@erictgrubaugh I don't see how you could match server side session key/cookie against client side session key/cookie to validate the session from a server side script only...