yupp. or the DOM storage instead of "local storage" as the space between the 2 words alter meaning sometimes ;-)

>Ah. sessionStorage not localStorage. - that should work...
>
>>pretty certain Craig is thinking of the session specific non-persistent variant. Think of memofields in cursors owned by the browser tab - that is my model currently.
>>
>>>There's a problem with that - two instances of the browser on the same site share localstorage so in Michel's scenario where a user logs in using different credentials both instances will see the last logged in information.
>>>
>>>>There is a current movement to get rid of cookies all together and use HTML5 local storage. Google, among others, seems to leaning this way.
>>>>
>>>>Just something else to think about and I don't know how it will apply to the original question in this thread.
>>>>
>>>>
>>>>>I think MS missed the boat by using the mangled URL as alternative. Having the cookie stored within normal payload data would have been better - even down to allowing new, encrypted non-diskable cookies to be updated via HTTPS:// rest without breaking too much other architecture.