On Mon, Mar 10, 2008 at 8:28 AM, Perrin Harkins [EMAIL PROTECTED] wrote:
Have you tried browsing the web without cookies recently? It doesn't
work at all on a large number of popular sites. For better or worse,
cookies are a part of the deal now.
But that doesn't mean anything belongs in
* Mark Fuller [EMAIL PROTECTED] [2008-03-10T09:06:30]
On Mon, Mar 10, 2008 at 3:56 AM, Ricardo SIGNES
[EMAIL PROTECTED] wrote:
stores your whole session in the cookie. It's stored as a base64-encoded,
Rijndael-enciphered, JSON-encoded string. This seemed like a swell idea
for me,
I
* Michael Peters [EMAIL PROTECTED] [2008-03-10T09:15:26]
Ricardo SIGNES wrote:
It's a Catalyst plugin that stores your whole session in the cookie. It's
stored as a base64-encoded, Rijndael-enciphered, JSON-encoded string.
Krang does this as well and I've used it on lots of other
* Mark Fuller [EMAIL PROTECTED] [2008-03-10T09:27:47]
On Mon, Mar 10, 2008 at 6:15 AM, Michael Peters [EMAIL PROTECTED] wrote:
I just use a URL encoded JSON cookie. I don't put anything sensitive in
there.
Is there a risk that this contributes to the bad reputation of
cookies? One
Sorry for the late response. I was up against a deadline and had to
switch tactics, but wanted to post a follow up for at least archive
purposes.
The project ultimately produced surveys each with content that could be
classified into different form types (checkbox, radio, text, etc) and
some
Hi Cees,
feature). I don't have a windows box to play with so there is not
much I can do to fix this. I would appreciate if someone could take a
few minutes to do some debugging. A patch would be greatly
appreciated, and/or SVN access to my CAP::TT repo can be organized for
anyone willing
On Mon, Mar 10, 2008 at 11:43 AM, Mark Fuller [EMAIL PROTECTED] wrote:
But that doesn't mean anything belongs in a cookie. It seems to me if
it can't be clear text it shouldn't be in a cookie. At least if it's
clear text I have the opportunity to see what's going on and make a
choice about
On Mon, Mar 10, 2008 at 11:46 AM, Mark Fuller [EMAIL PROTECTED] wrote:
BTW: I didn't understand the part in the Catalyst documentation saying
the benefit of sending the session in the cookie is that you don't
have to access the disk. I assume that's supposed to be a performance
benefit.
* Mark Fuller [EMAIL PROTECTED] [2008-03-11T10:52:29]
On Mon, Mar 10, 2008 at 9:54 AM, Ricardo SIGNES
I wouldn't use this for anything like banking or credit cards, but I feel
pretty okay about it for things like a Rubric login.
The problem (from my perspective) is that if it's encrypted
Ricardo SIGNES wrote:
Is your objection just that you don't want me storing anything in your
browser's cookie jar that isn't plaintext or a serial number?
Also, I'd like to make that point that a good unique session id (like one
generated form mod_unique_id) will be indistinguishable from some
On Tue, Mar 11, 2008 at 8:19 AM, Ricardo SIGNES
[EMAIL PROTECTED] wrote:
Is your objection just that you don't want me storing anything in your
browser's cookie jar that isn't plaintext ...
Yes. I thought I'd said that more than once. A unfortunate perception
exists among many that cookies
11 matches
Mail list logo