Compare pros and cons of different methods for an HTTP server of knowing what a client has done in recent previous HTTP transactions.


Possible answer

This question was difficult, so answers containing less than what I write below were accepted.

What to send

Choices Disadvantages
All session information. If the user uses the back button in the browser, information from the last transaction is "forgotten" which can confuse the user.

More amount of information has to be transferred back and forward.
Transaction ID identifying session information in the server. Information about the state of each user must be stored in the server, often done by having a separate thread in the server for each user.

How to send it

Method Pros and cons
Put transaction ID in Magic Cookie. Works well, but some people disable cookies because they are afraid of misuse.
Hidden field in a form. Does not work if user does something else inbetween.
Put data in the URL which the user clicks, after a question mark. Only works if the user continues by accessing this URL, not suitable for much data, user can see the URL.
An alternative to the methods above is to use the HTTP/1.1 features for persistent connections

List of exam questions