Next question...

Is UNA session variable safe? Meaning, I am interacting in a popup to show stages of an application. And displaying ajax responses within a popup. There are many steps.

This information is sensitive, and even with https I do not want to round robin information.

Is it safe to use $_SESSION in UNA?