|
Kevin Wang
kwang at activegrid.com
Mon Mar 20 17:44:44 EST 2006
Hi All, The reason I am asking this is because I found a problem with mod_python's Set-Cookie response. I am assuming that the standard way for setting a cookie in a response is that both the application path and domain name are supplied so that the next time, the browser will decide if to use this cookie for a certain domain and application path. Looks like mod_python never sets the domain name in "Set-Cookie" header, but both firefox and IE browsers are smart enough to assume that the cookie belongs to the host requested. So it works for both firefox and IE. However, in the case of request coming from an IE frame, it no longer works! I have no idea why it doesn't work in an IE frame. To me, the right solution should be that mod_python always sets the domain name if one is passed in. Please let me know if I have missed something or made some obvious mistake. Thanks. -- Kevin ============================================================================== Hi All, When a new session/cookie is created on mod_python side, from the source code (mod_python/Session.py, mod_python/Cookie.py), I don't see how mod_python sets the domain name for the Set-Cookie http header. Without the domain name, the cookie set in the browser is useless (at least in IE). How does it work? Am I missed anything? Any help or input is appreciated. Thanks. -- Kevin ==============================================================================
|