Re: Session-Id

[email protected]
Fri, 21 Jul 95 21:55:15 PDT


Jon Knight writes:
> On Thu, 20 Jul 1995, Koen Holtman wrote:
> > This is to announce the availability of a report on problems with the
> > HTTP Expires header.
> > This report is available in hypertext form at
> > http://www.amazon.com/expires-report.html, and in plain text form at
> > http://www.amazon.com/expires-report.txt. For discussions about the
> > report, we suggest using the www-talk mailing list.
>
> OK, I've just read through the report and my vote goes to option 2
> (Discourage honouring expires in history functions). This gives us
> something to hammer browser writers over the head with when they don't
> conform to the spec, doesn't break things and is simple to do. Also just
> because Netscape does it a different way now doesn't mean that we
> shouldn't write the spec in a different way and hope they'll abide by it
> (there's plenty of other HTML and HTTP things that will have to change in
> Netscape in the next couple of years if they want to conform to the specs
> and this is a simple one for them to fix).
>
> I don't like 3A or 3B at all as it gives the CGI author control over _my_
> history list. To me the history list is just that - my personal history
> of where I've been and what I've seen (notice the tenses there people :-)
> ). I'd rather not give Joe Random CGI-Author a remote control for any of
> it. If this goes in the spec then there'll be at least one
> non-conforming browser (my hacked X Mosaic! :-) ).
>

I'd just like to comment that, unless I have completely missed some
implications of these proposals, that they don't cede any more control
to service providers than you currently cede to browser authors.
We're *not* suggesting that there be some protocol whereby service
authors can add or delete items on the history list (a.k.a. "document
stack"). We're merely suggesting that it may make sense that service
providers who know how their service is supposed to work are in the
best position to say what should happen when a user "backs up" into a
particular page (one that *they* served -- not any other pages!!!). It
may well be that 9 times out of 10 the right thing to do is to display
the expired page, but there may also be instances where reloading the
page is the appropriate behavior. And that's all we're talking about
-- whether or not to reload pages.

One other approach to these issues comes to mind as a result of your
comments though: that is to suggest to browser authors that they make
these different behaviors User Preferences. This has problems of its
own though, especially since it is the least sophisticated users whose
hand you (as a service provider) want to hold the most, and these are
exactly the ones who will not know about setting preferences, and will
be the most confused by "Data Missing" messages, mysteriously cleared forms,
and the like.

> Otherwise I agree with the authors' disadvantages to options 1, 4A and
> 4B.
>
> Jon
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Jon Knight, Researcher, Sysop and General Dogsbody, Department of Computer
> Studies, Loughborough University of Technology, Leics., ENGLAND. LE11 3TU.
> *** Nothing looks so like a man of sense as a fool who holds his tongue ***
>

Shel Kaphan
[email protected]