At 05:54 PM 02/20/01 -0800, Yann Ramin wrote:
>1. I was thinking of doing session tracking first by cookies (I have a
system
>which works well), but some people don't like cookies/don't support
>cookies/have broken cookies. I was thinking of running a mod_perl handler on
>the output which does a little regexp game of adding a session variable to
>the end of the URLs and forms. Has anyone done something like this? Is
this a
>stupid idea?
Placing sessions into the URL is described in the Eagle book. And I use a
modified version of Apache::AuthCookie called Apache::AuthCookieURL that
does this -- it can be configured to just generate sessions. Should be on
CPAN.
>2. How do I deal with browsers which do not return a referer header? Some
>parts of my web app depend heavily on it (goto page, page requires URL,
sends
>to login page which captures referer of page where the user wants to go,
logs
>in user, sends user back to the page seamlessly).
It's probably best not to base your design on a browser feature that may or
may not work. If you use sessions, then track referrers in the session
records.
Bill Moseley
mailto:[EMAIL PROTECTED]
