I wonder if it asked them to point out “the country of Iran.”
Of course people also confuse cities and states. Like on the game shows, people will say things like Los Angeles when they mean California, and vice versa.
Well that’s still a form of session ID. But you are saying things like “most people” and “pretty close”, so it’s not a very good session ID, since it’s not guaranteed to be unique.
How do you render it? Can javascriot access the cookie? Then you write it to the DOM? You still have to obtain the cookie initially, then have all clicks act like an SPA and not make server calls.
Interesting idea.
If they are starting a new session but they already have the cookie, how do you prevent the initial server contact when they open the browser/tab ?
Either you store it in a cookie which the browser passes to the server for you, or you store it in a url parameter and you (or your html / temp laying Generation framework, or some JavaScript manipulation) needs to ensure all links or other server calls like POST, will need to include that session ID passed back to the server.
And this talk about IP addresses is complete nonsense because of Proxies and NAT and a ton of other reasons. You can attempt to use it in combination with a session ID, but you certainly cannot use that alone.