Pass all the required data through get (URL) or post (FORM)
requests.
ColdFusion has the ability to pass the session required CFID
& CFTOKEN
cookie values though the URL so that cookies are not
required. Then all
the other state data can be stored in the session scope.
This does require quite a bit of effort to make sure that
every link,
form post, any other request, passes these values. It also
opens a
whole world of session sharing issues as URL's with these
values can
easily be bookmarked, e-mailed, otherwise shared. You will
need logic
that minimizes this risk.
It can be done. However most developers just choose to
clearly require
cookies in the user information of the site. A simple test to
see if
cookies are disabled can provide feedback to users who may
not be aware
of the issues.
HTH