CHANGE: private domain cookies for each tab
Martin Choma
request for change :
each tab holds own cookie for domain
nowadays state:
cookie is shared for all tabs of one browser instance
advantages it brings:
in J2EE (and apparently in other web technologies), typically cookie
holds session id. Cookie is common for all tabs, therefore tabs are
using same session. When users are using web application from multiple
tabs, that leads to problems as session data are written by all tabs.
If cookie will be private for each tab, each tab will be working with
own session and everything will be ok.
disadvantages:
please fill in :)
Martin
Charlie Powell
on a link, opening something from a page into a new tab. This behavior
will prevent session data from crossing over to the new tab, requiring
the user to login again. This would not only be annoying and prevent a
lot of usage on sites, but could be very confusing for users.
> _______________________________________________
> dev-apps-firefox mailing list
> dev-apps...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-apps-firefox
Benjamin Smedberg
> disadvantages:
> please fill in :)
That you can't open a new tab and have it use the same session ID. This is a
long-discussed feature/bug, because there are compelling use cases for both
behaviors:
* separate sessions: being able to log into two different webmail accounts
from the same browser
* unified session: being able to open a web application in multiple tabs in
order to view different parts of it
Overall, your web applications are going to have to be aware that users open
multiple tabs to the same application, whether or not we come up with some
way to allow "separate sessions" in Firefox.
--BDS
Martin Choma
>he biggest problem that I see from this is when a user does CTRL+Click on a link, opening something from a page into a >new tab. This behavior will prevent session data from crossing over to the new tab, requiring the user to login again. >This would not only be annoying and prevent a lot of usage on sites, but could be very confusing for users.
Ok, i see. But it could be optional feature. Our application arent
prepare for multitab access. So we definitely would turn it on. Users
computers are installed from image and fully under control of admins,
it will be easy to configure all browsers for all users in that way.
I think autentification issue wouldnt be problem for us. We are using
NTLM autentification, and users are autentificated once into browser -
i think it isnt advantage of shared cookie, but must test to ensure
...
> Overall, your web applications are going to have to be aware that users open
> multiple tabs to the same application, whether or not we come up with some
> way to allow "separate sessions" in Firefox.
speaking about application awareness ... wouldnt be nice if javascript
dom structure contain some tab identification, something like
window.tabID , which will be filled by browser and application
developers could use it to share session or prevent of multitab
accessing to one session etc.
Can I ask what will be solution for "separate sessions" you are speaking about?
Thank you.
2009/11/9 Benjamin Smedberg <benj...@smedbergs.us>:
Peter Schmidt
> prepare for multitab access. So we definitely would turn it on. Users
> computers are installed from image and fully under control of admins,
> it will be easy to configure all browsers for all users in that way.
I think its possible to provide this feature with an extension, which
you can install in your image.