[issue1638033] Add httponly to Cookie module
Matt Chisholm
report at bugs.python.org
Wed Sep 3 00:45:10 CEST 2008
Matt Chisholm <matt-python at theory.org> added the comment:
Any progress on this? This patch is extremely straightforward (only
three lines of code), and should not break existing code.
The HttpOnly extension to cookies is now supported by IE, Firefox 3.0,
and Opera.
This article explains why HttpOnly is a good way to make cross-site
scripting attacks significantly more difficult:
http://www.codinghorror.com/blog/archives/001167.htmllop
I'd really like to see this patch applied to Cookie.py.
----------
nosy: +glyphobet
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue1638033>
_______________________________________
More information about the Python-bugs-list
mailing list