On 7-7-2012 5:05, Timothy Makobu wrote: > For secure logins, this helps > https://docs.djangoproject.com/en/dev/topics/http/sessions/?from=olddocs/#session-cookie-secure >
No it doesn't. That is for secure /sessions/, which means that if you use this during the login process then the session is created on the HTTPS connection and only /valid/ on the HTTPS connection. In other words, if you set this flag the scenario of having an unencrypted site with an encrypted login procedure is impossible. -- Melvyn Sopacua -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
