cookie in the forms generated by C<check_ok>. You may also set it
yourself (and indeed you must do so if you use C<check_divert>).
-=item C<< $authreq->_chain_params() >>
+=item C<< $authreq->chain_params() >>
Returns a hash of the "relevant" parameters to this request, in a form
suitable for C<url_with_query_params>. This is all of the query
-parameters which are not related to CGI::Auth::Flexible. The
+parameters which are not related to CGI::Auth::Flexible's authentication
+arrangements. (The srcdump request parameters B<are> included.) The
PATH_INFO from the request is returned as the parameter C<< '' >>.
=back
The contents of this hashref does not include the CAF-specific
parameters such as the secret cookie, those which follow from the kind
-of diversion requested, etc.
+of diversion requested, etc. (But they may include the
+srcdump_param_name, so that srcdump_needlogin can work properly.)
It is correct to always include the contents of C<Params> as hidden
parameters in the urls for all redirections, and as hidden input