Tuesday, November 20, 2012

Cookies and JavaScript

Now and then a disenting voice crops up: "but what if they've disabled cookies or javascript, lots of people do that". I've never had a good answer for this, so I decided to gather some field data. I tested TD bank, PC bank, ING bank, Intuit and Salesforce. The result? No one supports no-cookies/no-script, and most of them fail-ugly. So why bother? For me, I'll always require both cookies and script.


no cookies, no script

https://easywebcpo.td.com/waw/idp/login.htm
displays message: "You do not have cookies enabled, please go into your browser's preferences and enable cookies so that EasyWeb will function correctly."
fail (graceful)

https://www.txn.banking.pcfinancial.ca/a/authentication/preSignOn.ams
sign-in fails without error message, shows original sign-in page
fail (ugly)

https://secure.ingdirect.ca/InitialINGDirect.html?command=displayLogin&device=web&locale=en_CA
displays message: "To view this web site you must have your cookies and JavaScript browser features enabled."
fail (graceful)

https://iop.intuit.com/in/todo/default.jsp
displays message: "Our web site has detectd that JavaScript has been disabled in your browser options. You must enable JavaScript in order to use our web site."
fail (graceful)

https://login.salesforce.com/
shows a blank page
fail (ugly)


yes cookies, no script

https://easywebcpo.td.com/waw/idp/login.htm
sign-in redirects to getDeviceId which just shows a blank page
fail (ugly)

https://www.txn.banking.pcfinancial.ca/a/authentication/preSignOn.ams
user-name/password sign-in succeeds. additional personal question succeeds. main page is displayed successfully. some ofthe stie works, but links like "display account" and "sign-out" are javascript: and thus are broken.
fail (ugly)

https://secure.ingdirect.ca/InitialINGDirect.html?command=displayLogin&device=web&locale=en_CA
displays message: "To view this web site you must have your cookies and JavaScript browser features enabled."
fail (graceful)

https://iop.intuit.com/in/todo/default.jsp
displays message: "Our web site has detectd that JavaScript has been disabled in your browser options. You must enable JavaScript in order to use our web site."
fail (graceful)

https://login.salesforce.com/
shows a blank page
fail (ugly)


no cookies, yes script

https://easywebcpo.td.com/waw/idp/login.htm
displays message: "You do not have cookies enabled, please go into your browser's preferences and enable cookies so that EasyWeb will function correctly."
fail (graceful)

https://www.txn.banking.pcfinancial.ca/a/authentication/preSignOn.ams
displays message: "In order to access all the functions of Online Banking, you need to modify your browser settings to enable cookies and JavaScript. For instruction on how to enable cookies, please see the Help section on the sign in page."
fail (graceful)

https://secure.ingdirect.ca/InitialINGDirect.html?command=displayLogin&device=web&locale=en_CA
displays message: "To view this web site you must have your cookies and JavaScript browser features enabled."
fail (graceful)

https://iop.intuit.com/in/todo/default.jsp
after entering a username/password it displays a message: "Please try again. (Error Code 2)"
fail (ugly)

https://login.salesforce.com/
after what looks like successfuly signon, it bounces you to a "Your are now logged out page"
fail (ugly)

web
{ "loggedin": false, "owner": false, "avatar": "", "render": "nothing", "trackingID": "UA-36983794-1", "description": "", "page": { "blogIds": [ 306 ] }, "domain": "holtstrom.com", "base": "\/michael", "url": "https:\/\/holtstrom.com\/michael\/", "frameworkFiles": "https:\/\/holtstrom.com\/michael\/_framework\/_files.4\/", "commonFiles": "https:\/\/holtstrom.com\/michael\/_common\/_files.3\/", "mediaFiles": "https:\/\/holtstrom.com\/michael\/media\/_files.3\/", "tmdbUrl": "http:\/\/www.themoviedb.org\/", "tmdbPoster": "http:\/\/image.tmdb.org\/t\/p\/w342" }