App::Session::Cookie 0.968

App::Session::Cookie - a session whose state is maintained across HTML requests by being embedded in an HTTP cookie.

SYNOPSIS

 # ... official way to get a Session object ...
 use App;
 $session = App->session();
 $session = $session->session(); # get the session

 # any of the following named parameters may be specified
 $session = $session->session(
 );

 # ... alternative way (used internally) ...
 use App::Session::Cookie;
 $session = App::Session->new();

A Session class models the sequence of events associated with a use of the system. These events may occur in different processes. Yet the accumulated state of the session needs to be propagated from one process to the next.

This Session::Cookie maintains its state across HTML requests by being embedded in an HTTP cookie. As a result, it requires no server-side storage, so the sessions never need to time out.

The Session::Cookie has an advantage over Session::HTMLHidden in that data does not need to be posted to a URL for the session data to be transmitted to it. This allows that the state can be propagated properly to sub-components of an HTML page such as

* frame documents within a frameset (< frame src=... >)
* dynamically generated images (< img src=... >, < input type=image src=... >)

Limits on cookie storage are as follows, according to "Dynamic HTML, The Definitive Reference" by O'Reilly in the DOM Reference under "document.cookie".

* max 2000 chars per cookie (recommended, although 4000 supposedly allowed)
* max 20 cookies per domain

This allows for roughly 40K of session storage. It is quite conceivable that this amount of storage could be overrun, so Session::Cookie is only appropriate in situations where you are confident it will not be. Also, session_objects should take care to clean up after themselves, and static values stored in the session can alternatively be provided in the config.


Product's homepage

Requirements:

· Perl