Re: non-cookie session maintenance

in reply to non-cookie session maintenance

Some ways to pass a session ID around:

Cookie
PATH_INFO - http://my.host.com/myscript.cgi/1234567890/function
URI Parameter - http://my.host.com/myscript.cgi?sessionid=1234567890
Hidden fields in forms

The framework I use for web apps attempts to set a cookie. If that fails, it builds its URIs to include the session id. It can then pull the session ID out of $ENV{PATH_INFO}.

---
print map { my ($m)=1<<hex($_)&11?' ':'';
$m.=substr('AHJPacehklnorstu',hex($_),1) }
split //,'2fde0abe76c36c914586c';
[download]

Comment on Re: non-cookie session maintenance Download Code

Replies are listed 'Best First'.
Re: Re: non-cookie session maintenance by UnderMine (Friar) on Mar 25, 2003 at 12:19 UTC
I would add to this using Perl Trans Handlers in apache :- URI Path - http://my.host.com/1234567890/myscript.cgi can then set a $ENV{sessionid}=1234567890 whilst doing some simple security. Just my thoughts UnderMine	[reply]

In Section Seekers of Perl Wisdom