Re: [Catalog-sig] Fwd: readthedocs.org or packages.python.org?

Richard Jones Wed, 06 Feb 2013 15:41:35 -0800

On 7 February 2013 09:55, Donald Stufft <donald.stu...@gmail.com> wrote:
> http://en.wikipedia.org/wiki/Session_fixation
>
> packages.python.org can set a .python.org cookie which www.python.org will
> read.


Damn, cookies are busted :-(

At least secure cookies are safe, right? Right? Ugh, probably not.

So the only real solution is the one you use, which is to set up the
unsafe content on a separate domain. Easy enough, even I can buy
domains ;-)


    Richard
_______________________________________________
Catalog-SIG mailing list
Catalog-SIG@python.org
http://mail.python.org/mailman/listinfo/catalog-sig

Re: [Catalog-sig] Fwd: readthedocs.org or packages.python.org?

Reply via email to