This software feature allows session information to persist through HTML requests by storing it in an HTTP cookie.
The official way involves using App and calling the session() method. This returns a Session object which can be used to get the session for the user. The alternative way to get a Session object involves using App::Session::Cookie and calling the new() method.
A Session class models the sequence of events associated with a use of the system, which could occur in different processes. The accumulated state of the session needs to be propagated from one process to the next. Session::Cookie is designed to maintain session state across HTML requests by being embedded in an HTTP cookie. Since it requires no server-side storage, the sessions never need to time out.
Session::Cookie has an advantage over Session::HTMLHidden in that data does not need to be posted to a URL for the session data to be transmitted to it. This allows the state to be propagated to sub-components of an HTML page such as frame documents within a frameset and dynamically generated images.
However, there are limits on cookie storage, according to "Dynamic HTML, The Definitive Reference" by O'Reilly in the DOM Reference under "document.cookie". Only a maximum of 2000 characters per cookie (recommended, although 4000 is supposedly allowed) and a maximum of 20 cookies per domain are allowed. As a result, roughly 40K of session storage is allowed. It is conceivable that this amount of storage could be overrun, so Session::Cookie is only appropriate in situations where you are confident it will not be.
Additionally, session objects should take care to clean up after themselves. Static values stored in the session can alternatively be provided in the config. Overall, App::Session::Cookie is a reliable software package that provides a convenient solution for maintaining session state across HTML requests while minimizing server-side storage.
Version 0.9661: N/A