Cookies first appeared in Netscape on Oct 13, 1994 [1]. In 1994 the 'web' was a ...

PaulDavisThe1st · on June 14, 2022

> And no one saw the privacy invading potential at the time.

Maybe not the privacy invasion potential but ... As we got started building amzn in the fall of 94, it was a no-brainer decision to not use cookies even though they were just arriving. The controversy around the idea was intense and it was far from clear that they would be a success as a technology. It is likely true that there was more attention being paid to the "what? it lets a remote server create a file on my driver?" angle than the privacy one.

shubhamkrm · on June 14, 2022

How did you manage session information without using cookies?

PaulDavisThe1st · on June 14, 2022

   http://yourdomain.com/path/to/something?SESSION=af2828c119ae1

and yes, all URLs in every page were rewritten during page generation to include the session ID.

marshray · on June 14, 2022

Didn't that break bookmarks?

jeltz · on June 15, 2022

Sometimes, but usually not. What it did enable was people accidentally leaking their sessions when sharing links.

leaflets2 · on June 15, 2022

What did the company do then? (When their users started accidentally leaking session IDs)

(Hmm but you're a different person :-))

PaulDavisThe1st · on June 14, 2022

This was 1994. Web technology was barely even emergent.

jeltz · on June 14, 2022

Yes, but someone here quoted an RFC showing that while people may not have understood this in 1994 they did in 1997. And now 25 years later the privacy issue was fixed.