I'm talking about a Session-ID header that'd have a 128bit (say) max length or something. Not something that has a few kb limit like a cookie.
Also, a GET request wouldn't send a payload so I'm not sure what you mean.
I'm talking about a Session-ID header that'd have a 128bit (say) max length or something. Not something that has a few kb limit like a cookie.
Also, a GET request wouldn't send a payload so I'm not sure what you mean.