#3304: [patch] Support "httponly"-attribute in session cookie.
---------------------+------------------------------------------------------
Reporter: arvin | Owner: nobody
Status: new | Component: Core framework
Version: SVN | Resolution:
Keywords: | Stage: Someday/Maybe
Has_patch: 1 | Needs_docs: 1
Needs_tests: 1 | Needs_better_patch: 1
---------------------+------------------------------------------------------
Changes (by jacob):
* stage: Design decision needed => Someday/Maybe
Comment:
Hacking around the Python Cookie objects just gives off that "code smell"
to me, and I'm reluctant to check in smelly code to support a non-standard
addition to HTTP.
Still, added security is always a good thing, so I'm pretty conflicted
about this one. For now I'm going to mark this "somday/maybe" and move on,
but a better patch would help move this back towards reality.
--
Ticket URL: <http://code.djangoproject.com/ticket/3304#comment:11>
Django Code <http://code.djangoproject.com/>
The web framework for perfectionists with deadlines
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
