Yogi's Stock Hive application and Scriptaculous demos had something very interesting in that they refused to work correctly when I used the Sahi proxy.
The problem apparently lay in the way cookies were being sent.
Cookie headers are sent to the server as
Cookie: cookie1=value1; cookie2=value2; cookie3=value3
While rebuilding cookies on the proxy, it was being sent as
Cookie: cookie1=value1; cookie2=value2; cookie3=value3;
The last semicolon after value3 was the root of the problem.
lighttpd seemed to think that the value of cookie3 was 'value3;' thus missing the session cookie.
The RFC seems to say that this behaviour is right, but most mainstream web servers seem not to mind this.
Crux is, Scriptaculous and Stock Hive both work now through the proxy. Now to get the AJAX and dhtml rich Scriptaculous to be scripted and played back.