I would use it for a few things.
Including contact information, especially for security researchers
(security.txt is starting to help, but there are other times when it can
be useful to include contact information intended only for a more
Including credits. These are plainly displayed to users in a
dedicated page, but I like giving credit to web and graphic designers in
as many places as possible to make it as easy for a prospective customer
to contact someone who’s services I use and endorse).
But the one that really matters is mostly for me:
- I throw lots of data into comments to help troubleshoot issues. This
includes which backend server served a response, some details about the
user’s status. Details like are they logged in? What is their session ID
or other unique identifier? Were they assigned any special flags (A/B
testing and similar, which may not be tied to an account or specific
session if the site doesn’t use these). What is the timestamp when the
page was generated (for connecting the request to server side logs).
There are tons of other ways to handle this situation, but comments are
relatively easy for semi-technical users to retrieve and send to me, the
instructions are pretty much just “Press CTRL U, copy the top lines
until the ‘Stop copying here’ line, paste into a reply to this email”