> But if it gets above reasonable thresholds, you may want to keep it > server-side and use the cookie just as a (small!) key to retrieve it. > I don't think you should encode all THAT much data into cookies: they're > a session-state management mechanism, after all, not a 'data store':). And some of us ocassionally delete them.