Re: handling cookies in and out of secure space

This WebDNA talk-list message is from

2000

It keeps the original formatting. numero = 28587
interpreted = N
texte = >If I have a [spawn] on a secure page which has inside it a [redirect] to a non-secure page which has on that non-securepage a [setcookie]...>will that work to keep the remote browser happily ignorantly viewing the secure page while webcat is busy setting his cookie via the nonsecure domain and path?No, this won't work.In this scenario webcat should try to redirect inside the [spawn] context, but since the request has already been spawned it is no longer 'connected' to the browser anyways -- so it won't have any affect on the browser at all -- which is the exact same result as if you didn't have the [spawn] context in there to begin with.>What I am ultimately after is to be able to [getcookie] on a non-secure page which I cannot initially set until the user has landed on a secure page (and I don't want to ask him to go back to another non-secure page just so I can set the cookie with the right domain and path. Can I use the above technique... or some other suggestion(s)?Why don't you just set the cookie on an intermediate page that has a tag in it that's set to a time of zero seconds, and give the visitor a link to click in case the meta tag doesn't work for some reason?================================Kenneth Grome, WebDNA Consultant808-737-6499 http://webdna.net================================-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Associated Messages, from the most recent to the oldest:

Re: handling cookies in and out of secure space (Kenneth Grome 2000)
Re: handling cookies in and out of secure space (Jesse Williams Proudman 2000)
handling cookies in and out of secure space (John Butler 2000)

>If I have a [spawn] on a secure page which has inside it a [redirect] to a non-secure page which has on that non-securepage a [setcookie]...>will that work to keep the remote browser happily ignorantly viewing the secure page while webcat is busy setting his cookie via the nonsecure domain and path?No, this won't work.In this scenario webcat should try to redirect inside the [spawn] context, but since the request has already been spawned it is no longer 'connected' to the browser anyways -- so it won't have any affect on the browser at all -- which is the exact same result as if you didn't have the [spawn] context in there to begin with.>What I am ultimately after is to be able to [getcookie] on a non-secure page which I cannot initially set until the user has landed on a secure page (and I don't want to ask him to go back to another non-secure page just so I can set the cookie with the right domain and path. Can I use the above technique... or some other suggestion(s)?Why don't you just set the cookie on an intermediate page that has a tag in it that's set to a time of zero seconds, and give the visitor a link to click in case the meta tag doesn't work for some reason?================================Kenneth Grome, WebDNA Consultant808-737-6499 http://webdna.net================================-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Kenneth Grome

DOWNLOAD WEBDNA NOW!

Re: handling cookies in and out of secure space

2000

Top Articles:

Related Readings: