> Am I correct in assuming that
> an internal redirect does NOT have the ability to set a cookie?
Yes, that is correct. There may be a way for mod_perl to set the cookie
the CGI script will return, but that sounds like voodoo to me.
> The entire reason I have to do this is that I need to pass sensitive values
> to the CGI script from the module. I do not wish to use a simple query
> string, as the end user would then be able to intercept this.
I haven't thought the following completely through, but what about
sessions / server cookies? Only the session id is sent via the query
string or cookie; the sensitive side is kept on the server (in a
database, file, etc.).
There's also a second alternative: instead of having the mod_perl handler
set the cookie, send the necessary info to the CGI script, and let it set
the cookie. This was is simpler.
ELB
--
Eric L. Brine | Chicken: The egg's way of making more eggs.
[EMAIL PROTECTED] | Do you always hit the nail on the thumb?
ICQ# 4629314 | An optimist thinks thorn bushes have roses.
