[plt-scheme] session info in web server applications

From: Todd O'Bryan (toddobryan at gmail.com)
Date: Sun Nov 8 14:47:32 EST 2009

Thanks. I have some high school students who are playing with this, so
we'll undoubtedly come up with questions and confusion. We may even
come up with some code to contribute back--who knows?


On Sat, Nov 7, 2009 at 2:00 PM, Dave Gurnell <d.j.gurnell at gmail.com> wrote:
> Hi all,
> I've extracted the cookie/session parts of our code and put them here for
> comment:
>    http://svn.untyped.com/session/trunk/src
> There's no documentation but the code is really short and there's tests in
> there to show how it works. The README gives a brief overview and lists some
> outstanding issues. Feel free to take a peek, pull it apart, and post your
> concerns here.
> The key issue I'm aware of is that the session data is stored in a global
> hash table with no memory management. Over time, the table will grow and
> grow until the server runs out of memory. At Untyped we use sessions
> exclusively to store usernames. These are so small we've never had a problem
> so I've never been motivated to come up with a better solution.
> I spoke to Jay about this and he recommended an alternative approach using
> md5-stuffers to write the session information out to disk. I'll implement
> that when I get a chance, and I'll take contributions by email if anyone
> else fancies jumping in.
> I'm not sure about thread safety but we've never had any problems.
> Also, this is an adaptation of code from other Untyped libraries, and I've
> tweaked some things without adding 100% test coverage. Please don't treat
> this as reliable code to be deployed in production!
> Cheers,
> -- Dave
> _________________________________________________
>  For list-related administrative tasks:
>  http://list.cs.brown.edu/mailman/listinfo/plt-scheme

Posted on the users mailing list.