25 Jan
2006
25 Jan
'06
2:27 p.m.
On 25 Jan 2006, at 14:26, Chris Withers wrote:
Jens Vagelpohl wrote:
On 24 Jan 2006, at 18:10, David Pratt wrote: Have you tested this? The authentication machinery uses cookies, and the browser will not send cookies that were set by the secure login host to the unsecured sites.
...only if the secure bit of the cookie is set ;-)
This is about different hostnames, remember? jens