OK, let's back up a second and make sure that we are not kidding ourselves into thinking that any music played on a computer cannot somehow be recorded.
The record labels and movie studios have become comfortable with analog reconversion for private use that includes a DAC-speaker-microphone-ADC or DAC-display-camera-ADC in the path, just not digital reconversion that doesn't include this highly lossy step. Besides, a lot of video streams are considered rentals, and the provider wants to deter users from keeping the video past the rental period, which is a violation of terms of service.
I'm also not going to google for you how to maintain session state without cookies.
I just did, and I'm going to explain why I don't like the solutions that I found on the first couple pages of results.
- Associating a session with an IP address allows session hijacking if multiple users are behind one NAT or proxy.
- Including the session ID in all URLs and as a hidden input in all forms is fragile: someone using the back button would end up starting a new session. And as this page points out, it's more vulnerable to session hijacking when a user shares a link to product pages that happen to include old session IDs that may refer to private information.
- Storing a session ID in the modification date of an image is also fragile, as it causes session loss when a device's RAM fills up and the user's browser starts purging things from cache. I don't see how it would work anyway, as there's nothing to associate the HTML page load with the image load other than the IP address, which I mentioned above.
- HTTP authentication requires users to register and log in before shopping, which users find prohibitively inconvenient.
- This page recommends making an order form that lets users copy and paste SKUs from another browser window and key in quantities, but it's almost as inconvenient as a phone order.
What keywords should I have used instead?
But as long as you make sure that the back buttons works, on all pages, all the time, even on your landing page
Cookies handle the back button better than the leading cookieless solution (session ID in URL) does.
you will be a much better developer.
I have tried to keep to this philosophy on an online store that I maintain on behalf of my employer, even though it does use a session cookie, does use the occasional (optional) animation, and does use the occasional (optional) script. We don't use anything like the Facebook/Twitter/Google+ social recommendation crap that too many sites use.