If all you want is a simple dictionary, I would recommend using the marshal
module rather than pickle. Marshal only allows basic Python types, rather
than arbitrary data and is generally considered to be safer.
On 4 December 2012 03:59, Mikko Ohtamaa wrote:
>
>
> On Tue, Dec 4, 2012 at 1:26 AM,
Philip: If one relies on the data being cleaned before it is set in the
cookie, it could be manipulated afterwards, or completely separately to
contain something more dangerous.
On Aug 24, 2012 9:09 AM, "Philip Bauer" wrote:
> How about cleaning the message before saving as a coockie?
>
> Would a
Hi Philip,
>From a security point of view, I would recommend against this, as this
would expose a cross-site-scripting attack in some configurations.
Thanks,
Richard
On Thu, Aug 23, 2012 at 5:35 PM, Philip Bauer wrote:
> Hi all,
>
> there doesn't seem to be a way to include links in statusmess