On Wed, Jun 17, 2015 at 9:50 PM, James Reeves <ja...@booleanknot.com> wrote:
> On 17 June 2015 at 09:51, Thomas Heller <th.hel...@gmail.com> wrote: >> >> On another note: Sessions in cookies should be VERY VERY small. >> java.io.Serializable usually isn't small and especially if you go java >> object -> binary -> base64 -> base64 (yes twice) -> encrypt. The size of >> the cookie matters as it is transmitted with EVERY request. >> > > The cookie is only transmitted when the session changes. However, several > browsers place limits on the size of stored cookies, and so it's generally > not a good idea to serialize anything large into a cookie. > They are transmitted for every request client -> server. If you host images/css/js on the same host each request will contain the cookie. 2kb cookie for 100 requests (quite common for webapps) and all the optimizations done to keep javascript small go out the window. -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en --- You received this message because you are subscribed to the Google Groups "Clojure" group. To unsubscribe from this group and stop receiving emails from it, send an email to clojure+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
