On Thu, 11 Aug 2005, marcus saw wrote:
> Try URL re-writing to pass a session ID and store all the data in the
>session on your server instead of a cookie.
The only thing I store in the cookie is the session ID anyway. But that
is what I ended up doing; when I redirect from an http page to an https
page, I always rewrite that URL, even if I have URL rewriting turn off.
That lets the new page handler find the session without a cookie, and I
then issue a new cookie at that point.
> Keitais don't accept cookies as a rule, but you said you sent one so
>now I am confused.. Is this a new feature or have I got the wrong end
>of the stick?
AU keitai do accept and return cookies. Except in this one special case,
it seems.
> I have done something similar to what you seem to be doing with
>re-directing pages to https versions and I used sessions to hold all
>the user specific data and it worked perfectly.
But worked on what browser? I think I mentioned that it works fine for
me with Mozilla.
> Also are you using a full 'verisign' certificate, because thats the
>only type that the phones will allow without giving you an annoying
>'nag' message.
Yes, I'm using a certificate signed by a certificate in the phone's
internal list. In fact, AU phones (or at least my two examples) will
refuse to connect to sites with a certificate not signed by one of
these.
cjs
--
Curt Sampson <cjs@cynic.net> +81 90 7737 2974
*** Contribute to the Keitai Developers' Wiki! ***
*** http://www.keitai-dev.net/ ***
Received on Fri Aug 12 05:11:06 2005