From: Georg Bauhaus <sb463ba@d2-hrz.uni-duisburg.de>
Subject: Re: Programming Language Survey
Date: Tue, 20 May 2003 00:33:03 +0000 (UTC)
Date: 2003-05-20T00:33:03+00:00 [thread overview]
Message-ID: <babt3v$jik$1@a1-hrz.uni-duisburg.de> (raw)
In-Reply-To: 2tNCm7hWr4Xn@eisner.encompasserve.org
Larry Kilgallen <Kilgallen@spamcop.net> wrote:
: In article <baasfh$blf$1@a1-hrz.uni-duisburg.de>, Georg Bauhaus <sb463ba@d2-hrz.uni-duisburg.de> writes:
:>
:> Has your browser had to accept cookies?
:
: Of course not. My browser settings are fully secured - no cookies, Java
: or JavaScript.
That might explain a few things. They did send cookies,
ASPs in the background, and they might have done tracking
using cookies (an alternative beeing URL-rewriting).
When finally results are to be stored, a uniqueness check might have
to be done first, using the session cookie (HTTP beeing stateless,
the request, and therefore the data, might have come from anywhere).
Cookies are potentially evil if and only if the browser software
does not give you control over them; in particular, it should be
possible to prevent programs from reading cookies,
and to protect cookies such that only the originating site
may request them, and only with your consent. Wesley Groleau
has listed some possibilities, Mozilla has quite extensive
support for cookie control.
Cookies can be useful! In a decent browser, they can act as
a token somewhat like a tag in a tagged type for its identification,
or like an enum value.
(Somehow an HTTP server must know the origin of the page it
receives in circumstances like a survey; to use something other
than cookies one could use hidden content in a web page that is
generated when a new request for the survey page is made, somehow
coding the originators IP address as well; but IP addresses may
be dynamic, and the process is similar to generating a session
cookie anyway. In addition, cookies may be useful in (server
side) state tracking, e.g. when the client browser software has
crashed. the server may then send the proper page on resumption,
if the cookie still provides enough information.)
With a good browser, cookies aren't seen by any machine not explicitely
listed by you. If a server uses URL-rewriting instead (like Apple's
WebObjects), the rewritten URL is not too different from a
cookie HTTP header, as far as sniffing protection is concerned.
Anyway, any site using cookies could explain why they do so,
and send some explanatory comments.
-- Georg
next prev parent reply other threads:[~2003-05-20 0:33 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-05-16 19:20 Programming Language Survey Yaofei Chen
2003-05-16 19:55 ` Larry Kilgallen
2003-05-16 20:05 ` Stephane Richard
2003-05-16 20:21 ` Larry Kilgallen
2003-05-17 9:49 ` Preben Randhol
2003-05-17 12:27 ` Larry Kilgallen
2003-05-19 15:16 ` Georg Bauhaus
2003-05-19 18:59 ` Larry Kilgallen
2003-05-19 19:03 ` Preben Randhol
2003-05-19 19:46 ` Wesley Groleau
2003-05-19 19:50 ` Preben Randhol
2003-05-19 20:39 ` Larry Kilgallen
2003-05-19 19:51 ` Preben Randhol
2003-05-19 20:40 ` David C. Hoos
2003-05-19 22:14 ` Preben Randhol
2003-05-20 3:59 ` Wesley Groleau
2003-05-20 11:57 ` Preben Randhol
2003-05-19 21:49 ` Hyman Rosen
2003-05-19 22:18 ` Preben Randhol
2003-05-20 2:43 ` Yaofei Chen
2003-05-20 3:04 ` Larry Kilgallen
2003-05-20 4:02 ` Wesley Groleau
2003-05-20 11:55 ` Preben Randhol
2003-05-20 10:49 ` Samuel Tardieu
2003-05-20 0:33 ` Georg Bauhaus [this message]
[not found] ` <f5sop-4e3.ln1@beastie.ix.netcom.com>
2003-05-20 11:30 ` Larry Kilgallen
2003-05-16 20:44 ` Samuel Tardieu
2003-05-17 17:57 ` Yaofei Chen
2003-05-19 15:05 ` Georg Bauhaus
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox