[Catalog-sig] Fwd: readthedocs.org or packages.python.org?
Jesse Noller
jnoller at gmail.com
Thu Feb 7 00:45:07 CET 2013
On Feb 6, 2013, at 6:41 PM, Richard Jones <richard at python.org> wrote:
> On 7 February 2013 09:55, Donald Stufft <donald.stufft at gmail.com> wrote:
>> http://en.wikipedia.org/wiki/Session_fixation
>>
>> packages.python.org can set a .python.org cookie which www.python.org will
>> read.
>
> Damn, cookies are busted :-(
>
> At least secure cookies are safe, right? Right? Ugh, probably not.
>
> So the only real solution is the one you use, which is to set up the
> unsafe content on a separate domain. Easy enough, even I can buy
> domains ;-)
>
>
I hear read the docs is popular ;)
> Richard
> _______________________________________________
> Catalog-SIG mailing list
> Catalog-SIG at python.org
> http://mail.python.org/mailman/listinfo/catalog-sig
More information about the Catalog-SIG
mailing list