Cookies can be HTTP-only, but there is no JS-only flag. So any cookies we set, are sent to the server in every request.
http://..dev/
http://..dev/wiki/Main_Page
http://..dev/w/index.php?title=Main_Page&action=edit
http://..dev/w/api.php...
etc.
All these have the following header when enabling $wgVisualEditorShowBetaWelcome
Cookie: alphawikiUserID=1; alphawikiUserName=Root; alphawiki_session=*; ve-beta-welcome-dialog=1;
By using Web Storage (e.g. localStorage or sessionStorage) we keep it out of the http stack, and read/writes themselves after faster with localStorage as well.
Version: unspecified
Severity: enhancement