- From: Marc Andreessen <marca@netscape.com>
- Date: 22 Apr 1995 03:43:57 GMT
- To: www-talk@www0.cern.ch
burchard@horizon.math.utah.edu (Paul Burchard) wrote: >"Lou Montulli" <montulli@netscape.com> writes: >> My proposal is meant to solve a much broader set of >> problems than a simple session id. [...] One of it's more >> useful applications is an online shopping basket. > >As I feared. A cookie hidden in the HTTP headers is not the way to >implement this! Just think about it from the customer's point of >view: With a real shopping basket, I can see at all times what I've >collected so far. I can compare what's there with my budget, and >with other competitive products that I come across. As a result of >my comparisons, I can take products out at any time and put them >back on the shelf. Absolutely. The cookie mechanism makes it trivially easy for the server to generate the page that shows you everything that's in your shopping basket (cardboard box) and gives you all these functions at any time -- all the user has to do is click on the icon "Shopping Basket" at the bottom of every page or in the "menubar", the client sends the cookie in the request, the server generates the appropriate page for that cookie, and boom, she gets to see all this. If the session is encrypted, it can be totally safe as well, without even requiring user identification. So the neat thing is that we get to use HTML, HTTP, forms, etc. as they're already defined rather than inventing some huge new mechanism for storing and presenting "items in a cardboard box" to be built into every client from here on out. Cookies provide the mechanism to leverage the capabilities that are already standard and assumed in all clients. >Instead, like any client-side state, the shopping basket makes most >sense as a document -- something the user can see and act upon. Yup -- that document can be easily generated by the server at any time and presented to the client. There's no reason for the client to have the burden of generating that document or providing the user with new interaction mechanisms. Cheers, Marc -- Marc Andreessen Netscape Communications Corp. Mountain View, CA marca@netscape.com
Received on Friday, 21 April 1995 23:48:16 UTC