On Wed, Feb 24, 2010 at 8:49 PM, Darin Fisher <[email protected]> wrote: > Some other random comments: > 1- Perhaps deleteCookie should also take an optional error callback.
Done. It's a bit strange, but deleteCookie can fail in third-party contexts. > 2- Is it possible for setCookie to be used to set a http-only cookie? That > could be an interesting use case. Some browsers allow this, but others don't. IMHO, it doesn't matter much for security, but some folks think that it does. Adam
