There are several technologies we can use to track user sessions and continuations. First lets get some vocabulary going here.

Session

The entire aggregate of page views from a single user

Page Forking

When a user opens links a new window/tab

Back Button

Very similar to page forking, this is literally the user pressing the back-button in their webbrowser. Beware! They might then press the forward button!

Continuation

Snapshot of program logic and control flow. Can be resumed but not forked (for now. it sucks, I know)

Cookie

An HTTP header that their webbrowser will send to us every time they make a request

GET/POST var

Yeah

Page ID

A unique number generated for each request (Request ID?)

• Cookie -- one webbrowser == one continuation
  • Nice and simple. Place cookie one-time
  • Good for games
  • No concept of Back button or page forking
  • Continuations must be abandoned more readily?
  • Can fall-back to adding a whole-session GET/POST var to each link/form
• GET/POST -- ContinuationID in each POST/GET request. if they do anything other than POST then they will get a new session
  • Must explicitly (or with filter) put ContinuationID in each form/link
• ContinuationID + PageID -- Each page gets a unique PageID, plus the ContinuationID. Then a continuation can know when the request was for a alread-viewed page
  • Old PageID == Back Button
• Cookie + app-managed sub-continuations - Use the cookie to get the main continuation, and then the app can keep track of its own set of running branches for that session

Here's what I (awwaiid) plans on doing:

• Session Cookie
  • Session variable based on cookie, can stick things global to this user here
• ContinuationID sent with each page
• RequestID sent with each page
  • Think of it as the program requesting user input
• Links will be to REST-like URLs, with NO ContinuationID
• Forms will post to REST-like URLs
• If they have Javascript, intercept links and turn them into POSTS and include the ContinuationID
  • Open-in-new-tab does not (in my tests) execute javascript
  • Non-js executions (new-tab, bookmarked URL) start a new continuation but not a new session
  • POSTS are better, because even if you are navigating from one part of the program to another you'd like to have the form data that they may have changed. Another way to do this is with AJAX.
• If we get a RequestID twice, we know that they either forked the browser or hit the back button
  • Add an extra Request variable, duplicate_request or something
  • Maybe if we get a RequestID twice we want to start a new continuation using that RESTian URL?
• If they have no javascript then they will get a new continuation on each pageview except for POSTs by default. Must add ContinuationID to links to do otherwise.