Doesnt PHP and active server pages just use cookies / url re-writing
anyway ? I know ASP uses cookies which are set with siteserver id's.
I think all those app servers do is implement a scheme of creating session
tokens that are passed via the normal methods.

Interesting point though. How is a siteserver session token created and
the same for PHP ?

You could program your web application in PHP or active server pages.
Both work with sessions. A session is opened per connecting browser and
the server closes the session after a set time of inactivity or when
the browser closes. Therefore you get the statefulness you're looking
for. With both options you can easily make the pages expire immediately,
to force the user to reload them from the server every time (as suggested
in another post). PHP is free and can run on an Apache server, ASP is
MS and runs on IIS. Greets Martin

> -----Original Message-----
> From: Woodworth, Lora [SMTP:Lora.Woodworthcta.com]
> Sent: Tuesday, August 07, 2001 10:50 PM
> To: Www-Mobile-Code (E-mail)
> Subject: Browser Caching/memory allocation
>
> Does anyone know of any good white papers or resources that describe

> how Browsers store information on a workstation?
>
> We are trying to build a "secure" web application and I need to
> explain to my manager how none of the information that a user enters

> into the forms will be available to the next user that comes along.
 
> Along those same lines what are the options for maintaining state in

> an application?
>
> Any help would be appreciated.
>
> Lora Woodworth
> Security Consultant
> CTA inc.

__________________________________________________
FREE voicemail, email, and fax...all in one place.
Sign Up Now! http://www.onebox.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]