One of the fun things about the World Wide Web is that without specifically intending to do so we provided all of the Worst Case Scenario cryptographic properties, things a good cryptographic solution can cope with, but which were often treated as difficulties that aren't really worth worrying about because why would you need that?

For example, what kind of moron would put a secret you mustn't learn right next to data you can choose? A good solution wouldn't care, but surely a bad solution where that would cause a problem would never encounter real world scenarios where.... oh right HTTP Cookies

Good solutions won't lose security from repeating transactions, but while accidents might cause one or two repetitions surely no real world systems would need to withstand millions of... oh yeah, Javascript loops exist