Hello, even with *rewrite-for-session-urls* set to nil, the redirect function puts the session ID into the URL by calling add-cookie-value-to-url (under some circumstances). Is this a bug, or am I missing something? Thanks, Richard