Another possibility might be to have a PerlTransHandler check the user agent on incoming requests and munge the session ID out of the URL before it gets processed further down the request chain.