Nils, Thanks for your feedback.
There are 3 web sites in Alibaba at least: taobao.com, tmall.com, etao.com. all of them are using a same account management system including Sign up, Sign in. The requirement is simple for the account management system. when user A signed in taobao.com, we expect A is signed in tmall.com and etao.com. Regards, Charlie 2013/6/22 Nils Dagsson Moskopp <n...@dieweltistgarnichtso.net> > Huan Du <dh20...@gmail.com> schrieb am Fri, 21 Jun 2013 19:49:39 +0800: > > > As privacy awareness becomes prevelant, the trend is that future > > browsers are going to ban third-party Cookies by default. > > > > This is a good thing for users, but for giant internet companies, > > this has no doubt increases the difficult and complexity of > > implementing user session synchronization. > > I have a suspicion that the only thing that cannot be done easily > without cookies is tracking – that is, pretending that a user has an > account, but ensuring that she has not made that choice consciously. > > Everything else, so it seems to me, can be done RESTful. Am I wrong? > > > Is it possible to, like Cross-Origin Resource Sharing, allow a site to > > indicate which domains it would like to share Cookies with? > > > > The user account management system of Alibaba have encountered this > > issues and been troubled by this issue. It there's a proposal like > > this, it would be very nice. > > Can you elaborate? Why would an account management system need sessions? > > -- > Nils Dagsson Moskopp // erlehmann > <http://dieweltistgarnichtso.net> >