On 30 Oct 1999, Randal L. Schwartz wrote:
> You have three main choices for maintaining a "session":
>
> 1) cookies
> 2) mangled URLs
> 3) hidden fields in forms
>
> If "static HTML" can't do #2 or #3, you are stuck with #1.
>
> No amount of module help can work. :)
I may be wrong, but it seems that mod_perl gives us enough access to the
request loop that we could handle this problem. Couldn't we parse out and
append the session id somehow in the URI translation phase?
Basically I'm looking for something similar to the Cookie Munger
functionality:
(http://msdn.microsoft.com/workshop/server/toolbox/cookie.asp)
Although, I'm not sure you need to parse the response document for URLs so
that you can append the session id to every one of them as MS does. I
heard a rumor that this type of non-cookie session state was going to be
possible with some JSP implementations as well.
Couldn't we do some regex on the environment variable HTTP_REFERER to grab
the session id from a request?
thanks,
Trei Brundrett
