Tutorial #20
Caution: Under Construction
- The basis of Web commerce is dynamically-generated Web
pages. What does this mean?
- What is a shopping cart application?
- What is meant by state maintenance in the context of a
shopping cart application? What are the two major technologies which can be
used to implement state maintenance?
- What are some of the advantages of cookies over hidden fields? What
disadvantages do they have?
- Under what conditions is a cookie stored on a client system's local disk
between "browser sessions"?
- Discuss the security implications of cookies. In particular, if someone
asked you whether it's safe to accept cookies from Web servers, what would you
tell them, and why?
- Many commercial sites, such as Amazon.com, put the session identifier in URL
Extra Path Information. Explain the advantage this has over
hidden field and cookie-based systems.
- On many Web Commerce sites (for example, Amazon.com and The New York Times), cookies are used to
authenticate repeated visits to the site. For example, if you have "shopped"
at either of the above businesses, they will set a cookie so that you can
subsequently "one-click" (or somesuch) to order. It's obviously important that
no one else can generate your cookie, or they could
impersonate you. How could this be implemented?
- (Hard) What controls do the
domain
and path
specifiers impose on when your browser sends a cookie to a server? In other
words, how are the domain
and path
specifiers
interpreted in the browser?
- (Discussion question) There's obviously lots of potential for using Java
and/or Javascript to build a shopping cart application which runs on the
client (browser) instead of using FORMS and server-side code. Is this a good
idea? Why, or why not?
Copyright © 2004 by Philip
Scott, La Trobe University.