Maintaining session with XDomainRequest transport

[GoogleCodeExporter]

http://stackoverflow.com/questions/6453779/maintaining-session-by-rewriting-url

If XDomainRequest transport is used, URL will be rewritten to contain a session 
id acoording to the rule of each server-side technology.

Original issue reported on code.google.com by flowersi...@gmail.com on 23 Jun 2011 at 2:51

[GoogleCodeExporter]

Fixed for Java - JSESSIONID and jsessionid

Original comment by flowersi...@gmail.com on 26 Jun 2011 at 2:34

• Changed state: Started

[GoogleCodeExporter]

Fixed for PHP - PHPSESSID

Original comment by flowersi...@gmail.com on 27 Jun 2011 at 2:51

[GoogleCodeExporter]

The Ruby on Rails does not allow to pass the session ID in the URL, so there is 
no way to support Rails.
http://guides.rubyonrails.org/action_controller_overview.html#session

XDomainRequest is a real nuisance!

Original comment by flowersi...@gmail.com on 28 Jun 2011 at 2:38

[GoogleCodeExporter]

Django also doesn't 
https://docs.djangoproject.com/en/dev/topics/http/sessions/#session-ids-in-urls

XDomainRequest is a real nuisance!!

Original comment by flowersi...@gmail.com on 28 Jun 2011 at 4:24

[GoogleCodeExporter]

ASP.NET support cookieless session state.
The URL format: http://MySite.com/MyWebApplication/(SESSIONID)/home.aspx
http://msdn.microsoft.com/en-us/library/aa479315.aspx

However, we cannot know what the application name is, so cannot decide the 
position of the session id part.

Original comment by flowersi...@gmail.com on 28 Jun 2011 at 6:31

[GoogleCodeExporter]

The iframe transport will be used instead of XDomainRequest.

By setting enableXDR to true, when XDomainRequest is avilable, it can be used 
as a transport.

Original comment by flowersi...@gmail.com on 2 Jul 2011 at 11:09

• Changed state: Fixed
• Added labels: Target-1.1.1

[GoogleCodeExporter]

Original comment by flowersi...@gmail.com on 4 Jul 2011 at 1:36

• Added labels: Type-Defect
• Removed labels: Type-Enhancement