On Tue, 16 Aug 2005 15:45:47 -0400, "Phillip J. Eby" <[EMAIL PROTECTED]> said: > >I'm not sure; I always try to make the cookie last longer than the session > >can. I suppose you could store information about when the cookie is > >supposed to expire in the session itself (since you can't read expiration > >times from the cookie). Or you could store the expiration as part of the > >cookie data; I haven't thought about doing it that way.
Sure, sessions are overused and abused. Particularly among certain classes of developers which I won't characterize here. :) But there's a reason they're in such common use; it's a huge waste (particular for low-bandwidth clients) to store anything more than absolutely necessary in a cookie that the client sends repeatedly. Much more efficient to send "here's my token" which the server uses to retrieve the rest. -Jonathan _______________________________________________ Web-SIG mailing list Web-SIG@python.org Web SIG: http://www.python.org/sigs/web-sig Unsubscribe: http://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com
