You could always include as part of the SSI output an image that is generated via a script. You could then send the cookie header with the image. Or, you could output javascript to handle the cookie for you. Both of these options are quite horrible ideas really. Perhaps either you or your boss should reconsider this foolish " This must all be done by a ssi within the html page, cannot display result on other page etc" ideology.