Hi, sounds plausible, thanks for the reply :)<br><br>mark<br><br><div><span class="gmail_quote">On 2/1/07, <b class="gmail_sendername">Martijn Pieters</b> &lt;<a href="mailto:mj@zopatista.com">mj@zopatista.com</a>&gt; wrote:
</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">On 1/31/07, mark hellewell &lt;<a href="mailto:mark.hellewell@gmail.com">mark.hellewell@gmail.com
</a>&gt; wrote:<br>&gt; and was wondering why the auth cookie is deleted from the request every<br>&gt; time?<br><br>The cookie information is removed from the request, the cookie itself<br>still remains in the browser cookie store for the next request. I
<br>assume that removing it keeps other Zope code (which may be untrusted)<br>from snooping on that information. In other words, it&#39;s a security<br>measure.<br><br>--<br>Martijn Pieters<br></blockquote></div><br>