[Cosmo-dev] CMP and AJAX
Travis Vachon
travis at osafoundation.org
Fri Sep 22 10:23:55 PDT 2006
Cool, I hadn't thought of option 1, actually. I'm going to go with that
for now, and we can reevaluate in the future when we're thinking about
security more seriously.
Thanks for all the input,
Travis
Brian Moseley wrote:
> On 9/22/06, Matthew Eernisse <mde at osafoundation.org> wrote:
>
>> 1. Cookie between loads
>> Still use a cookie, but only between page loads -- i.e., as soon as the
>> new page loads up, you put the data into a JS variable and kill the
>> cookie. That way the data is only in a cookie when a request is in
>> flight -- so if someone leaves their machine sitting, it's not sitting
>> in that easy-to-read cookie.
>>
>> 2. Top-level iframe shell
>> Build the app inside of a full-page single iframe. The hosting document
>> has the be XHTML 1.0 Transitional to accomodate the frame, but then you
>> have a top-level document where you can stick all kinds of state data
>> while the user navigates around in the iframe.
>
> yea, i thought of both of these as well. i intuitively like option 2
> better and think that we should think seriously about making that our
> long term plan, but i'm okay with option 1 for now.
> _______________________________________________
> cosmo-dev mailing list
> cosmo-dev at lists.osafoundation.org
> http://lists.osafoundation.org/mailman/listinfo/cosmo-dev
More information about the cosmo-dev
mailing list