> > To me a default where apps share cookies doesn't seem out of with line > with the other things apps share- the default logger for example.
Cookies are for end-user functionality; the logger is for development/debugging. For the most part, the apps don't share anything. > Just as making an app-specific logger can be achieved by passing > request.application to a new instance, so we can prefix app-specific > cookies with the app name. To me it's the more obvious default. If the apps are truly independent and unrelated, I would think using a cookie would more likely be for some app-specific functionality. On the other hand, in most cases, you probably don't have multiple apps running on the same domain, or if you do, those apps are related and might need to share cookies. But it still might be safer to require the developer to set the path explicitly. Note, I think this is reasonably well documented in the book: http://web2py.com/books/default/chapter/29/4#Cookies. Anthony --
