https://issues.apache.org/bugzilla/show_bug.cgi?id=24739
--- Comment #7 from Andrew Mottaz 2011-02-22 13:04:11 EST ---
You actually made my point SOME of the cookies are not secure. My point is not
that you should never have secure session cookies. It's that sometimes you
don't want them secure
https://issues.apache.org/bugzilla/show_bug.cgi?id=24739
--- Comment #6 from Mark Thomas 2011-02-22 12:46:02 EST ---
(In reply to comment #5)
> How can you say there are no valid use cases? Virtually EVERY ecommerce site
> on the internet supports this behavior.
No they don't. At least the secu
https://issues.apache.org/bugzilla/show_bug.cgi?id=24739
--- Comment #5 from Andrew Mottaz 2011-02-22 11:59:24 EST ---
How can you say there are no valid use cases? Virtually EVERY ecommerce site
on the internet supports this behavior. Amazon.com, Apple.com, Dell.com.
Basically - whether a ses
https://issues.apache.org/bugzilla/show_bug.cgi?id=24739
--- Comment #4 from Andrew Mottaz 2011-02-22 11:58:55 EST ---
How can you say there are no valid use cases? Virtually EVERY ecommerce site
on the internet supports this behavior. Amazon.com, Apple.com, Dell.com.
Basically - whether a ses
https://issues.apache.org/bugzilla/show_bug.cgi?id=24739
Mark Thomas changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|
https://issues.apache.org/bugzilla/show_bug.cgi?id=24739
Mark Thomas changed:
What|Removed |Added
CC||colinwilsons...@bluecycle.c