On 1/31/07, mark hellewell <[EMAIL PROTECTED]> wrote:
and was wondering why the auth cookie is deleted from the request every

The cookie information is removed from the request, the cookie itself
still remains in the browser cookie store for the next request. I
assume that removing it keeps other Zope code (which may be untrusted)
from snooping on that information. In other words, it's a security

Martijn Pieters
Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to