[WEB4LIB] cookies or ....?
Thomas Dowling
tdowling at ohiolink.edu
Fri Apr 5 13:21:04 EST 2002
> While I've questioned the need and appropriateness of cookies in this
forum
> before, I have always, reluctantly, admitted an occasional need for
cookies
> to help track states (particularly with respect to database searching)
in
> the stateless environment of the web.
>
Quick illustrative anecdote. One of our services has to use a quick and
dirty authentication hack which I believe is common in some public
library environments. Users login to one specific page, where a CGI
script confirms their credentials against a patron database; they then
receive a set of links that allow access from that page as an HTTP
referer; and those services then set a cookie to identify the user on
subsequent pages. Our particular service actually sets the cookie and
then redirects the user (a real HTTP redirect, natch).
Only problem is, this set-a-cookie-then-redirect approach is disabled
with the default settings in IE6--unless the site has a P3P policy
asserting that it doesn't misuse personal information. Oops. Moral of
the story: we may all want to query your vendors about when they'll have
their P3P policies online.
Thomas Dowling
tdowling at ohiolink.edu
More information about the Web4lib
mailing list