http based backend no longer use cookie store session_id

pywebio/html/index.html

@@ -53,7 +53,6 @@
         integrity="sha384-wfSDF2E50Y2D1uUdj0O3uMBJnjuUD4Ih7YwaYd1iqfktj0Uod8GCExl3Og8ifwB6"
         crossorigin="anonymous"></script>
 <script src="https://cdn.jsdelivr.net/npm/bs-custom-file-input/dist/bs-custom-file-input.js"></script>
-<script src="https://cdn.jsdelivr.net/npm/js-cookie@rc/dist/js.cookie.min.js"></script>
 
 <script>
 

pywebio/html/js/form.js

@@ -872,8 +872,16 @@
         WebIOSession.apply(this);
         this.api_url = api_url;
         this.interval_pull_id = null;
+        this.webio_session_id = '';
 
         var this_ = this;
+        this._on_request_success = function (data, textStatus, jqXHR) {
+            var sid = jqXHR.getResponseHeader('webio-session-id');
+            if (sid) this_.webio_session_id = sid;
+
+            for (var idx in data)
+                this_.on_server_message(data[idx]);
+        };
         this.start_session = function () {
             this.interval_pull_id = setInterval(function () {
                 $.ajax({
@@ -881,9 +889,9 @@
                     url: this_.api_url,
                     contentType: "application/json; charset=utf-8",
                     dataType: "json",
-                    success: function (data) {
-                        for (var idx in data)
-                            this_.on_server_message(data[idx]);
+                    headers: {webio_session_id: this_.webio_session_id},
+                    success: function (data, textStatus, jqXHR) {
+                        this_._on_request_success(data, textStatus, jqXHR);
                         this_.on_session_create();
                     },
                     error: function () {
@@ -899,10 +907,8 @@
                 data: JSON.stringify(msg),
                 contentType: "application/json; charset=utf-8",
                 dataType: "json",
-                success: function (data) {
-                    for (var idx in data)
-                        this_.on_server_message(data[idx]);
-                },
+                headers: {webio_session_id: this_.webio_session_id},
+                success: this_._on_request_success,
                 error: function () {  // todo
                     console.error('Http push event failed, event data: %s', msg);
                 }

pywebio/platform/flask.py

@@ -74,15 +74,17 @@ def _webio_view(coro_func, session_expire_seconds):
         asyncio.set_event_loop(_event_loop)
 
     webio_session_id = None
-    if 'webio_session_id' not in request.cookies:  # start new WebIOSession
+    set_header = False
+    if 'webio-session-id' not in request.headers or not request.headers['webio-session-id']:  # start new WebIOSession
+        set_header = True
         webio_session_id = random_str(24)
         webio_session = AsyncBasedSession(coro_func)
         _webio_sessions[webio_session_id] = webio_session
         _webio_expire[webio_session_id] = time.time()
-    elif request.cookies['webio_session_id'] not in _webio_sessions:  # WebIOSession deleted
+    elif request.headers['webio-session-id'] not in _webio_sessions:  # WebIOSession deleted
         return jsonify([dict(command='close_session')])
     else:
-        webio_session_id = request.cookies['webio_session_id']
+        webio_session_id = request.headers['webio-session-id']
         webio_session = _webio_sessions[webio_session_id]
 
     if request.method == 'POST':  # client push event
@@ -98,8 +100,8 @@ def _webio_view(coro_func, session_expire_seconds):
     response = _make_response(webio_session)
     if webio_session.closed():
         _remove_webio_session(webio_session_id)
-    elif 'webio_session_id' not in request.cookies:
-        response.set_cookie('webio_session_id', webio_session_id)
+    elif set_header:
+        response.headers['webio-session-id'] = webio_session_id
     return response