Hi, sounds plausible, thanks for the reply :) mark
On 2/1/07, Martijn Pieters <[EMAIL PROTECTED]> wrote:
On 1/31/07, mark hellewell <[EMAIL PROTECTED]> wrote: > and was wondering why the auth cookie is deleted from the request every > time? The cookie information is removed from the request, the cookie itself still remains in the browser cookie store for the next request. I assume that removing it keeps other Zope code (which may be untrusted) from snooping on that information. In other words, it's a security measure. -- Martijn Pieters
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
