Gossamer Forum
Quote Reply
Alternative to cookies
 I am looking for an alternative to cookies to maintain the user login.

Using the url query string is not secure enough.

Wikipedia has an article on cookies.
http://en.wikipedia.org/wiki/HTTP_cookie

It tells of an alternative to cookies involving client-side persistence which says:
==============
A different mechanism relies on browsers normally caching (holding in memory instead of reloading) JavaScript programs used in web pages. As an example, a page may contain a link such as <script type="text/javascript" src="example.js">. The first time this page is loaded, the program example.js is loaded as well. At this point, the program remains cached and is not reloaded the second time the page is visited. As a result, if this program contains a statement such as id=3243242 (global variable), this identifier remains valid and can be exploited by other JavaScript code the next times the page is loaded, or another page linking the same program is loaded.[citation needed] The major drawback of this method is that the global JavaScript variable must be static, meaning that it cannot be changed or deleted persistently like a cookie.
============

Maybe I can use this with Gossamer Threads products (specifically Links and Forum). Has anyone done this?

The static file could be generated dynamically, couldn't it? How?

And then how would this be used?
Subject Author Views Date
Post Alternative to cookies tora 3220 Jun 10, 2009, 10:51 PM