Hello, I experience strange repeatedly reloading of webpages in IE9 (for Windows 7) e.g. http://www.reactive-web.co.cc/ http://demo.liftweb.net/ In Firefox it works normally. -- -- Lift, the simply functional web framework: http://liftweb.net Code: http://github.com/lift Discussion: http://groups.google.com/group/liftweb Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
I'm not seeing that behavior in my copy of IE 9. Although it would seem to suggest something went wrong with the comets. :\
On Wednesday, June 13, 2012 5:17:20 AM UTC-4, Dave wrote:
Hello,--
I experience strange repeatedly reloading of webpages in IE9 (for
Windows 7) e.g.
http://www.reactive-web.co.cc/
http://demo.liftweb.net/
In Firefox it works normally.
Hello,
I experience strange repeatedly reloading of webpages in IE9 (for
Windows 7) e.g.
http://www.reactive-web.co.cc/
http://demo.liftweb.net/
In Firefox it works normally.
--
Lift, the simply functional web framework: http://liftweb.net
Code: http://github.com/lift
Discussion: http://groups.google.com/group/liftweb
Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
Yes, I have disabled cookies in IE by default for security and privacy reasons (unless it is really necessary like logging in, I allow it). On 13 jun, 20:02, David Pollak <feeder.of.the.be...@...> wrote: > On Wed, Jun 13, 2012 at 2:17 AM, Dave <dave.mahabiers...@...> wrote: > > Hello, > > I experience strange repeatedly reloading of webpages in IE9 (for > > Windows 7) e.g. > >http://www.reactive-web.co.cc/ > >http://demo.liftweb.net/ > > Did you disable cookies? > > > In Firefox it works normally. > > > -- > > Lift, the simply functional web framework:http://liftweb.net > > Code:http://github.com/lift > > Discussion:http://groups.google.com/group/liftweb > > Stuck? Help us help you: > >https://www.assembla.com/wiki/show/liftweb/Posting_example_code > > -- > Telegram, Simply Beautiful CMShttps://telegr.am > Lift, the simply functional web frameworkhttp://liftweb.net > Follow me:http://twitter.com/dpp > Blog:http://goodstuff.im -- -- Lift, the simply functional web framework: http://liftweb.net Code: http://github.com/lift Discussion: http://groups.google.com/group/liftweb Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
In Firefox I get while opening http://www.reactive-web.co.cc/ as AVG Resident Shield message c:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\op5wec2.default \cookies.sqlite Found Tracking cookie Atdmt I see in Firefox that there is a session cookie stored from http://demo.liftweb.net/ On 13 jun, 23:15, Dave <dave.mahabiers...@...> wrote: > Yes, I have disabled cookies in IE by default for security and privacy > reasons (unless it is really necessary like logging in, I allow it). > > On 13 jun, 20:02, David Pollak <feeder.of.the.be...@...> wrote: > > > > > On Wed, Jun 13, 2012 at 2:17 AM, Dave <dave.mahabiers...@...> wrote: > > > Hello, > > > I experience strange repeatedly reloading of webpages in IE9 (for > > > Windows 7) e.g. > > >http://www.reactive-web.co.cc/ > > >http://demo.liftweb.net/ > > > Did you disable cookies? > > > > In Firefox it works normally. > > > > -- > > > Lift, the simply functional web framework:http://liftweb.net > > > Code:http://github.com/lift > > > Discussion:http://groups.google.com/group/liftweb > > > Stuck? Help us help you: > > >https://www.assembla.com/wiki/show/liftweb/Posting_example_code > > > -- > > Telegram, Simply Beautiful CMShttps://telegr.am > > Lift, the simply functional web frameworkhttp://liftweb.net > > Follow me:http://twitter.com/dpp > > Blog:http://goodstuff.im- Tekst uit oorspronkelijk bericht niet weergeven - > > - Tekst uit oorspronkelijk bericht weergeven - -- -- Lift, the simply functional web framework: http://liftweb.net Code: http://github.com/lift Discussion: http://groups.google.com/group/liftweb Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
Yes, I have disabled cookies in IE by default for security and privacy
reasons (unless it is really necessary like logging in, I allow it).
On 13 jun, 20:02, David Pollak <feeder.of.the.be...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> On Wed, Jun 13, 2012 at 2:17 AM, Dave <dave.mahabiers...-PkbjNfxxIARBDgjK7y7TUQ@public.gmane.org> wrote:> Telegram, Simply Beautiful CMShttps://telegr.am
> > Hello,
> > I experience strange repeatedly reloading of webpages in IE9 (for
> > Windows 7) e.g.
> >http://www.reactive-web.co.cc/
> >http://demo.liftweb.net/
>
> Did you disable cookies?
>
> > In Firefox it works normally.
>
> > --
> > Lift, the simply functional web framework:http://liftweb.net
> > Code:http://github.com/lift
> > Discussion:http://groups.google.com/group/liftweb
> > Stuck? Help us help you:
> >https://www.assembla.com/wiki/show/liftweb/Posting_example_code
>
> --
> Lift, the simply functional web frameworkhttp://liftweb.net
--
Lift, the simply functional web framework: http://liftweb.net
Code: http://github.com/lift
Discussion: http://groups.google.com/group/liftweb
Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
If I want to make a cookie free website with comet (or other functionality) is this possible in liftweb (or reactive web)? Except if the visitor is creating an account/logging in then a session cookie may be created (but if possible that should be avoided too), but then the visitor is warned first to allow cookies (so an opt-in functionality for cookies). So it is never allowed to write cookies unseen and/or not allowed by the visitor. Or is that never going to work? On 13 jun, 23:26, David Pollak <feeder.of.the.be...@...> wrote: > On Wed, Jun 13, 2012 at 2:15 PM, Dave <dave.mahabiers...@...> wrote: > > Yes, I have disabled cookies in IE by default for security and privacy > > reasons (unless it is really necessary like logging in, I allow it). > > And therein lies the issue. If there's no cookies, then the Comet stuff > doesn't see a session and causes a full reload of the page. > > > > > > > > > On 13 jun, 20:02, David Pollak <feeder.of.the.be...@...> wrote: > > > On Wed, Jun 13, 2012 at 2:17 AM, Dave <dave.mahabiers...@...> > > wrote: > > > > Hello, > > > > I experience strange repeatedly reloading of webpages in IE9 (for > > > > Windows 7) e.g. > > > >http://www.reactive-web.co.cc/ > > > >http://demo.liftweb.net/ > > > > Did you disable cookies? > > > > > In Firefox it works normally. > > > > > -- > > > > Lift, the simply functional web framework:http://liftweb.net > > > > Code:http://github.com/lift > > > > Discussion:http://groups.google.com/group/liftweb > > > > Stuck? Help us help you: > > > >https://www.assembla.com/wiki/show/liftweb/Posting_example_code > > > > -- > > > Telegram, Simply Beautiful CMShttps://telegr.am > > > Lift, the simply functional web frameworkhttp://liftweb.net > > > Follow me:http://twitter.com/dpp > > > Blog:http://goodstuff.im > > > -- > > Lift, the simply functional web framework:http://liftweb.net > > Code:http://github.com/lift > > Discussion:http://groups.google.com/group/liftweb > > Stuck? Help us help you: > >https://www.assembla.com/wiki/show/liftweb/Posting_example_code > > -- > Telegram, Simply Beautiful CMShttps://telegr.am > Lift, the simply functional web frameworkhttp://liftweb.net > Follow me:http://twitter.com/dpp > Blog:http://goodstuff.im- Tekst uit oorspronkelijk bericht niet weergeven - > > - Tekst uit oorspronkelijk bericht weergeven - -- -- Lift, the simply functional web framework: http://liftweb.net Code: http://github.com/lift Discussion: http://groups.google.com/group/liftweb Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
If I want to make a cookie free website with comet (or other
functionality) is this possible in liftweb (or reactive web)?
Except if the visitor is creating an account/logging in then a session
cookie may be created (but if possible that should be avoided too),
but then the visitor is warned first to allow cookies (so an opt-in
functionality for cookies).
So it is never allowed to write cookies unseen and/or not allowed by
the visitor.
Or is that never going to work?
On 13 jun, 23:26, David Pollak <feeder.of.the.be...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> On Wed, Jun 13, 2012 at 2:15 PM, Dave <dave.mahabiers... <at> hotmail.com> wrote:
> > Yes, I have disabled cookies in IE by default for security and privacy
> > reasons (unless it is really necessary like logging in, I allow it).
>
> And therein lies the issue. If there's no cookies, then the Comet stuff
> doesn't see a session and causes a full reload of the page.
>
>
>
>
>
>
>
> > On 13 jun, 20:02, David Pollak <feeder.of.the.be...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
> > > On Wed, Jun 13, 2012 at 2:17 AM, Dave <dave.mahabiers...-PkbjNfxxIARBDgjK7y7TUQ@public.gmane.org>
> > wrote:
> > > > Hello,
> > > > I experience strange repeatedly reloading of webpages in IE9 (for
> > > > Windows 7) e.g.
> > > >http://www.reactive-web.co.cc/
> > > >http://demo.liftweb.net/
>
> > > Did you disable cookies?
>
> > > > In Firefox it works normally.
>
> > > > --
> > > > Lift, the simply functional web framework:http://liftweb.net
> > > > Code:http://github.com/lift
> > > > Discussion:http://groups.google.com/group/liftweb
> > > > Stuck? Help us help you:
> > > >https://www.assembla.com/wiki/show/liftweb/Posting_example_code
>
> > > --
> > > Telegram, Simply Beautiful CMShttps://telegr.am
> > > Lift, the simply functional web frameworkhttp://liftweb.net
> > > Follow me:http://twitter.com/dpp
> > > Blog:http://goodstuff.im
>
> > --
> > Lift, the simply functional web framework:http://liftweb.net
> > Code:http://github.com/lift
> > Discussion:http://groups.google.com/group/liftweb
> > Stuck? Help us help you:
> >https://www.assembla.com/wiki/show/liftweb/Posting_example_code
>
> --
> Telegram, Simply Beautiful CMShttps://telegr.am
> Lift, the simply functional web frameworkhttp://liftweb.net
> Follow me:http://twitter.com/dpp
> Blog:http://goodstuff.im- Tekst uit oorspronkelijk bericht niet weergeven -
>
> - Tekst uit oorspronkelijk bericht weergeven -
--
Lift, the simply functional web framework: http://liftweb.net
Code: http://github.com/lift
Discussion: http://groups.google.com/group/liftweb
Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
If I want to make a cookie free website with comet (or other
functionality) is this possible in liftweb (or reactive web)?
On Thu, Jun 14, 2012 at 8:13 AM, Naftoli Gugenheim <naftoligug@...> wrote: > > > On Wed, Jun 13, 2012 at 6:01 PM, Dave <dave.mahabiersing@...> wrote: >> >> If I want to make a cookie free website with comet (or other >> functionality) is this possible in liftweb (or reactive web)? > > > > You can't have a servlet container session without cookies --- can you > enable cookies named JSESSIONID for all sites? > Otherwise you need to deal on a much lower level, maybe with raw web > sockets. That is not correct. Most (all?) servlet containers support cookie-less sessions (e.g. http://www.mojavelinux.com/blog/archives/2006/11/disabling_session_cookies_in_jetty/). But this requires all URLs to go through an "encodeURL" method to append the session id to the URL. /Jeppe -- -- Lift, the simply functional web framework: http://liftweb.net Code: http://github.com/lift Discussion: http://groups.google.com/group/liftweb Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
That is not correct. Most (all?) servlet containers supportOn Thu, Jun 14, 2012 at 8:13 AM, Naftoli Gugenheim <naftoligug-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
>
> On Wed, Jun 13, 2012 at 6:01 PM, Dave <dave.mahabiersing-PkbjNfxxIARBDgjK7y7TUQ@public.gmane.org> wrote:
>>
>> If I want to make a cookie free website with comet (or other
>> functionality) is this possible in liftweb (or reactive web)?
>
>
>
> You can't have a servlet container session without cookies --- can you
> enable cookies named JSESSIONID for all sites?
> Otherwise you need to deal on a much lower level, maybe with raw web
> sockets.
cookie-less sessions (e.g.
http://www.mojavelinux.com/blog/archives/2006/11/disabling_session_cookies_in_jetty/).
But this requires all URLs to go through an "encodeURL" method to
append the session id to the URL.
/Jeppe
--
Lift, the simply functional web framework: http://liftweb.net
Code: http://github.com/lift
Discussion: http://groups.google.com/group/liftweb
Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
On Thu, Jun 14, 2012 at 10:55 AM, Naftoli Gugenheim <naftoligug@...> wrote: > Oh, so is there any reason comet, etc., wouldn't work for the OP with that > configured? In theory no, but it requires all URL-generating functions are passed through the encodeURL function (to append the jsessionid parameter) and afaik, this is not done in Lift. /Jeppe > > On Thu, Jun 14, 2012 at 4:42 AM, Jeppe Nejsum Madsen <jeppe@...> > wrote: >> >> On Thu, Jun 14, 2012 at 8:13 AM, Naftoli Gugenheim <naftoligug@...> >> wrote: >> > >> > >> > On Wed, Jun 13, 2012 at 6:01 PM, Dave <dave.mahabiersing@...> >> > wrote: >> >> >> >> If I want to make a cookie free website with comet (or other >> >> functionality) is this possible in liftweb (or reactive web)? >> > >> > >> > >> > You can't have a servlet container session without cookies --- can you >> > enable cookies named JSESSIONID for all sites? >> > Otherwise you need to deal on a much lower level, maybe with raw web >> > sockets. >> >> That is not correct. Most (all?) servlet containers support >> cookie-less sessions (e.g. >> >> http://www.mojavelinux.com/blog/archives/2006/11/disabling_session_cookies_in_jetty/). >> But this requires all URLs to go through an "encodeURL" method to >> append the session id to the URL. >> >> /Jeppe >> >> -- >> Lift, the simply functional web framework: http://liftweb.net >> Code: http://github.com/lift >> Discussion: http://groups.google.com/group/liftweb >> Stuck? Help us help you: >> https://www.assembla.com/wiki/show/liftweb/Posting_example_code > > > -- > Lift, the simply functional web framework: http://liftweb.net > Code: http://github.com/lift > Discussion: http://groups.google.com/group/liftweb > Stuck? Help us help you: > https://www.assembla.com/wiki/show/liftweb/Posting_example_code -- -- Lift, the simply functional web framework: http://liftweb.net Code: http://github.com/lift Discussion: http://groups.google.com/group/liftweb Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
Hi Naftoli, Jeppe, my question is related to the EU Cookie Law http://www.ico.gov.uk/news/blog/2012/updated-ico-advice-guidance-e-privacy-directive-eu-cookie-law.aspx I was wondering if there is some facility for that in LiftWeb (or Reactive Web) but the answer seems to be no. The ICO itself seems to have a banner in which you can only accept cookies, probably that is the only solution. The problem is that browsers by default accept all cookies so it would be handy to have some control of what the website + 3rd parties using the website is sending to the visitor, because before the visitor can see the notification banner the cookies are already written to the client computer. Probably comet is falling under the exemptions since it is more a technology: "Exemptions from the right to refuse a cookie The Regulations specify that service providers should not have to provide the information and obtain consent where that device is to be used: •for the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communications network; or •where such storage or access is strictly necessary to provide an information society service requested by the subscriber or user." IMO The first exemption would be things like comet and second exemption would be a shopping cart and login account. I have to read the ICO's cookies guidance pdf of what is exempted and what is not because I just found it. For instance if a facebook (or any other web 2.0 social medium) user uploads a you tube video or link which can set a cookie is the facebook user responsible or facebook or youtube? Facebook user has no control over it and facebook doesn't know about it. Fine can be up to £500,000, though. On 14 jun, 12:28, Jeppe Nejsum Madsen <je...@...> wrote: > On Thu, Jun 14, 2012 at 10:55 AM, Naftoli Gugenheim > > <naftoli...@...> wrote: > > Oh, so is there any reason comet, etc., wouldn't work for the OP with that > > configured? > > In theory no, but it requires all URL-generating functions are passed > through the encodeURL function (to append the jsessionid parameter) > and afaik, this is not done in Lift. > > /Jeppe > > > > > > > On Thu, Jun 14, 2012 at 4:42 AM, Jeppe Nejsum Madsen <je...@...> > > wrote: > > >> On Thu, Jun 14, 2012 at 8:13 AM, Naftoli Gugenheim <naftoli... <at> gmail.com> > >> wrote: > > >> > On Wed, Jun 13, 2012 at 6:01 PM, Dave <dave.mahabiers...@...> > >> > wrote: > > >> >> If I want to make a cookie free website with comet (or other > >> >> functionality) is this possible in liftweb (or reactive web)? > > >> > You can't have a servlet container session without cookies --- can you > >> > enable cookies named JSESSIONID for all sites? > >> > Otherwise you need to deal on a much lower level, maybe with raw web > >> > sockets. > > >> That is not correct. Most (all?) servlet containers support > >> cookie-less sessions (e.g. > > >>http://www.mojavelinux.com/blog/archives/2006/11/disabling_session_co...). > >> But this requires all URLs to go through an "encodeURL" method to > >> append the session id to the URL. > > >> /Jeppe > > >> -- > >> Lift, the simply functional web framework:http://liftweb.net > >> Code:http://github.com/lift > >> Discussion:http://groups.google.com/group/liftweb > >> Stuck? Help us help you: > >>https://www.assembla.com/wiki/show/liftweb/Posting_example_code > > > -- > > Lift, the simply functional web framework:http://liftweb.net > > Code:http://github.com/lift > > Discussion:http://groups.google.com/group/liftweb > > Stuck? Help us help you: > >https://www.assembla.com/wiki/show/liftweb/Posting_example_code- Tekst uit oorspronkelijk bericht niet weergeven - > > - Tekst uit oorspronkelijk bericht weergeven - -- -- Lift, the simply functional web framework: http://liftweb.net Code: http://github.com/lift Discussion: http://groups.google.com/group/liftweb Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
Luckily, there are some countries that implemented this EU regulation in a bit better manner (for those who don't understand, EU regulations are not the law itself, but the request for member countries to implement such regulation in their laws). In Slovakia, our law says, that agreement of a user can be also given in form of a particular browser setting. Thus I assume, that if user sets his browser to accepts all cookies that belong to a domain (a default in most browsers), then he agrees :) Anyways, there already are forces in EU parliament to vote this down, so personally I'm not giving this regulation a very long lifetime. On Jun 14, 2012, at 14:22 , Dave wrote: > Hi Naftoli, Jeppe, > > my question is related to the EU Cookie Law > http://www.ico.gov.uk/news/blog/2012/updated-ico-advice-guidance-e-privacy-directive-eu-cookie-law.aspx > > I was wondering if there is some facility for that in LiftWeb (or > Reactive Web) but the answer seems to be no. > The ICO itself seems to have a banner in which you can only accept > cookies, probably that is the only solution. > The problem is that browsers by default accept all cookies so it would > be handy to have some control of what the website + 3rd parties using > the website is sending to the visitor, because before the visitor can > see the notification banner the cookies are already written to the > client computer. > > Probably comet is falling under the exemptions since it is more a > technology: > > "Exemptions from the right to refuse a cookie > > The Regulations specify that service providers should not have to > provide the information and obtain consent where that device is to be > used: > •for the sole purpose of carrying out or facilitating the transmission > of a communication over an electronic communications network; or > •where such storage or access is strictly necessary to provide an > information society service requested by the subscriber or user." > > IMO The first exemption would be things like comet and second > exemption would be a shopping cart and login account. > > I have to read the ICO's cookies guidance pdf of what is exempted and > what is not because I just found it. > > For instance if a facebook (or any other web 2.0 social medium) user > uploads a you tube video or link which can set a cookie is the > facebook user responsible or facebook or youtube? Facebook user has no > control over it and facebook doesn't know about it. > > Fine can be up to £500,000, though. > > > > > On 14 jun, 12:28, Jeppe Nejsum Madsen <je...@...> wrote: >> On Thu, Jun 14, 2012 at 10:55 AM, Naftoli Gugenheim >> >> <naftoli...@...> wrote: >>> Oh, so is there any reason comet, etc., wouldn't work for the OP with that >>> configured? >> >> In theory no, but it requires all URL-generating functions are passed >> through the encodeURL function (to append the jsessionid parameter) >> and afaik, this is not done in Lift. >> >> /Jeppe >> >> >> >> >> >>> On Thu, Jun 14, 2012 at 4:42 AM, Jeppe Nejsum Madsen <je...@...> >>> wrote: >> >>>> On Thu, Jun 14, 2012 at 8:13 AM, Naftoli Gugenheim <naftoli... <at> gmail.com> >>>> wrote: >> >>>>> On Wed, Jun 13, 2012 at 6:01 PM, Dave <dave.mahabiers...@...> >>>>> wrote: >> >>>>>> If I want to make a cookie free website with comet (or other >>>>>> functionality) is this possible in liftweb (or reactive web)? >> >>>>> You can't have a servlet container session without cookies --- can you >>>>> enable cookies named JSESSIONID for all sites? >>>>> Otherwise you need to deal on a much lower level, maybe with raw web >>>>> sockets. >> >>>> That is not correct. Most (all?) servlet containers support >>>> cookie-less sessions (e.g. >> >>>> http://www.mojavelinux.com/blog/archives/2006/11/disabling_session_co...). >>>> But this requires all URLs to go through an "encodeURL" method to >>>> append the session id to the URL. >> >>>> /Jeppe >> >>>> -- >>>> Lift, the simply functional web framework:http://liftweb.net >>>> Code:http://github.com/lift >>>> Discussion:http://groups.google.com/group/liftweb >>>> Stuck? Help us help you: >>>> https://www.assembla.com/wiki/show/liftweb/Posting_example_code >> >>> -- >>> Lift, the simply functional web framework:http://liftweb.net >>> Code:http://github.com/lift >>> Discussion:http://groups.google.com/group/liftweb >>> Stuck? Help us help you: >>> https://www.assembla.com/wiki/show/liftweb/Posting_example_code- Tekst uit oorspronkelijk bericht niet weergeven - >> >> - Tekst uit oorspronkelijk bericht weergeven - > > -- > Lift, the simply functional web framework: http://liftweb.net > Code: http://github.com/lift > Discussion: http://groups.google.com/group/liftweb > Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code -- -- Lift, the simply functional web framework: http://liftweb.net Code: http://github.com/lift Discussion: http://groups.google.com/group/liftweb Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
I am here in The Netherlands and the Dutch version of ICO is called Opta. Relying on Do Not Track technology in the browser is not allowed yet. The cookie law is here active from June, 5th 2012 and the fine is in euros upto € 450 000. And I finally found its info document too, although very concise. Fortunately the rules and exemptions are the same as ICO AFAIK so I find that pdf and site better. ICO is not in the beginning fining everybody, but wants to guide first to get the websites cookie law compliant so I hope that counts for Opta too. http://www.ico.gov.uk/news/blog/2012/~/media/documents/library/Privacy_and_electronic/Practical_application/cookies_guidance_v3.ashx http://www.opta.nl/nl/download/publicatie/?id=3595 On 14 jun, 17:22, Ján Raska <ras...@...> wrote: > Luckily, there are some countries that implemented this EU regulation in a bit better manner (for those who don't understand, EU regulations are not the law itself, but the request for member countries to implement such regulation in their laws). In Slovakia, our law says, that agreement of a user can be also given in form of a particular browser setting. Thus I assume, that if user sets his browser to accepts all cookies that belong to a domain (a default in most browsers), then he agrees :) > > Anyways, there already are forces in EU parliament to vote this down, so personally I'm not giving this regulation a very long lifetime. > > On Jun 14, 2012, at 14:22 , Dave wrote: > > > > > Hi Naftoli, Jeppe, > > > my question is related to the EU Cookie Law > >http://www.ico.gov.uk/news/blog/2012/updated-ico-advice-guidance-e-pr... > > > I was wondering if there is some facility for that in LiftWeb (or > > Reactive Web) but the answer seems to be no. > > The ICO itself seems to have a banner in which you can only accept > > cookies, probably that is the only solution. > > The problem is that browsers by default accept all cookies so it would > > be handy to have some control of what the website + 3rd parties using > > the website is sending to the visitor, because before the visitor can > > see the notification banner the cookies are already written to the > > client computer. > > > Probably comet is falling under the exemptions since it is more a > > technology: > > > "Exemptions from the right to refuse a cookie > > > The Regulations specify that service providers should not have to > > provide the information and obtain consent where that device is to be > > used: > > •for the sole purpose of carrying out or facilitating the transmission > > of a communication over an electronic communications network; or > > •where such storage or access is strictly necessary to provide an > > information society service requested by the subscriber or user." > > > IMO The first exemption would be things like comet and second > > exemption would be a shopping cart and login account. > > > I have to read the ICO's cookies guidance pdf of what is exempted and > > what is not because I just found it. > > > For instance if a facebook (or any other web 2.0 social medium) user > > uploads a you tube video or link which can set a cookie is the > > facebook user responsible or facebook or youtube? Facebook user has no > > control over it and facebook doesn't know about it. > > > Fine can be up to £500,000, though. > > > On 14 jun, 12:28, Jeppe Nejsum Madsen <je...@...> wrote: > >> On Thu, Jun 14, 2012 at 10:55 AM, Naftoli Gugenheim > > >> <naftoli...@...> wrote: > >>> Oh, so is there any reason comet, etc., wouldn't work for the OP with that > >>> configured? > > >> In theory no, but it requires all URL-generating functions are passed > >> through the encodeURL function (to append the jsessionid parameter) > >> and afaik, this is not done in Lift. > > >> /Jeppe > > >>> On Thu, Jun 14, 2012 at 4:42 AM, Jeppe Nejsum Madsen <je... <at> ingolfs.dk> > >>> wrote: > > >>>> On Thu, Jun 14, 2012 at 8:13 AM, Naftoli Gugenheim <naftoli... <at> gmail.com> > >>>> wrote: > > >>>>> On Wed, Jun 13, 2012 at 6:01 PM, Dave <dave.mahabiers...@...m> > >>>>> wrote: > > >>>>>> If I want to make a cookie free website with comet (or other > >>>>>> functionality) is this possible in liftweb (or reactive web)? > > >>>>> You can't have a servlet container session without cookies --- can you > >>>>> enable cookies named JSESSIONID for all sites? > >>>>> Otherwise you need to deal on a much lower level, maybe with raw web > >>>>> sockets. > > >>>> That is not correct. Most (all?) servlet containers support > >>>> cookie-less sessions (e.g. > > >>>>http://www.mojavelinux.com/blog/archives/2006/11/disabling_session_co...). > >>>> But this requires all URLs to go through an "encodeURL" method to > >>>> append the session id to the URL. > > >>>> /Jeppe > > >>>> -- > >>>> Lift, the simply functional web framework:http://liftweb.net > >>>> Code:http://github.com/lift > >>>> Discussion:http://groups.google.com/group/liftweb > >>>> Stuck? Help us help you: > >>>>https://www.assembla.com/wiki/show/liftweb/Posting_example_code > > >>> -- > >>> Lift, the simply functional web framework:http://liftweb.net > >>> Code:http://github.com/lift > >>> Discussion:http://groups.google.com/group/liftweb > >>> Stuck? Help us help you: > >>>https://www.assembla.com/wiki/show/liftweb/Posting_example_code-Tekst uit oorspronkelijk bericht niet weergeven - > > >> - Tekst uit oorspronkelijk bericht weergeven - > > > -- > > Lift, the simply functional web framework:http://liftweb.net > > Code:http://github.com/lift > > Discussion:http://groups.google.com/group/liftweb > > Stuck? Help us help you:https://www.assembla.com/wiki/show/liftweb/Posting_example_code- Tekst uit oorspronkelijk bericht niet weergeven - > > - Tekst uit oorspronkelijk bericht weergeven - -- -- Lift, the simply functional web framework: http://liftweb.net Code: http://github.com/lift Discussion: http://groups.google.com/group/liftweb Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
>and the Dutch version of ICO is called Opta. I should write it as OPTA -- -- Lift, the simply functional web framework: http://liftweb.net Code: http://github.com/lift Discussion: http://groups.google.com/group/liftweb Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
I was wondering if there is some facility for that in LiftWeb (or
Reactive Web) but the answer seems to be no.
It may be possible to do this using a responseTransformer… Basically hunt down all hrefs and srcs and run them through whatever function. But you'd have to tweak the actual comet paths as well, which may be doable by playing with the LiftRules.ajaxPath and LiftRules.cometPath variables. The problem is these are static variables instead of functions or factories (so they're not generated per-session or anything).
On Thu, Jun 14, 2012 at 10:55 AM, Naftoli Gugenheim
<naftoligug <at> gmail.com> wrote:
> Oh, so is there any reason comet, etc., wouldn't work for the OP with that
> configured?
In theory no, but it requires all URL-generating functions are passed
through the encodeURL function (to append the jsessionid parameter)
and afaik, this is not done in Lift.
/Jeppe
>
> On Thu, Jun 14, 2012 at 4:42 AM, Jeppe Nejsum Madsen <jeppe-zTGxYsZTMdB/SzgSGea1oA@public.gmane.org>
> wrote:
>>
>> On Thu, Jun 14, 2012 at 8:13 AM, Naftoli Gugenheim <naftoligug-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
>> wrote:
>> >
>> >
>> > On Wed, Jun 13, 2012 at 6:01 PM, Dave <dave.mahabiersing <at> hotmail.com>
>> > wrote:
>> >>
>> >> If I want to make a cookie free website with comet (or other
>> >> functionality) is this possible in liftweb (or reactive web)?
>> >
>> >
>> >
>> > You can't have a servlet container session without cookies --- can you
>> > enable cookies named JSESSIONID for all sites?
>> > Otherwise you need to deal on a much lower level, maybe with raw web
>> > sockets.
>>
>> That is not correct. Most (all?) servlet containers support
>> cookie-less sessions (e.g.
>>
>> http://www.mojavelinux.com/blog/archives/2006/11/disabling_session_cookies_in_jetty/).
>> But this requires all URLs to go through an "encodeURL" method to
>> append the session id to the URL.
>>
>> /Jeppe
>>
>> --
>> Lift, the simply functional web framework: http://liftweb.net
>> Code: http://github.com/lift
>> Discussion: http://groups.google.com/group/liftweb
>> Stuck? Help us help you:
>> https://www.assembla.com/wiki/show/liftweb/Posting_example_code
>
>
> --
> Lift, the simply functional web framework: http://liftweb.net
> Code: http://github.com/lift
> Discussion: http://groups.google.com/group/liftweb
> Stuck? Help us help you:
> https://www.assembla.com/wiki/show/liftweb/Posting_example_code
Thanks Antonio, that might be an elegant way to handle a cookie blocking situation for comet. On 14 jun, 20:00, Antonio Salazar Cardozo <savedfastc...@...> wrote: > It may be possible to do this using a responseTransformer… Basically hunt > down all hrefs and srcs and run them through whatever function. But you'd > have to tweak the actual comet paths as well, which may be doable by > playing with the LiftRules.ajaxPath and LiftRules.cometPath variables. The > problem is these are static variables instead of functions or factories (so > they're not generated per-session or anything). > > More to the point, you can set things up so that instead of reloading the > page, a lack of comets leads to an error message. If you turn off > LiftRules.redirectAjaxOnSessionLoss, the page will instead of reloading be > directed to a URI of your choice. You set the URI to redirect to using > LiftRules.noCometSessionPage. At some point I want to make this > noCometSessionCmd, so that you can actually use arbitrary JS instead of > only being able to redirect. > > So it is possible to set it up so that when this error condition comes up, > the user is sent to an error message page that explains the problem (and > requests that they go through whatever process to allow your cookies). > > Hope that helps! > Thanks, > Antonio > > > > On Thursday, June 14, 2012 6:28:14 AM UTC-4, Jeppe Nejsum Madsen wrote: > > > On Thu, Jun 14, 2012 at 10:55 AM, Naftoli Gugenheim > > <naftoli...@...> wrote: > > > Oh, so is there any reason comet, etc., wouldn't work for the OP with > > that > > > configured? > > > In theory no, but it requires all URL-generating functions are passed > > through the encodeURL function (to append the jsessionid parameter) > > and afaik, this is not done in Lift. > > > /Jeppe > > > > On Thu, Jun 14, 2012 at 4:42 AM, Jeppe Nejsum Madsen <je... <at> ingolfs.dk> > > > wrote: > > > >> On Thu, Jun 14, 2012 at 8:13 AM, Naftoli Gugenheim < > > naftoli...@...> > > >> wrote: > > > >> > On Wed, Jun 13, 2012 at 6:01 PM, Dave <dave.mahabiers... <at> hotmail.com> > > > >> > wrote: > > > >> >> If I want to make a cookie free website with comet (or other > > >> >> functionality) is this possible in liftweb (or reactive web)? > > > >> > You can't have a servlet container session without cookies --- can > > you > > >> > enable cookies named JSESSIONID for all sites? > > >> > Otherwise you need to deal on a much lower level, maybe with raw web > > >> > sockets. > > > >> That is not correct. Most (all?) servlet containers support > > >> cookie-less sessions (e.g. > > >http://www.mojavelinux.com/blog/archives/2006/11/disabling_session_co...). > > > >> But this requires all URLs to go through an "encodeURL" method to > > >> append the session id to the URL. > > > >> /Jeppe > > > >> -- > > >> Lift, the simply functional web framework:http://liftweb.net > > >> Code:http://github.com/lift > > >> Discussion:http://groups.google.com/group/liftweb > > >> Stuck? Help us help you: > > >>https://www.assembla.com/wiki/show/liftweb/Posting_example_code > > > > -- > > > Lift, the simply functional web framework:http://liftweb.net > > > Code:http://github.com/lift > > > Discussion:http://groups.google.com/group/liftweb > > > Stuck? Help us help you: > > >https://www.assembla.com/wiki/show/liftweb/Posting_example_code- Tekst uit oorspronkelijk bericht niet weergeven - > > - Tekst uit oorspronkelijk bericht weergeven - -- -- Lift, the simply functional web framework: http://liftweb.net Code: http://github.com/lift Discussion: http://groups.google.com/group/liftweb Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
The only issue you run into is that the redirectAjaxOnSessionLoss/noCometSessionPage combination is not only hit when there are no cookies, it's also hit when your session expires. So if someone is on your site, shuts their laptop, leaves for 20 minutes (so the session and comets die), pops open their laptop, you'll be hitting the above flow. This is why it's even better with noCometSessionCmd, so that you can call a function that will know if you already had a successful comet connection.
Thanks Antonio,
that might be an elegant way to handle a cookie blocking situation for
comet.
On 14 jun, 20:00, Antonio Salazar Cardozo <savedfastc...-Re5JQEeQqe8@public.gmane.orgm>
wrote:
> It may be possible to do this using a responseTransformer… Basically hunt
> down all hrefs and srcs and run them through whatever function. But you'd
> have to tweak the actual comet paths as well, which may be doable by
> playing with the LiftRules.ajaxPath and LiftRules.cometPath variables. The
> problem is these are static variables instead of functions or factories (so
> they're not generated per-session or anything).
>
> More to the point, you can set things up so that instead of reloading the
> page, a lack of comets leads to an error message. If you turn off
> LiftRules.redirectAjaxOnSessionLoss, the page will instead of reloading be
> directed to a URI of your choice. You set the URI to redirect to using
> LiftRules.noCometSessionPage. At some point I want to make this
> noCometSessionCmd, so that you can actually use arbitrary JS instead of
> only being able to redirect.
>
> So it is possible to set it up so that when this error condition comes up,
> the user is sent to an error message page that explains the problem (and
> requests that they go through whatever process to allow your cookies).
>
> Hope that helps!
> Thanks,
> Antonio
>
>
>
> On Thursday, June 14, 2012 6:28:14 AM UTC-4, Jeppe Nejsum Madsen wrote:
>
> > On Thu, Jun 14, 2012 at 10:55 AM, Naftoli Gugenheim
> > <naftoli...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
> > > Oh, so is there any reason comet, etc., wouldn't work for the OP with
> > that
> > > configured?
>
> > In theory no, but it requires all URL-generating functions are passed
> > through the encodeURL function (to append the jsessionid parameter)
> > and afaik, this is not done in Lift.
>
> > /Jeppe
>
> > > On Thu, Jun 14, 2012 at 4:42 AM, Jeppe Nejsum Madsen <je...-zTGxYsZTMdB/SzgSGea1oA@public.gmane.org>
> > > wrote:
>
> > >> On Thu, Jun 14, 2012 at 8:13 AM, Naftoli Gugenheim <
> > naftoli...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
> > >> wrote:
>
> > >> > On Wed, Jun 13, 2012 at 6:01 PM, Dave <dave.mahabiers...-PkbjNfxxIARBDgjK7y7TUQ@public.gmane.org>
>
> > >> > wrote:
>
> > >> >> If I want to make a cookie free website with comet (or other
> > >> >> functionality) is this possible in liftweb (or reactive web)?
>
> > >> > You can't have a servlet container session without cookies --- can
> > you
> > >> > enable cookies named JSESSIONID for all sites?
> > >> > Otherwise you need to deal on a much lower level, maybe with raw web
> > >> > sockets.
>
> > >> That is not correct. Most (all?) servlet containers support
> > >> cookie-less sessions (e.g.
>
> >http://www.mojavelinux.com/blog/archives/2006/11/disabling_session_co...).
>
> > >> But this requires all URLs to go through an "encodeURL" method to
> > >> append the session id to the URL.
>
> > >> /Jeppe
>
> > >> --
> > >> Lift, the simply functional web framework:http://liftweb.net
> > >> Code:http://github.com/lift
> > >> Discussion:http://groups.google.com/group/liftweb
> > >> Stuck? Help us help you:
> > >>https://www.assembla.com/wiki/show/liftweb/Posting_example_code
>
> > > --
> > > Lift, the simply functional web framework:http://liftweb.net
> > > Code:http://github.com/lift
> > > Discussion:http://groups.google.com/group/liftweb
> > > Stuck? Help us help you:
> > >https://www.assembla.com/wiki/show/liftweb/Posting_example_code- Tekst uit oorspronkelijk bericht niet weergeven -
>
> - Tekst uit oorspronkelijk bericht weergeven -
If your site requires cookies to work, it might be better to check if cookies are enabled (this is relatively easy, I have some code if needed) and redirect to some error page up front /Jeppe On Fri, Jun 15, 2012 at 9:04 PM, Antonio Salazar Cardozo <savedfastcool@...> wrote: > The only issue you run into is that the > redirectAjaxOnSessionLoss/noCometSessionPage combination is not only hit > when there are no cookies, it's also hit when your session expires. So if > someone is on your site, shuts their laptop, leaves for 20 minutes (so the > session and comets die), pops open their laptop, you'll be hitting the above > flow. This is why it's even better with noCometSessionCmd, so that you can > call a function that will know if you already had a successful comet > connection. > > The other case where you'd hit it is if you restarted the server (say, to > deploy new code). That would be harder to spot, but if you send, through > existing comet actors, a message to the client to put it in a state where > it's expecting the server restart, then again a custom command could be used > to check for that state and reload the page instead of giving you a cookie > error. > Thanks, > Antonio > > On Thursday, June 14, 2012 6:59:52 PM UTC-4, Dave wrote: >> >> Thanks Antonio, >> that might be an elegant way to handle a cookie blocking situation for >> comet. >> >> On 14 jun, 20:00, Antonio Salazar Cardozo <savedfastc...@...> >> wrote: >> > It may be possible to do this using a responseTransformer… Basically >> > hunt >> > down all hrefs and srcs and run them through whatever function. But >> > you'd >> > have to tweak the actual comet paths as well, which may be doable by >> > playing with the LiftRules.ajaxPath and LiftRules.cometPath variables. >> > The >> > problem is these are static variables instead of functions or factories >> > (so >> > they're not generated per-session or anything). >> > >> > More to the point, you can set things up so that instead of reloading >> > the >> > page, a lack of comets leads to an error message. If you turn off >> > LiftRules.redirectAjaxOnSessionLoss, the page will instead of reloading >> > be >> > directed to a URI of your choice. You set the URI to redirect to using >> > LiftRules.noCometSessionPage. At some point I want to make this >> > noCometSessionCmd, so that you can actually use arbitrary JS instead of >> > only being able to redirect. >> > >> > So it is possible to set it up so that when this error condition comes >> > up, >> > the user is sent to an error message page that explains the problem (and >> > requests that they go through whatever process to allow your cookies). >> > >> > Hope that helps! >> > Thanks, >> > Antonio >> > >> > >> > >> > On Thursday, June 14, 2012 6:28:14 AM UTC-4, Jeppe Nejsum Madsen wrote: >> > >> > > On Thu, Jun 14, 2012 at 10:55 AM, Naftoli Gugenheim >> > > <naftoli...@...> wrote: >> > > > Oh, so is there any reason comet, etc., wouldn't work for the OP >> > > > with >> > > that >> > > > configured? >> > >> > > In theory no, but it requires all URL-generating functions are passed >> > > through the encodeURL function (to append the jsessionid parameter) >> > > and afaik, this is not done in Lift. >> > >> > > /Jeppe >> > >> > > > On Thu, Jun 14, 2012 at 4:42 AM, Jeppe Nejsum Madsen >> > > > <je...@...> >> > > > wrote: >> > >> > > >> On Thu, Jun 14, 2012 at 8:13 AM, Naftoli Gugenheim < >> > > naftoli...@...> >> > > >> wrote: >> > >> > > >> > On Wed, Jun 13, 2012 at 6:01 PM, Dave >> > > >> > <dave.mahabiers...@...> >> > >> > > >> > wrote: >> > >> > > >> >> If I want to make a cookie free website with comet (or other >> > > >> >> functionality) is this possible in liftweb (or reactive web)? >> > >> > > >> > You can't have a servlet container session without cookies --- >> > > >> > can >> > > you >> > > >> > enable cookies named JSESSIONID for all sites? >> > > >> > Otherwise you need to deal on a much lower level, maybe with raw >> > > >> > web >> > > >> > sockets. >> > >> > > >> That is not correct. Most (all?) servlet containers support >> > > >> cookie-less sessions (e.g. >> > >> > >> > > >http://www.mojavelinux.com/blog/archives/2006/11/disabling_session_co...). >> > >> > > >> But this requires all URLs to go through an "encodeURL" method to >> > > >> append the session id to the URL. >> > >> > > >> /Jeppe >> > >> > > >> -- >> > > >> Lift, the simply functional web framework:http://liftweb.net >> > > >> Code:http://github.com/lift >> > > >> Discussion:http://groups.google.com/group/liftweb >> > > >> Stuck? Help us help you: >> > > >>https://www.assembla.com/wiki/show/liftweb/Posting_example_code >> > >> > > > -- >> > > > Lift, the simply functional web framework:http://liftweb.net >> > > > Code:http://github.com/lift >> > > > Discussion:http://groups.google.com/group/liftweb >> > > > Stuck? Help us help you: >> > > >https://www.assembla.com/wiki/show/liftweb/Posting_example_code- >> > > > Tekst uit oorspronkelijk bericht niet weergeven - >> > >> > - Tekst uit oorspronkelijk bericht weergeven - > > -- > Lift, the simply functional web framework: http://liftweb.net > Code: http://github.com/lift > Discussion: http://groups.google.com/group/liftweb > Stuck? Help us help you: > https://www.assembla.com/wiki/show/liftweb/Posting_example_code -- -- Lift, the simply functional web framework: http://liftweb.net Code: http://github.com/lift Discussion: http://groups.google.com/group/liftweb Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
RSS Feed