you're absolutely correct. i used a very bad choice of words and should have been specific because I was thinking of something weird. i meant to refer to using the new storage policy to implement the "encrypted token pattern", which basically bootstraps a micro session into a first dedicated csrf cookie, then programmatically constructing a request with a second cookie set by the client.
-- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to pylons-discuss+unsubscr...@googlegroups.com. To post to this group, send email to pylons-discuss@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/49f94c31-af2a-43ba-8305-cf75f3092b36%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.