Besides URL rewriting, what options are available for maintaining sessions without using cookies?

views:

249

answers:

+1 Q:

Besides URL rewriting, what options are available for maintaining sessions without using cookies?

I've seen various options for URL rewriting here on Stack Overflow, and other places on the web, but was curious to see if there were other options.

Session variables? At work, we are not allowed to use non session-cookies without a load of permissions.

Thomas Owens 2008-10-30 15:08:05

That's a good policy.

Tom Ritter 2008-10-30 15:09:10

You can either maintain state through a cookie or through a query parameter. The browser needs to be able to pass data to the web server somehow and those are the only two options.

rayners 2008-10-30 15:09:30

+1 A:

This is speculation, as Cookies and URL Rewriting are the big two, but technologically, I think it'd be possible to:

do some massive hackery with javascript that captures all links and submits a form with information.
track the session on the server based on IP

Both have their downsides and holes obviously.

Tom Ritter 2008-10-30 15:09:50

Yeah, those would work. But you would have to be pretty desperate...

amdfan 2008-10-30 15:14:02

I suppose that would depend on what technology you are using. In ColdFusion you can maintain session variables without cookies.

Jeremy Reagan 2008-10-30 15:10:31

Using a client-side database storage, such as Google Gears (sqlite) ? Html5 is expected to include one (webkit already does it).

Berzemus 2008-10-30 15:10:40

ansaurus

tags:

views:

answers:

Besides URL rewriting, what options are available for maintaining sessions without using cookies?

related questions