Re: [Zope-dev] Rejecting HTTPS-only cookies over plain HTTP
On Thu, 2008-04-03 at 14:41 -0400, Servilio Afre Puentes wrote: > Hi folks! > > I have just posted a bug report on what I see as an inconsistent > behaviour of BrowserIdManager. I'd appreciate any comments on the > current code. Also, the patch I attached fixes a smaller bug causing a cookie not being flushed if cookie_secure is set and the request is served over plain HTTP. Regards, Servilio signature.asc Description: This is a digitally signed message part ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Rejecting HTTPS-only cookies over plain HTTP
On Thu, 2008-04-03 at 20:45 +0200, Wichert Akkerman wrote: > Previously Servilio Afre Puentes wrote: > > I have just posted a bug report on what I see as an inconsistent > > behaviour of BrowserIdManager. I'd appreciate any comments on the > > current code. > > A pointer to that bugreport will hugely increase the chances of someone > commenting it. My bad. It is: https://bugs.launchpad.net/zope2/+bug/211437 > > Wichert. > > signature.asc Description: This is a digitally signed message part ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Rejecting HTTPS-only cookies over plain HTTP
Previously Servilio Afre Puentes wrote: > I have just posted a bug report on what I see as an inconsistent > behaviour of BrowserIdManager. I'd appreciate any comments on the > current code. A pointer to that bugreport will hugely increase the chances of someone commenting it. Wichert. -- Wichert Akkerman <[EMAIL PROTECTED]>It is simple to make things. http://www.wiggy.net/ It is hard to make things simple. ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] Rejecting HTTPS-only cookies over plain HTTP
Hi folks! I have just posted a bug report on what I see as an inconsistent behaviour of BrowserIdManager. I'd appreciate any comments on the current code. Best regards, Servilio signature.asc Description: This is a digitally signed message part ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )