Re: lynx-dev persistent cookies (was: Post-query bug)

lynx-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev persistent cookies (was: Post-query bug)

From:	brian j. pardy
Subject:	Re: lynx-dev persistent cookies (was: Post-query bug)
Date:	Tue, 8 Dec 1998 09:39:26 -0800 (PST)

On Tue, 8 Dec 1998, Klaus Weide wrote:

> I haven't tried the new code, but it looks ok to me as far as I have looked.
> 
> I think it would be less confusing if store_cookies did not call
> HTConFirmCookies at all for de->bv == FROM_FILE, since no confirmation
> is ever involved - it will always return TRUE.
> 
> Or, which would be much better, HTConfirmCookies should not return TRUE
> automatically for all FROM_FILE cookies!  I think this needs to be
> resolved:
>             /*
>              * Ok, this is a problem.  The first cookie for a domain
>              * effectively sets the policy for that whole domain - for
>              * something like Netlink, where there are lots of websites
>              * under www.netlink.co.uk, this isn't sensible.  However,
>              * taking this sort of decision down to cookie level also
>              * isn't sensible.  Perhaps something based on the domain
>              * and the path in conjunction makes more sense?  - RP
>              */
> It is not obvious to me why taking this to the cookie level is not
> sensible.
> 
> Currently Lynx is misleading the user if (s)he uses persistent cookies but
> still wants control over accepting cookies.  The Cookie Jar page says
> (Persistent Cookies.) for any domain with a cookie read from the persistent
> file and gives no indication that this actually means (All new cookies
> automatically accepted and you will never be prompted.)!  The documentation
> also doesn't tell this part of the story.  According to the text in the
> Users Guide, Set-Cookie MIME headers should still invoke confirmation
> prompts.

This could be a simple fix. 

Is the display of "(Persistent Cookies.)" really necessary for cookies read
from the cookie file?  Perhaps FROM_FILE can be done away with entirely,
by setting de->bv to QUERY_USER when loading a cookie from the cookie list
(unless it has already been set to ALWAYS_ALLOW or REJECT from .lynxrc),
and add cookies to the cookie list within LYLoadCookies without using
store_cookie.  This will take care of automatically accepting cookies from
domains that have cookies stored, which would otherwise happen if 
HTConfirmCookie was not called for FROM_FILE domains.

I should really be doing my Real Job right now, so no patch yet.

Thoughts?

-- 
GPG & PGP public keys: <URL:http://www.psnw.com/~posterkid/keys/> 
PGP fingerprint: 42 57 B3 D2 39 8E 74 C3  5E 4D AC 43 25 D2 26 D4

[Prev in Thread]

Current Thread

[Next in Thread]

Re: lynx-dev Post-query bug (2nd try), brian j. pardy, 1998/12/06
- lynx-dev persistent cookies (was: Post-query bug), Klaus Weide, 1998/12/08
  - Re: lynx-dev persistent cookies (was: Post-query bug), brian j. pardy <=
    - lynx-dev Re: persistent cookies - needs changes, Klaus Weide, 1998/12/09
    - Re: lynx-dev Re: persistent cookies - needs changes, brian j. pardy, 1998/12/09
    - Re: lynx-dev Re: persistent cookies - needs changes, brian j. pardy, 1998/12/12
    - Re: lynx-dev persistent cookies - a correction, Klaus Weide, 1998/12/09
    - Re: lynx-dev Re: persistent cookies - needs changes, brian j. pardy, 1998/12/09
    - Re: lynx-dev Re: persistent cookies - needs changes, Klaus Weide, 1998/12/09

Prev by Date: Re: lynx-dev Lynx and Java
Next by Date: Re: lynx-dev unanswered query: Function mapping
Previous by thread: lynx-dev persistent cookies (was: Post-query bug)
Next by thread: lynx-dev Re: persistent cookies - needs changes
Index(es):
- Date
- Thread