Florent Aide schrieb: > now once we revert this cookie problem with IE we should be ok for a release: > http://trac.turbogears.org/ticket/1729
I'm just working on the cookie problem. Replaced "expires" with "max-age", but now I think it is not the right fix. It seems that MSIE (even version 7!) indeed ignores max-age completely (strange that there is not much info on this bug on the Internet, and I needed to verify this by experimenting). So I think the right fix is to set either expires AND max-age (which overrides expires for new browsers) - then you get a permanent cookie, or to set NONE of these, then you get a session cookie that is discarded when the browser is closed. My idea is to make this choice configurable via visit.cookie.permanent which will be False by default, for security reasons. -- Chris --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears Trunk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears-trunk?hl=en -~----------~----~----~----~------~----~------~--~---
