This might be more of a user-experience question than a business logic question, but I'll ask it anyway...because I value your opinion!
I'm working in a simple eCommerce site and for security reasons, I want to rely exclusively on cookies for session management.
In your opinion, is it more advantageous to detect whether the client's browser accepts cookies as soon as the visitor hits the site (i.e. a "gate" through which they must pass and after which I can be reasonably sure that we'll manage sessions acceptably)?
Or would you prefer to give give them access to browse the site until they request a page for which session control is mandatory (like adding an item to their shopping cart)?
Thanks in advance.