[Seaside-dev] Issue 96 in seaside: some fancier methods built in
for how sessions expire
codesite-noreply at google.com
codesite-noreply at google.com
Sun Jul 13 18:28:21 UTC 2008
Issue 96: some fancier methods built in for how sessions expire
http://code.google.com/p/seaside/issues/detail?id=96
Comment #2 by ramon.leon:
A good example would be running an adwords campaign on a PPC site, some
the tools people use for
managing their campaigns are stupid and spider the hell out of
thousands of urls on your site to reasons I'm
not fully aware of but I'm guessing to get the content and auto suggest
keywords and such.
These things tend to hit your server once, maybe twice if they follow a
redirect after a cookie, and that's it,
that session will never be used again. A user however, tends to hit
the site more than twice, so maybe make
them earn their session time out a bit. Maybe there's a lower bound
like 2 minutes for the first couple of hits
but once they hit more than 3 times the timeout starts climbing up to
the upperbound.
I could think of a better solution if JavaScript were allowed, bots
don't tend to run it JavaScript, so a single
initial JavaScript xmlhttp request could be kicked out at the beginning
of a new session and that callback
being activated could validate this is likely a real user in a browser
and immediately kick the session timeout
to the upperbound, otherwise the session could timeout very fast, say 1 minute.
I think the latter solution would work better, but I don't know how
general it'd be, but it'd be a nice option to
have and bots wouldn't be such a problem. I've had rouge bots knock
down my site several times. It resets
itself automatically of course, but that kills all the current users
sessions, some of which might have been in
the middle of trying to give me their money!
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
More information about the seaside-dev
mailing list