Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I'm guessing a lot of them stem from using session variables and from caching. I've seen everything from an nHibernate cache being stored in the session, serializing and deserializing a huge chunk of the database on every request, to developers not being aware that the session variable they get is user specific (They access it via Session[UserId]).

Caching in particular seems to be something that's applied without much analysis, I've seen it slow down implementations more often than it sped them up.

What I'd really like is for the browser to send a tab id on every request, so we can scope variable to a tab as well as user.



FYI: one place to store a tab id is in the window.name variable:

* it is persistent across refreshes

* it remains even if you leave page to another domain then return to page on same tab

* it disappears if the tab is closed

* it doesn't change as you navigate back/forward

* would be most useful with xhr requests or a hidden field in form post requests.

Downsides:

* no origin security

* no obvious nice way to use with page GETs for server to know which tab a page request is from.


SessionStorage has all of those properties:

https://developer.mozilla.org/en/docs/Web/API/Window/session...

localStorage is often used for it's persistance across closing/reopening the browser, but for times when you don't want storage to bleed across tabs or closing the browser then session storage is much better, and unlike a cookie doesn't automatically get attached to request so there aren't XSRF worries.

(You still need to be careful of XSS of course.)


Isn't his client side only? Xhr would work for anything ajaxy but not for a page load.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: