Since we dont know whether our application is going to be accessed by a client that supports cookies, or whether the user has cookies turned off or not... why would it ever be sensible to use session tracking and/or cookes for client state information in an e-commerce app. Does it not follow that URL Re-writing should always be used??? Herbert.
Well, the specs state that you if you are using cookies for session management, you should always encode your URL. Meaning if the client has cookies turned off, encodeURL will encode the JSessionID, otherwise it will leave it alone. Something along those lines, it is in the Specs, I just don't remember the specific page Mark
encodeURL will encode the JSessionID, Actually, that would be jsessionid. An important difference between cookies and URL-Rewritting. it is in the Specs, I just don't remember the specific page Chapter 7. SRV.7.1.1 and SRV.7.1.3. Does it not follow that URL Re-writing should always be used? Probably, but a vast majority of web users are in this age aware of cookies and am sure know how to accept cookies. Hence, it would be more reasonalble to first try cookies then fallback on the URL-rewritting for the few cases that don't use cookies. URL-Rewritting is more development effort than cookies. regds. - satya
Post by:autobot
Looky! I'm being abducted by space aliens! Me and this tiny ad!
a bit of art, as a gift, the permaculture playing cards