Now playing: Iggy Pop - Livin’ On The Edge Of The Night
Seaside is known as a heretical web framework: as every Seaside programmer knows, it uses continuations and stores session state information directly in the URL.
Typical Seaside URL contains two arguments, _s and _k. _s identifies a session (it is the same for all the generated pages within a single session) and _k is used to look up a continuation in this session. Depending on current continuation the appropriate components and content are rendered .
What is continuation? Briefly saying, continuation is a snapshot of the application state.
Well, what will happen if we will copy such URL from one browser and then open it in another one? If we will do it quickly (before the session expiration), we will reach the same place in the application. Even if the second browser is launched on a different PC!
If our web application supports user accounts, we can even appear under a different user in the system without authentication. All we need is just to obtain a generated URL with _s and _k from a logged-in user.
Please correct me if I’m wrong.