W3C home > Mailing lists > Public > whatwg@whatwg.org > October 2013

[whatwg] Proposal: HTTP Headers + sessionStorage stored session-ID

From: Kyle Simpson <getify@gmail.com>
Date: Wed, 30 Oct 2013 16:54:08 -0500
Message-Id: <1AD881D2-667A-46FF-B10E-13FC185D7B2C@gmail.com>
To: "whatwg@whatwg.org" <whatwg@whatwg.org>
I have put together a simple soft proposal for a pair of HTTP Request/Response headers that bridge to the browser's sessionStorage mechanism for session ID storage. It's basically to embrace the new SPA style architecture prevalent on the web, and the use of sessionStorage, instead of the old-school usage of session cookies.

Details:

https://gist.github.com/getify/7240515


TL;DR:


HTTP Response Header
Register-Session-ID: sessID

   --or--

Register-Session-ID: sessID=23kml2r2-aniwpkmsd-li24t-35n


Makes an entry in sessionStorage of the specified name, which entry can automatically be pulled (including its current value) from sessionStorage on each new page request (to same SOP target) and be sent along, as:


HTTP Request Header
Session-ID: 23kml2r2-aniwpkmsd-li24t-35n


Thoughts?



--Kyle
Received on Wednesday, 30 October 2013 21:54:40 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 17:00:12 UTC