Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: Wosid suppression broken in 5.4?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Wosid suppression broken in 5.4?

Subject: Re: Wosid suppression broken in 5.4?
From: Mike Schrag <email@hidden>
Date: Thu, 20 Dec 2007 08:19:35 -0500

No session exist before the call (typically a direct action) or The session id is not stored in the URL (i.e. it is stored in the cookie) or There is a binding ?wosid=false or The query dictionary contains a key wosid bound to Boolean.FALSE

It seems like the old behavior will really only be a problem if you for some reason construct a fully qualified absolute URL to your own application, but I would say 1) this is really rare -- definitely the exception and 2) almost certainly if you did this, you did it with the WO URL factories which would put the WOSID on the URL for you anyway. Given that it seems like the exceptional case that you are linking back to yourself and NOT using pageName/directActionName OR one of the WO factory methods, it almost seems like if the URL is absolute, then you could default to NOT do it and support "?wosid=true" which would append the SID if all of the above constraints are still true. For instance, if I pass in

Test : WOHyperlink {
	href = "http://www.mysite.com/.../MyApp.woa/something";;
}

... this would be completely backwards compatible and behave as expected. If I do

Test : WOHyperlink {
	pageName = "SomeOtherPage";
	?wosid=false;
}

... this would strip the SID off, and if I do

Test : WOHyperlink {
	href = "http://www.mysite.com/.../MyApp.woa/something";;
	?wosid = true;
}

... this would support the exception case of adding the session ID to my absolute URL to my own application. To me, it makes sense that you have to do a little extra work if you're outside of the norm, which absolute urls to yourself seems like -- only an intermediate level WO person I think would even know the methods to call to even construct such a URL properly, so having them understand ?wosid=true seems OK to me. Note that ?wosid=true I think follows the exact same rules as above -- It only adds a session id if you already have one, sessions are not in URLs, etc. I think you would do ?wosid=session.id; if you want to force it to happen.

ms

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden


Follow-Ups:

Re: Wosid suppression broken in 5.4?
From: "Mr. Pierre Frisch" <email@hidden>


References:  
  >RE: Wosid suppression broken in 5.4? (From: "James C. Lee" <email@hidden>)
  >Re: Wosid suppression broken in 5.4? (From: Anjo Krank <email@hidden>)
  >Re: Wosid suppression broken in 5.4? (From: "Mr. Pierre Frisch" <email@hidden>)




Prev by Date:
Re: Newbie WOLIps

Next by Date:
Re: Wosid suppression broken in 5.4?

Previous by thread:
Re: Wosid suppression broken in 5.4?

Next by thread:
Re: Wosid suppression broken in 5.4?

Index(es):

Date
Thread