Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #97985

Re: working with cookies

Newsgroups comp.lang.python
Date 2015-10-28 12:31 -0700
References (3 earlier) <n0mc3q$o3j$1@reader1.panix.com> <f55b1ed4-7dcf-47e9-906b-085d72b98f92@googlegroups.com> <n0mko7$khp$1@reader1.panix.com> <6906a71b-b3bd-4643-84d5-393cb66c2c7d@googlegroups.com> <n0q0ov$gup$2@dont-email.me>
Message-ID <ea6ebd4d-4deb-47bf-8a78-43b49f15c575@googlegroups.com> (permalink)
Subject Re: working with cookies
From Jeremy Leonard <jrmy.lnrd@gmail.com>

Show all headers | View raw

On Wednesday, October 28, 2015 at 4:27:36 AM UTC-4, Denis McMahon wrote:
> On Tue, 27 Oct 2015 05:11:01 -0700, Jeremy Leonard wrote:
> 
> > I haven't learned how to do that yet. I see in the documentation for
> > Python that there is a Cookie Jar class, but that seems to be more on
> > the client side (unless I am reading it incorrectly). I'm looking for
> > help in learning how to do that.
> 
> Note that controlling what browsers do with cookies isn't always simple 
> or easy.
> 
> In theory, if you don't set an explicit expiry on a cookie the browser 
> should forget it when the browser closes. In other cases, the browser 
> should delete the cookie when the expiry time passes.
> 
> However, my experience has taught me that stale cookies may get 
> presented, and browsers may forget about cookies you think shouldn't have 
> expired.
> 
> At the end of the day, a cookie is a fragment of data that you are 
> placing in the control of your website visitors, never forget that. 
> Rather than storing server side data in the cookie, use the cookie as a 
> key to the server side data (ie as a session identifier), and generate 
> the cookie value in a way that makes session hijacking by manipulating 
> the cookie value difficult (your cookie value range needs a few more 
> orders of magnitude than your maximum simultaneous user sessions value).
> 
> -- 
> Denis McMahon, denismfmcmahon@gmail.com

Thanks for the information. So would a framework, to deal with the cookies, typically be better then doing a hand-rolled sollution?

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

working with cookies Jeremy Leonard <jrmy.lnrd@gmail.com> - 2015-10-26 12:26 -0700
  Re: working with cookies John Gordon <gordon@panix.com> - 2015-10-26 20:16 +0000
    Re: working with cookies Jeremy Leonard <jrmy.lnrd@gmail.com> - 2015-10-26 15:57 -0700
      Re: working with cookies John Gordon <gordon@panix.com> - 2015-10-26 23:14 +0000
        Re: working with cookies Jeremy Leonard <jrmy.lnrd@gmail.com> - 2015-10-26 17:30 -0700
          Re: working with cookies John Gordon <gordon@panix.com> - 2015-10-27 01:41 +0000
            Re: working with cookies Jeremy Leonard <jrmy.lnrd@gmail.com> - 2015-10-27 05:11 -0700
              Re: working with cookies Denis McMahon <denismfmcmahon@gmail.com> - 2015-10-28 08:25 +0000
                Re: working with cookies Jeremy Leonard <jrmy.lnrd@gmail.com> - 2015-10-28 12:31 -0700
                Re: working with cookies John Gordon <gordon@panix.com> - 2015-10-28 19:47 +0000

csiph-web