I thought we were talking about cross origin requests. I've not encountered content worth hotlinking that can't work on first load without cookies. That seems like a slim hypothetical that doesn't justify banning the ability entirely. You don't attach cookies just to wget something from a server.
replyNevertheless cookies being sent with HTTP requests was how it worked before Javascript was invented, and at the time Netscape had to work with that for compatibility reasons.
replyIf we’d known then how the web is used now then a few things might have been done differently.
But it can easily be done differently. Its entirely possible to have the option available without cookies. It doesn't break backwards compatibility and no one has to use it in a situation where they need cookies. Cookies shouldn't be forced on people.
reply