[Catalog-sig] Fwd: readthedocs.org or packages.python.org?
martin at v.loewis.de
martin at v.loewis.de
Wed Feb 6 23:06:52 CET 2013
> Javascript hosted on packages.python.org has access to cookies on
> python.org, If python.org has
> any sort of login it's trivial to steal a session cookie.
No, it doesn't. Cookies for "python.org" are not available to
"packages.python.org".
It would have to be a cookie for ".python.org". We don't issue such cookies.
Regards,
Martin
More information about the Catalog-SIG
mailing list