High Programmer > Blog Archive > Don't Be a Sucky Webmaster: Cookies
Friday, April 08, 2005

Don't Be a Sucky Webmaster: Cookies

Cookies are great. Building complex, persistent web applications is much, much easier with cookies. If you need to store persistent state (say, with a shopping cart or login permission for a pay site), I'm willing to accept your cookies.

However, not everyone is willing to accept your cookies. Some people are paranoid and block them specifically. Some people install "firewall" software that blocks cookies out without realizing it. Whatever the reason there are real users trying to use your web site without cookies. How you handle these users is important.

Cookie Good Idea 1: Let the user visit your site and take a look around, but don't let them have access to advanced functionality. For example, if you're a store let your visitors view local store hors and check out your product catalog. Only when a visitor tries to "Add Item to Cart" do you stop them and explain that they'll need to accept cookies.

Cookie Bad Idea 1: Don't let them visit at all. Case in point Best Buy. Smooth move. I want to check local store hours. Why in the world would I need a cookie? Answer: I don't, but their web team isn't competent. Instead of doing it right, they did the lazy thing. Some users will enable cookies, but some will move on and shop elsewhere. I now prefer my local CompUSA because I can use their web site without cookies. Nice business sense BestBuy.com web team.

Best Buy claims "We use cookies to track which pages on our sites our visitors view and which browsers they use." Riiiiight. Every single time I visit a page on bestbuy.com my browser tells you what browser it is and what page I'm viewing. A cookie is completely irrelevant. It's a false claim. The best I can suggest is that they're simply incompetent and have no idea how to read web server logs.

Cookie Good Idea 2: If the user's web browser doesn't accept your cookie and you really, really need it, display a page explaining the problem and some common suggestions on how to change the browser settings.

Cookie Bad Idea 2: Reload the page and try again. And if it didn't work, reload the page and try again. Do so in a loop as fast as possible so the web browser flickers without actually accomplishing anything. Example: Berkeley Premium "Nutra"ceuticals. If you've got cookies disabled you'll never see their page. In this particular case you're not missing much (these are the weasels behind Enzyte, which turns out to just be a stupid, unregulated "herbal supplement"), but the point stands: you've turned away a user. Worse, the user has no idea he's been turned away or why. Depending on the browser either he'll never see anything, or he gets a cryptic message about "redirection limit reached." For a company that has spend so much money trying to look like a legit pharmaceutical company (which it isn't), they apparently didn't invest enough is skilled webmasters.

Contact webmaster