Welcome to WebmasterWorld Guest from 126.96.36.199
Forum Moderators: open
But when I try to logon to my gmail account, I get following message:
""Your browser's cookie functionality is turned off. Please turn it on.""
I don't this its a commercial product. Google just created this "gmail" to add another product in their list of products before going for IPO.
Add to it that more than one person can browse from an IP... and it's close to impossible to be able to deal with login systems without cookies to identify a user's session.
From what you describe, it sounds like you do have cookies enabled. It could be a temporary error with gmail. Try it again and see if it works.
and it's close to impossible to be able to deal with login systems without cookies to identify a user's session.
Well you can keep sessionID as part of all URLs and forms on generated pages. This is certainly something not particularly attractive from search engine indexing point of view (same URLs appear to be unique), but pretty acceptable for those private accesses that require user authentication.
true - but more than being ugly, it also allows someone to paste a url to someone else and the second user to then have the first person's access.
Not if sessionID is linked to IP address with short expiration. Yes its not nice, but certainly not impossible, which is the point I am making. Content that require authentication should not be shared by users in form of passing direct URL anyway.
The reason (as I see it) GMail wants cookies is not of technical impossibility to workaround it, but that these cookies are essential for non-session tracking capabilities.
Linking together cookied searches should generate pretty rich data for targeting purposes, but linking these to actual people with valid email addresses is even more important as it will allow to actually run nice targeted campaigns.
That will break in a number of situations. 1 user does not equal 1 IP, and 1 IP does not equal 1 user.
Agreed its not perfect. Note that it requires sessionID to be present in each URL request - it won't work if you go directly to site which will not recognise you. In order for 2 people on the same IP (corporate proxy) to see the same content that require authentication both people will need to have the same correct cryptographically strong sessionID, so user A will have to share it with user B, or user B will have to obtain it using some other means (that can allow to obtain other authentication info as well).
As I said - not perfect, not acceptable for high security situations (like online banking), but certainly a substitute for cookies in some scenarios (mobile browsers not supporting cookies?!?). I certainly do not advocate it, merely commenting about alleged "technical impossibility".
So it must be different levels of cookie requiremenst when I first tried from that lab computer and only gmail did not work. Gmail was working for another guy sitting next to me.. so it was not a network problem.. it was some security setting on the desktop, which Yahoo and Webmasterworld did not care, but gmail did.