[DGD]DGD HTML?
Gregory D Lewis
glewis at maths.adelaide.edu.au
Tue May 16 07:52:36 CEST 2000
> > Since the object that gets the request is also the one that must send back
> > the
> > response, it can simply close its connection (destruct itself) after sending
> > the last chunk of data. No problem there.
>
> But how will you handle a second request of the same client? Rely on the data
> the client sends about his current position? Or even who he is? You _have_ to
> keep information about the connected clients somewhere, and assign some kind of
> session information to the clients so that they can identify themselves on
> reload.
>
> Michael
I think you and Kris are talking around each other somewhat :).
But to answer your question(s): Trust nothing sent by the client.
This has been discussed many times in the MUD-Dev mailing list, and I'd
suggest looking through its archives with regards to threads on data sent
from the client. The server must keep all the state information and verify
any change to that state the client may request.
There have also been threads on the client identifying itself in a secure
fashion which are also worth looking over.
--
Greg Lewis Applied Maths Department
Email : glewis at maths.adelaide.edu.au University of Adelaide
--
I hate quotations.
-- Ralph Waldo Emerson
List config page: http://list.imaginary.com/mailman/listinfo/dgd
More information about the DGD
mailing list