Hi, I'm in doubt how to use the "wild_domain" option in AuthTktAuthenticationPolicy correct or if I found a defect. Before opening a ticket I want to ask here.
I'm using for AuthTktAuthenticationPolicy cookie-based authentification for a site hosted under "my-app.foo.example.com" As described in the documentation[0] I receive two cookie after authentification on default configuration: 1. my-app.foo.example.com (host-only) 2. .my-app.foo.example.com I expect when setting the "wild_domain" option to false only one cookie (the host-only) is set. But the wild_domain option seems to have no effect for me. I always get those two cookies. I do not use any of the interferring option like "domain" or "parent_domain". How to use the "wild_domain" option correct to only receive one host-only cookie? I'm using Pyramid 1.5.2. Some context: However using "domain" has some effect as I only get one cookie, but this is the wildcard and *not* the host-only one. Which isn't my expected behaviour but might be another issue. regards Torsten [0] https://docs.pylonsproject.org/projects/pyramid/en/1.5-branch/api/authentication.html -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/717ee1f9-4092-4841-adab-3eb331b9e7ed%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
