diff options
author | Joey Hess <joey@kodama.kitenet.net> | 2008-11-18 12:56:02 -0500 |
---|---|---|
committer | Joey Hess <joey@kodama.kitenet.net> | 2008-11-18 12:56:02 -0500 |
commit | 19e34cb62ec8c891f060cbf9b2340510c7cb0331 (patch) | |
tree | 2dfecec1e4bb7227ad9cff6c5b8eda444fc3d855 /doc | |
parent | 447d3ae258070be5e421b17b2aef4fe80031583c (diff) |
respond, sheesh
Diffstat (limited to 'doc')
-rw-r--r-- | doc/bugs/login_page_should_note_cookie_requirement.mdwn | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/doc/bugs/login_page_should_note_cookie_requirement.mdwn b/doc/bugs/login_page_should_note_cookie_requirement.mdwn index bd52f1c21..32d971548 100644 --- a/doc/bugs/login_page_should_note_cookie_requirement.mdwn +++ b/doc/bugs/login_page_should_note_cookie_requirement.mdwn @@ -7,6 +7,10 @@ At the moment, you go through the login shuffle and then are told that cookies a >> Very few websites break without cookies. Even fewer lose data. >> Can ikiwiki avoid being below average by default? --[MJR](http://mjr.towers.org.uk) +>>> Can we avoid engaging in hyperbole? (Hint: Your browser probably has a +>>> back button. Hint 2: A username/password does not count as "lost data". +>>> Hint 3: Now we're arguing, which is pointless.) --[[Joey]] + Even better would be to only display the cookie note as a warning if the login page doesn't receive a session cookie. > I considered doing this before, but it would require running the cgi once @@ -19,4 +23,7 @@ Best of all would be to use URL-based or hidden-field-based session tokens if co > This is not very doable since most of the pages the user browses are > static pages in a static location. ->> The pages that lose data without cookies (the edit pages, primarily) don't look static. Are they really? --[MJR](http://mjr.towers.org.uk) +>> The pages that lose data without cookies (the edit pages, primarily) +>> don't look static. Are they really? --[MJR](http://mjr.towers.org.uk)a + +>>> As soon as you post an edit page, you are back to a static website. |