[EMAIL PROTECTED] (Gordon Burditt) writes: > I'm not sure that you can disable Javascript from reading cookies > from other sites while allowing Javascript to read cookies from the > site it came from on all browsers.
Javascript is not supposed to be able to read cross-site cookies. It's bad but it's not THAT bad. There was an MSIE bug that allowed reading other sites' cookies but it was correctly considered a horrendous security breach and it was fixed quickly after discovery. It caused a big fire drill where I was working at the time of the incident. We had to write a special ActiveX control to protect our cookie info until the browser patch went out. -- http://mail.python.org/mailman/listinfo/python-list