Requiring Cookies....

[MGSteve]

I notice that XF requires cookies in order for users to be able to login, I just wondered what other developers do with reference to cookies.

On the frameworks I've developed in the past, I've always tested for Cookies and used them for session id storage if they're there and if not, passed a session key via the URL instead.

However, the latter is rife for session hijacking, even though I put in various tests against it - I'm wondering if its worth just saying to people that if they want to use the site, they need cookies.

Forums are one thing, but many of the other sites on the framework are online shops and a cookie only policy would mean that people who don't accept cookies wouldn't be able to do even basic things like add products into the basket!

Just thought I'd take a straw poll of what other developers think.

 

[James]

Forums are one thing, but many of the other sites on the framework are online shops and a cookie only policy would mean that people who don't accept cookies wouldn't be able to do even basic things like add products into the basket!

Local Storage would be good for that!

 

[Danny.VBT]

Local Storage would be good for that!

By Local Storage, do you mean...a cookie?

 

[MGSteve]

By Local Storage, do you mean...a cookie?

You can use local storage within the browser as well, but from memory not all browsers support it. But chances are, if someone's disabled cookies, then they'll have disabled local storage as well!

 

[James]

By Local Storage, do you mean...a cookie?

http://diveintohtml5.org/storage.html

 

[James]

You can use local storage within the browser as well, but from memory not all browsers support it. But chances are, if someone's disabled cookies, then they'll have disabled local storage as well!

Perhaps, but even if they haven't disabled a cookie, local storage can be more effective than a cookie (for things like storing shop items, etc)