Chris McDonough <> added the comment:

There is support in the plugin right now for the userid as an integer, as a 
long, as a unicode 
type, and as a string; if another type should become necessary to use as a user 
id, the plugin 
allows for it.  The mechanism that turns the userid into bytes is opaque, yes, 
but it *has* to be 
if we want to allow the encoding of arbitrary types.  Given that we're 
generating a cookie value, 
and the cookie value obviously needs to be bytes, is there a better way to 
encode arbitrary 
types to a bytestring that does not open up a security hole?

Repoze Bugs <>
Repoze-dev mailing list

Reply via email to