FAQ
Search
Members
Register
User Control Panel
LoginFor privacy reasons, I don't like it when websites set cookies when I just want to read them.
Serendipity does that, although it's just a session id.
My suggestion would be that s9y only opens a php-session if the user does something that requires a session (login, whatever plugin-features need sessions), but that simple viewing of the blog doesn't cause a session to be opened.
Toughts?
Handbuch für Serendipity bestellenDas offizielle, umfassende Serendipity-Handbuch für Einsteiger und Profis ist nun im Handel und kann online bei Amazon oder OpenSourcePress, oder auch bei jedem Buchhändler, bestellt werden! |
Forum-InformationBefore posting about errors, make sure that the answer cannot already be found in our FAQ or by searching this forum!Posting is restricted to registered users (registering is free and simple!) due to recent spam attacks. When having trouble with this board, contact garvin(-at)s9y(-dot)org. |
Board index ‹ General discussions ‹ Idea: No cookies for visitors
3 posts • Page 1 of 1
- hanno
- Regular
- Posts: 28
- Joined: Fri May 20, 2005 8:04 am
Idea: No cookies for visitors
by hanno » Fri Nov 09, 2007 8:12 pm
- chickens
- Regular
- Posts: 192
- Joined: Wed Dec 06, 2006 1:15 am
- Location: Vegas
by chickens » Fri Nov 09, 2007 11:49 pm
Serendipity is a framework for plugins. By initiating a session no matter what it allows for plugins to utilize it if needed. By removing the session cookie it could possibly break plugins. I have no idea if this would actually happen, but it is a very high probability.
That being said, I think it would be a decent idea to remove the sessions from a performance side. In my experience sessions can slow down servers with a ton of traffic.
From a security standpoint I do not see the reason to want to remove the cookie. The only thing that cookie really says is that you've been to the site. Other than that the cookie is harmless.
That being said, I think it would be a decent idea to remove the sessions from a performance side. In my experience sessions can slow down servers with a ton of traffic.
From a security standpoint I do not see the reason to want to remove the cookie. The only thing that cookie really says is that you've been to the site. Other than that the cookie is harmless.
-
garvinhicking - Core Developer
- Posts: 26675
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
by garvinhicking » Sun Nov 11, 2007 3:44 pm
Hi!
Plus, cookies are requred for people to send comments and for the anti-spam measurements.
As chickens pointed out, s9y always has to draw a line between offering functionality and adaptionality. In this case, sessions are just too important for providing functionality to make them optional.
I don't see an easy way to check, when a session is required and when not. The problem is often sesions are simply utilized by plugins, themes or the core. I see much more other parts on s9y where work should be invested, so these cookie issues are really an ultra-low priority for myself. If anyone else wants to dive into it, have a go
Regards,
Garvin
Plus, cookies are requred for people to send comments and for the anti-spam measurements.
As chickens pointed out, s9y always has to draw a line between offering functionality and adaptionality. In this case, sessions are just too important for providing functionality to make them optional.
I don't see an easy way to check, when a session is required and when not. The problem is often sesions are simply utilized by plugins, themes or the core. I see much more other parts on s9y where work should be invested, so these cookie issues are really an ultra-low priority for myself. If anyone else wants to dive into it, have a go
Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
3 posts • Page 1 of 1
Who is online
Users browsing this forum: Google [Bot] and 2 guests