[qyi]

PHPBB era forums would let you authenticate by putting a session ID in the URL. No cookies needed. There are many ways to do authentication without cookies. There's also basic auth. The whole "we use cookies" thing is a weird misnomer to make laypeople understand that the website is talking about the same concept those FUD articles about web tracking have talked about (tracking can be done through thousands of different vectors, no cookies needed).

>So I guess server-side no-JS applications are going to be caught in this crossfire?

No, as nicbou said, the "we use cookies" popup seems to be only required for tracking/advertising cookies.