Author glyphobet
Recipients arvins, glyphobet, jimjjewett, jjlee, moese
Date 2008-09-02.22:45:09
SpamBayes Score 0.000838789
Marked as misclassified No
Message-id <1220395510.77.0.456809922662.issue1638033@psf.upfronthosting.co.za>
In-reply-to
Content
Any progress on this? This patch is extremely straightforward (only
three lines of code), and should not break existing code. 

The HttpOnly extension to cookies is now supported by IE, Firefox 3.0,
and Opera. 

This article explains why HttpOnly is a good way to make cross-site
scripting attacks significantly more difficult:

http://www.codinghorror.com/blog/archives/001167.htmllop

I'd really like to see this patch applied to Cookie.py.
History
Date User Action Args
2008-09-02 22:45:10glyphobetsetrecipients: + glyphobet, jjlee, jimjjewett, moese, arvins
2008-09-02 22:45:10glyphobetsetmessageid: <1220395510.77.0.456809922662.issue1638033@psf.upfronthosting.co.za>
2008-09-02 22:45:09glyphobetlinkissue1638033 messages
2008-09-02 22:45:09glyphobetcreate