Forum OpenACS Development: Response to Login/Security tokens without cookies

Collapse
Posted by Jerry Asher on
As folks legitimately navigate a site, they often perform URL hacking, which means that a) we should support URL hacking and b) it's a good thing to make the URL's semiunderstandable in structure.  I would recommend the session id not be urlv0 or urlvsmall, but would think it better belongs as urlend or urlvlarge.

We want to encourage folks to email and bookmark urls.  That means that the system should be able to determine when a session has timed out and create a new session id.