World: r3wp

Or is there an option for RSP to use cookie or session-id?

try turning off cookies and see if the session id is preserved

I would guess not

Graham: instead of writing <% prin record/1 %>, you can use the following 
syntax : <%= record/1 %>

Session currently only use cookies. The session ID is available (session/id) 
so you could embed it in urls, but session cookies support is hardwired 
in the RSP engine, so it would require a lot of internal changes 
to not rely on cookies.

Btw, why would you pass session ID through URLs instead of cookies 
? Is it for users that wrongly feel more secure by not accepting 
any cookie ?

<%= - nice ... that'll save a bit of typing :)

Note: so long as QM is server neutral (i.e. it's Apache friendly), 
it will not be as efficient as it could be under Cheyenne.  I really 
would like to do a Cheyenne-only version, but not until QM is feature 
complete (and I will say 'stop' as some point :)

don't loose your time with apache.. 8-)

Unfortunately it's a requirement :(

How does Cheyenne's performance and security stack up against the 
other indians (Apache, Cherrokee, Hiawatha, ...)?

Most of QM is just establishing the core functions and protocols. 
 I could just sweep them away if they were preloaded.

Doc, exactly. A lot of companies don't allow cookies for their employees...

I would fire IT person who has anything against cookies ...

Any decent antispyware program will delete the worst ones - the rest 
should be OK.

Of course that is on Windows.

regarding window, I've experienced that adding this to the header 
will make IE accept cookies where without it wouldn't:

response/set-header 'P3P {CP="CAO DSP COR CURa ADMa DEVa OUR IND 
PHY ONL UNI COM NAV INT DEM PRE"}

althought the meaning of this is still a mistery for me ;-)

anyone in a hurry to have global and per domain rewrite-rules?

http://en.wikipedia.org/wiki/P3P

http://msdn2.microsoft.com/en-us/library/ms537343.aspx

thanks Oldes, I do not care much about win related stuff, I just 
wanted my cookies to work!  ;-)

I'm just not sure if it's wise to send some bad informations using 
something what do not match your web page

then maybe better I'll look at what that means..

You should probably check this http://www.w3.org/TR/P3P/#compact_policies

2xthanks .-)

long read btw..

Btw, why would you pass session ID through URLs instead of cookies 
? Is it for users that wrongly feel more secure by not accepting 
any cookie ?

  - some corporate firewalls emrge cookies, effectively making all 
  session content available to all users.

And then there are people that cannot accept cookies.

Back again ...and overnight ( for me ), Cheyenne has crashed.  Only 
one process is running, and there's this error which may or may not 
be relevant


## Error in [uniserve] : On-received call failed with error: make 
object! [
    code: 311
    type: 'script
    id: 'invalid-path
    arg1: 'expires
    arg2: none
    arg3: none
    near: [sess/expires < now]
    where: 'gc
] !

Is there a verbose logging feature for cheyenne?

are you running custom mods?

HTTDd.r has a verbose mode.

Only mod-qm.r

link?

http://www.ross-gill.com/QM

for verbose either you start cheyenne with -v -vv -vvv .. or look 
at the end of cheyenne.r for these two lines:

uniserve/verbose: any [all [4 < to-integer verbosity 2] 0]
uniserve/services/httpd/verbose: 
any [verbosity 0]

uniserve/verbose: any [all [4 < to-integer verbosity 2] 0]

uniserve/services/httpd/verbose: any [verbosity 0]

sorry altme still has problem with lineendings..

changing verbose in httd.r didn't do anything.

This is Cheyenne/log/default-log ?

Must be logging to screen only

yeah, to console

are you on windows?

dunno but these two lines will bypass verbose set in HTTPd.r or uniserve.r 
so becareful

nope os x

I think there is missing default value for cookie expiration