On Jan 12, 2005, at 12:41 PM, Peter Hunsberger wrote:
At a single session level I think you can keep this information private
by using forms. Users will not see the query that contains the data you
are tracking. Sure the user can't come back after closing their browser
and pick up where they left off, but you really didn't design your
application for this.
Sure, if you don't need any adoption/resumption of the state across browsers then form variables work fine. However, we _do_ design our applications for resumption upon resumed sessions.
I did realize that you do design for resumption. Hence the use of anchors instead of forms.
In particular, we do timed out session recovery/resumption after reauthentication
I'm just curious as to what type of information is contained your URLs that enables continuation and what the applications do first when a user continues.
Glen Ezkovich HardBop Consulting glen at hard-bop.com http://www.hard-bop.com
A Proverb for Paranoids:
"If they can get you asking the wrong questions, they don't have to worry about answers."
- Thomas Pynchon Gravity's Rainbow
