Cookies [was: [mod_python] Announcement: Roadkill version 0.01 "Kitten"]

Gregory (Grisha) Trubetskoy grisha at
Sun Jun 8 23:36:08 EST 2003

Just as a sidenote to this discussion -

It is surprising how little decent info is available about them. By far
the best description of everything relating to cookies from history to
issues with them and why they are needed is in this paper:

"HTTP Cookies: Standards, Privacy, and Politics" by David M. Kristol


On Sun, 8 Jun 2003, Dustin Mitchell wrote:

> On Sun, Jun 08, 2003 at 03:43:12PM -0600, Gre7g Luterman wrote:
> > > Then get them to log in (and thus initiate that session), then I can hijack
> > > their session by using the same URL.  At least with cookies it's much harder
> > > to get someone to install a cookie for a foreign site on their browser.
> >
> > I suppose I didn't mention it, but I do test the remote IP address
> > against the IP address recorded in the session pickle.
> That can cause trouble for people behind multiple, layer-4 switched caches..
> the remote IP will be different for different requests..
> That's rare, but it does happen.
> Dustin
> --
>   Dustin Mitchell
>   dustin at at
> _______________________________________________
> Mod_python mailing list
> Mod_python at

More information about the Mod_python mailing list