Session question(s)

[Carl Youngblood]

Is there a way to tell the session class to store the session ID in a
session cookie rather than a persistent cookie? (In case you're not
familiar with my terminology, "session cookie" means a cookie that
disappears when the browser is closed.

Also, it would be nice if the session class had support for GET session
ID propagation rather than just using cookies. That way your site would
still work for paranoid people who disable cookies in their browser.

Thanks,
Carl Youngblood

 

[Yukihiro Matsumoto]

Hi,

In message "Session question(s)"

|Is there a way to tell the session class to store the session ID in a
|session cookie rather than a persistent cookie? (In case you're not
|familiar with my terminology, "session cookie" means a cookie that
|disappears when the browser is closed.

I thought cookies would disappear unless you explicitly specify
"session_expires" option to CGI::Session.new().

|Also, it would be nice if the session class had support for GET session
|ID propagation rather than just using cookies. That way your site would
|still work for paranoid people who disable cookies in their browser.

CGI::Session passes both hidden field and cookie, so that it should
work for cookie disabled browsers. There's no way to stop cookies
though. Tell me if you find any problems.

matz.