Session variables without cookies

Clever. Uses window.name so won’t work if you open a new window/tab and is vulnerable to XSS. Useful trick nonetheless.