn`t yet timed out.
From the code standpoint cookies are the cleaner solution.
I think in Internet context one has to think about users without cookies. In Intranet/Extranet contexts one can mostly use cookies. Companys - at least here in germany - have some sort of a browser-configuration-policy, and cookies are nowadays allways explicitedly turned on in these policys.
From my experience with LotusDomino web-apps I can say that things changed 2 years ago. Before using cookies were often forbidden in Intranet-apps. But this has changed to a more pragmatic approach. The fundamental problem consists in the stateless nature of http as a protocol. So to make it appear stateful the programmer or some build in mechanism in the server has to ressort to tricks. And tricks lead to cluttering of code. And cluttering of code allways involves costs. And everybody (me, the customer, my company) hates costs. So they accept cookies now.

Axel
[ February 26, 2002: Message edited by: Axel Janssen ]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic