05d0f5fb35b226685765a28f80ee1ff85444f33a
max
  Fri Nov 19 05:47:29 2021 -0800
Adding "incognito" URL variable which allows external sites to open
links to us that do not change any of the settings saved in the user's
session. This can be especially useful for hgRenderTracks when used from
Javascript. refs #28520

diff --git src/hg/lib/cart.c src/hg/lib/cart.c
index deb1903..292e148 100644
--- src/hg/lib/cart.c
+++ src/hg/lib/cart.c
@@ -1479,30 +1479,31 @@
 	}
     }
 hashElFreeList(&elList);
 }
 
 static void saveState(struct cart *cart)
 /* Save out state to permanent storage in both user and session db. */
 {
 struct sqlConnection *conn = cartDefaultConnector();
 struct dyString *encoded = newDyString(4096);
 
 /* Make up encoded string holding all variables. */
 cartEncodeState(cart, encoded);
 
 /* update sessionDb and userDb tables (removed check for cart stuffing bots) */
+if (!cartCgiUsualString(cart, "incognito", NULL))
     updateOne(conn, userDbTable(), cart->userInfo, encoded->string, encoded->stringSize);
 updateOne(conn, sessionDbTable(), cart->sessionInfo, encoded->string, encoded->stringSize);
 
 /* Cleanup */
 cartDefaultDisconnector(&conn);
 dyStringFree(&encoded);
 }
 
 void cartCheckout(struct cart **pCart)
 /* Free up cart and save it to database. */
 {
 struct cart *cart = *pCart;
 if (cart != NULL)
     {
     saveState(cart);
@@ -2286,33 +2287,33 @@
 if (httpProxy)
     setenv("http_proxy", httpProxy, TRUE);
 char *httpsProxy = cfgOption("httpsProxy");
 if (httpsProxy)
     setenv("https_proxy", httpsProxy, TRUE);
 char *ftpProxy = cfgOption("ftpProxy");
 if (ftpProxy)
     setenv("ftp_proxy", ftpProxy, TRUE);
 char *noProxy = cfgOption("noProxy");
 if (noProxy)
     setenv("no_proxy", noProxy, TRUE);
 char *logProxy = cfgOption("logProxy");
 if (logProxy)
     setenv("log_proxy", logProxy, TRUE);
 
-// if ignoreCookie is on the URL, don't check for cookies
+// if ignoreCookie or incognito is on the URL, don't check for cookies
 char *hguid = NULL;
-if (cgiOptionalString("ignoreCookie") == NULL)
+if (cgiOptionalString("ignoreCookie") == NULL || cgiOptionalString("incognito"))
     hguid = getCookieId(cookieName);
 char *hgsid = getSessionId();
 struct cart *cart = cartNew(hguid, hgsid, exclude, oldVars);
 cartExclude(cart, sessionVar);
 return cart;
 }
 
 static void addHttpHeaders()
 /* CGIs can initialize the global variable httpHeaders to control their own HTTP
  * headers. This allows, for example, to prevent web browser caching of hgTracks
  * responses, but implicitly allow web browser caching everywhere else */
 {
 struct slPair *h;
 for (h = httpHeaders; h != NULL; h = h->next)
     {
@@ -2321,30 +2322,31 @@
 }
 
 struct cart *cartAndCookieWithHtml(char *cookieName, char **exclude,
                                    struct hash *oldVars, boolean doContentType)
 /* Load cart from cookie and session cgi variable.  Write cookie
  * and optionally content-type part HTTP preamble to web page.  Don't
  * write any HTML though. */
 {
 // Note: early abort works fine but early warn does not
 htmlPushEarlyHandlers();
 struct cart *cart = cartForSession(cookieName, exclude, oldVars);
 popWarnHandler();
 popAbortHandler();
 
 cartWriteCookie(cart, cookieName);
+
 if (doContentType && !cartDidContentType)
     {
     addHttpHeaders();
     puts("Content-Type:text/html");
     puts("\n");
     cartDidContentType = TRUE;
     }
 return cart;
 }
 
 struct cart *cartAndCookie(char *cookieName, char **exclude,
                            struct hash *oldVars)
 /* Load cart from cookie and session cgi variable.  Write cookie and
  * content-type part HTTP preamble to web page.  Don't write any HTML though. */
 {