Stephen Carville wrote: > Seems to me it makes more sense to embed the session ID or any other > tracking as hidden variables in a form and send it back as a POST.
This assumes then that every request you make is now a post request. Which means not more <a> links, just forms. And this also breaks REST style apps (and really anything that tries to have meaningful HTTP semantics) since POST requests are for things that could change the data server-side and GET requests are for anything that won't (idempotent). In this day and age you really have to expect your users to use cookies. I can understand people not wanting to be tracked long term, but why should anyone object to memory-only cookies? -- Michael Peters Developer Plus Three, LP ##### CGI::Application community mailing list ################ ## ## ## To unsubscribe, or change your message delivery options, ## ## visit: http://www.erlbaum.net/mailman/listinfo/cgiapp ## ## ## ## Web archive: http://www.erlbaum.net/pipermail/cgiapp/ ## ## Wiki: http://cgiapp.erlbaum.net/ ## ## ## ################################################################