Ask a Jedi: No cookie for you!

Pat asks:

What's the best way to get around the old problem of cookie blocking? How do we keep variables current through a session, for example a shopping basket, when the user is paranoid enough to set 'accept NO cookies' ?

I'm well aware a disclaimer on the site saying 'you must have cookies enabled' would work. I'm also aware of #URLSessionFormat("xxxx")# but that creates a mess in the URL. Are there any other ways of getting around this ? If not, what's the best way to set up Application.cfc to the best advantage when using URLSessionFormat ?

I think the solution here is simple, and you already know it. If the user refuses to accept cookies, then you must maintain state via URL parameters. I'm not really sure I'd call URLSessionFormat ugly. It works, and the nice thing is that if a user does accept cookies then it knows to not add the additional items to links. The only bad thing about this feature is that you have to be extremely careful to use it everywhere, including both simple navigation links and form posts as well.

Are any of my readers supporting cookie-less visitors without using urlSessionFormat?

Raymond Camden's Picture

About Raymond Camden

Raymond is a developer advocate for HERE Technologies. He focuses on JavaScript, serverless and enterprise cat demos. If you like this article, please consider visiting my Amazon Wishlist or donating via PayPal to show your support. You can even buy me a coffee!

Lafayette, LA