14 Sep
2004
14 Sep
'04
4:04 p.m.
On Tue, 2004-09-14 at 11:30, Andreas Jung wrote:
You really don't want to send user+password encrypted or unencrypted as cookie. This is a very bad practise! Instead you might send some token e.g. like the __ac token used by Zope.
The __ac token used by Cookie Crumbler is just the base64 encoded username and password, AFAIK. - C