Message 72368 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	glyphobet
Recipients	arvins, glyphobet, jimjjewett, jjlee, moese
Date	2008-09-02.22:45:09
SpamBayes Score	0.000838789
Marked as misclassified	No
Message-id	<1220395510.77.0.456809922662.issue1638033@psf.upfronthosting.co.za>
In-reply-to

Content
Any progress on this? This patch is extremely straightforward (only three lines of code), and should not break existing code. The HttpOnly extension to cookies is now supported by IE, Firefox 3.0, and Opera. This article explains why HttpOnly is a good way to make cross-site scripting attacks significantly more difficult: http://www.codinghorror.com/blog/archives/001167.htmllop I'd really like to see this patch applied to Cookie.py.

Any progress on this? This patch is extremely straightforward (only
three lines of code), and should not break existing code. 

The HttpOnly extension to cookies is now supported by IE, Firefox 3.0,
and Opera. 

This article explains why HttpOnly is a good way to make cross-site
scripting attacks significantly more difficult:

http://www.codinghorror.com/blog/archives/001167.htmllop

I'd really like to see this patch applied to Cookie.py.

History
Date	User	Action	Args
2008-09-02 22:45:10	glyphobet	set	recipients: + glyphobet, jjlee, jimjjewett, moese, arvins
2008-09-02 22:45:10	glyphobet	set	messageid: <1220395510.77.0.456809922662.issue1638033@psf.upfronthosting.co.za>
2008-09-02 22:45:09	glyphobet	link	issue1638033 messages
2008-09-02 22:45:09	glyphobet	create