X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/f38a64a9a7965f06b204d50e739db5b5a5cfe306..a9e45d868b721de2edba958a41fafa05c548359c:/doc/bugs/login_page_should_note_cookie_requirement.mdwn?ds=sidebyside

diff --git a/doc/bugs/login_page_should_note_cookie_requirement.mdwn b/doc/bugs/login_page_should_note_cookie_requirement.mdwn
index e2d5a352b..32d971548 100644
--- a/doc/bugs/login_page_should_note_cookie_requirement.mdwn
+++ b/doc/bugs/login_page_should_note_cookie_requirement.mdwn
@@ -4,6 +4,13 @@ At the moment, you go through the login shuffle and then are told that cookies a
 > websites that have a login require cookies. Such warnings used to be
 > common, but few sites bother with them anymore. --[[Joey]]
 
+>> Very few websites break without cookies.  Even fewer lose data.
+>> Can ikiwiki avoid being below average by default? --[MJR](http://mjr.towers.org.uk)
+
+>>> Can we avoid engaging in hyperbole? (Hint: Your browser probably has a
+>>> back button. Hint 2: A username/password does not count as "lost data".
+>>>  Hint 3: Now we're arguing, which is pointless.) --[[Joey]]
+
 Even better would be to only display the cookie note as a warning if the login page doesn't receive a session cookie.
 
 > I considered doing this before, but it would require running the cgi once
@@ -15,3 +22,8 @@ Best of all would be to use URL-based or hidden-field-based session tokens if co
 
 > This is not very doable since most of the pages the user browses are
 > static pages in a static location.
+
+>> The pages that lose data without cookies (the edit pages, primarily)
+>> don't look static. Are they really? --[MJR](http://mjr.towers.org.uk)a
+
+>>> As soon as you post an edit page, you are back to a static website.