Date: Thu, 1 Apr 1999 18:37:39 +0000 (GMT) From: Terry Lambert <tlambert@primenet.com> To: jkh@zippy.cdrom.com (Jordan K. Hubbard) Cc: naddy@mips.rhein-neckar.de, freebsd-chat@FreeBSD.ORG Subject: Re: Chuck is cute Message-ID: <199904011837.LAA06585@usr08.primenet.com> In-Reply-To: <7142.922948035@zippy.cdrom.com> from "Jordan K. Hubbard" at Mar 31, 99 10:27:15 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > Now, how do I order?... Shopping basket remains empty... Oh, I see, a > > shopping system that requires cookies. (And it doesn't even say so. Talk > > about slapping your customers in the face.) I don't buy from these as a > > rule, but I guess there's no alternative supplier here. > > I think this whole paranoia about cookies really goes a bit far. The thing about cookies, which the fools who don't mind them being shat upon their hard drives never seem to address, is that not all possible devices for browsing the Internet have volatile storage to where these cookies may be shat. If you can't store them, you're going to have a hell of a time sending them back. As a technology, they discourage storageless browsing devices. Which is fine, I suppose, if you are a storage device company, or if you are an OS vendor in the Redmond area whose "embeddable" OS requires non-volatile RAM, and you are interested in pushing your product more than you are interested in cheap, pervasive access to computing resources using portal devices. > I don't see how a shopping cart aplication can really work reasonably > without them, unless Christian here would like to provide us with one > which doesn't and yet provides the same functionality. :) It's very trivial. You use an authenticated session ID, and you store whatever you would have shat upon the unsuspecting hard drive as local state indexed by the session ID. JAVA Server Pages, and even the Microsoft IIS "V.I.P.E.R." framework can both operate in this mode. In addition, any HTTP 1.1 capable browser can be told to keep a TCP session open, thereby associating the session ID with a persistant socket as an identifier for the device that initiated the session. These are just the ones I *know* are deployed. There are literally hundreds of easy alternatives, and literally tens of obvious ones. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199904011837.LAA06585>