What does a session have to do with <cflocation>

BKBK · BKBK

Neculai Macarie · Neculai Macarie

> <cflock name="URLToken_lock" type="readonly" timeout="30">

> <cflocation url="successful_signin.cfm?#session.URLToken#" addtoken="No">
> </cflock>

If you want session management without requiring cookies to be activated
then you need to have CFID and CFTOKEN passed around with each request.

--
<mack />

BKBK · BKBK

> If you want session management without requiring cookies to be activated

> then you need to have CFID and CFTOKEN passed around with each request.

Yep. Agreed. Question is: Is it better to pass session variables around via a
query-string appended to the URL attribute value, with AddToken attribute set
to 'no'?

Neculai Macarie · Neculai Macarie

> > If you want session management without requiring cookies to be activated

> > then you need to have CFID and CFTOKEN passed around with each request.

>
> Yep. Agreed. Question is: Is it better to pass session variables around

via a

> query-string appended to the URL attribute value, with AddToken attribute

set

> to 'no'?

I think it's the same. Maybe the original programmer didn't know about
AddToken.

--
<mack />

BKBK · BKBK

>>> <cflock name="URLToken_lock" type="readonly" timeout="30">

>>> <cflocation url="successful_signin.cfm?#session.URLToken#" addtoken="No">
>>> </cflock>

...
...

>> Yep. Agreed. Question is: Is it better to pass session
>> variables around via a query-string appended to the URL
>> attribute value, with AddToken attribute set to 'no'?

> I think it's the same. Maybe the original programmer
> didn't know about AddToken.

The question is not as trivial as you think.
Sometimes Coldfusion does not pass session variables
to the URL in the cflocation tag, no matter whether you
set Addtoken to 'yes' or to 'no'. That is what motivated
my question. See for example

[url]http://www.macromedia.com/cfusion/knowledgebase/index.cfm?id=tn_18171[/url]

Neculai Macarie · Neculai Macarie

> >>> <cflock name="URLToken_lock" type="readonly" timeout="30">

> >>> <cflocation url="successful_signin.cfm?#session.URLToken#"

addtoken="No">

> >>> </cflock>

> ...
> ...

> >> Yep. Agreed. Question is: Is it better to pass session
> >> variables around via a query-string appended to the URL
> >> attribute value, with AddToken attribute set to 'no'?

>

> > I think it's the same. Maybe the original programmer
> > didn't know about AddToken.

>
> The question is not as trivial as you think.
> Sometimes Coldfusion does not pass session variables
> to the URL in the cflocation tag, no matter whether you
> set Addtoken to 'yes' or to 'no'. That is what motivated
> my question. See for example
>
> [url]http://www.macromedia.com/cfusion/knowledgebase/index.cfm?id=tn_18171[/url]

You are correct. As far as I know the cflocation/cookie bug is fixed in
CFMX, so it depends on the CF version that you're using.

--
<mack />

What does a session have to do with <cflocation>

Thread Tools

Display

What does a session have to do with <cflocation>

Similar Questions and Discussions

CFlocation.

cflocation

CFLocation and SSL

Alternative to CFLOCATION

Delay before cflocation

Re: What does a session have to do with <cflocation>

Re: What does a session have to do with <cflocation>

Re: What does a session have to do with <cflocation>

Re: What does a session have to do with <cflocation>

Re: What does a session have to do with <cflocation>

Posting Permissions