session.session_id is not unique if you are using cookie sessions.
This doesn't make sense to me. ActiveRecord cookie stores have unique
ids, as does p_store.
If you look in cookie_store.rb, you'll see that it sets:
options['no_hidden'] = true
From the looks of this, options['no_hidden'] makes CGI exclude the
session id from the cookie. So for every non-logged in user,
session_id is the same.
I'm not sure if this is a bug or not, but I certainly didn't expect
it, and it broke one of my apps when I switched from AR to cookies,
and there seems to be no documentation about it, except for the
comment right above the line in cookie_store.rb.
Does any one else think that we should keep the api to cookie stores
the same, or does adding a session_id to cookie store add too much
data for the 4K??