<--- --------------------------------------------------------------------------------------- ---- Blog Entry: ColdFusion Session Management Revisited... User vs. Spider III Author: Ben Nadel / Kinky Solutions Link: http://www.bennadel.com/index.cfm?dax=blog:154.view Date Posted: Jul 21, 2006 at 7:46 AM ---- --------------------------------------------------------------------------------------- ---> // Define the application. To stop unnecessary memory usage, we are going // to give web crawler no session management. This way, they don't have // to worry about cookie acceptance and object persistence (except for // APPLICATION scope). Here, we are using short-circuit evaluation on the // IF statement with the most popular search engines at the top of the // list. This will help us minimize the amount of time that it takes to // evaluate the list. Create a lowercase version of the user agent so we // can run without NoCase checks. strTempUserAgent = LCase( CGI.http_user_agent ); // Check user agent. if ( (NOT Len(strTempUserAgent)) OR // We are testing the cookie values so that we are not duplicating // logic. This should provide a performance increase of anyone // accepting cookies. ( COOKIE.SessionScopeTested AND (NOT COOKIE.HasSessionScope) ) OR // We are gonna try to optimize even a little bit more. A good number // of the spider names end in "bot". If we check for names that have // BOT ending on a word boundary, we can eliminate several of the other // spider checks. The bot\b search here takes care of the spiders that // are now commented out below. As you can see, it takes the place of // 18 different spider Find()'s. REFind( "bot\b", strTempUserAgent ) OR // This will try to get any RSS feed readers. REFind( "\brss", strTempUserAgent ) OR Find( "slurp", strTempUserAgent ) OR Find( "mediapartners-google", strTempUserAgent ) OR Find( "zyborg", strTempUserAgent ) OR Find( "emonitor", strTempUserAgent ) OR Find( "jeeves", strTempUserAgent ) OR Find( "sbider", strTempUserAgent ) OR Find( "findlinks", strTempUserAgent ) OR Find( "yahooseeker", strTempUserAgent ) OR Find( "mmcrawler", strTempUserAgent ) OR Find( "jbrowser", strTempUserAgent ) OR Find( "java", strTempUserAgent ) OR Find( "pmafind", strTempUserAgent ) OR Find( "blogbeat", strTempUserAgent ) OR Find( "converacrawler", strTempUserAgent ) OR Find( "ocelli", strTempUserAgent ) OR Find( "labhoo", strTempUserAgent ) OR Find( "validator", strTempUserAgent ) OR Find( "sproose", strTempUserAgent ) OR Find( "ia_archiver", strTempUserAgent ) OR Find( "larbin", strTempUserAgent ) OR Find( "psycheclone", strTempUserAgent ) OR Find( "arachmo", strTempUserAgent ) OR // These IP addresses are being black listed as being spiders // even though they are not advertising themselves as being // spiders via the CGI.http_user_agent. (NOT Compare( CGI.remote_add, "208.66.195.5" )) // I am no longer checking for the following as they are being // checked in the regular expression at the top. // Find( "turnitinbot", strTempUserAgent ) OR // Find( "ziggsbot", strTempUserAgent ) OR // Find( "rufusbot", strTempUserAgent ) OR // Find( "researchbot", strTempUserAgent ) OR // Find( "ip2mapbot", strTempUserAgent ) OR // Find( "gigabot", strTempUserAgent ) OR // Find( "exabot", strTempUserAgent ) OR // Find( "mj12bot", strTempUserAgent ) OR // Find( "outfoxbot", strTempUserAgent ) OR // Find( "obot", strTempUserAgent ) OR // Find( "snapbot", strTempUserAgent ) OR // Find( "myfamilybot", strTempUserAgent ) OR // Find( "girafabot", strTempUserAgent ) OR // Find( "aipbot", strTempUserAgent ) OR // Find( "googlebot", strTempUserAgent ) OR // Find( "becomebot", strTempUserAgent ) OR // Find( "msnbot", strTempUserAgent ) OR // Find( "irlbot", strTempUserAgent ) OR // Find( "baiduspider", strTempUserAgent ) ){ // This application definition is for robots that do NOT need sessions. THIS.Name = "KinkySolutions v.1 {dev}"; THIS.SessionManagement = false; THIS.SetClientCookies = false; THIS.ClientManagement = false; THIS.SetDomainCookies = false; // Set the flag for session use. REQUEST.HasSessionScope = false; // Only set the cookie values if we have not already done this. Most // of the users who get this far are spiders and cannot accept // cookies... which is why I am turning off session management. // However, if they are spiders, I am not too concerned about // performance so I set anyway for good practice. if (NOT COOKIE.SessionScopeTested){ // Set the client cookie for testing so that this doesn't get // tested again. COOKIE.SessionScopeTested = 1; // Set the client cookie for session availability. This user has // been determined to not need sessions. COOKIE.HasSessionScope = 0; // Flag the cookie test as being performed. blnCookieTestPerformed = true; } } else { // This application is for the standard user. THIS.Name = "KinkySolutions v.1 {dev}"; THIS.SessionManagement = true; THIS.SetClientCookies = true; THIS.SessionTimeout = CreateTimeSpan(0, 0, 20, 0); THIS.LoginStorage = "SESSION"; // Set the flag for session use. REQUEST.HasSessionScope = true; // Only set the cookie values if we have not already done this. if (NOT COOKIE.SessionScopeTested){ // Set the client cookie for testing so that this doesn't get // tested again. COOKIE.SessionScopeTested = 1; // Set the client cookie for session availability. This user // has been determined to allow session management. COOKIE.HasSessionScope = 1; // Flag the cookie test as being performed. blnCookieTestPerformed = true; } }