[Zope-dev] z3c.password and "failedAttempts" andSessionCredentialsPlugin
Jan-Wijbrand Kolman
janwijbrand at gmail.com
Fri Jan 29 13:08:42 EST 2010
Hi Adam,
Tres Seaver <tseaver at palladion.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Adam GROSZER wrote:
>
>> Thinking this further, resource requests will have a '/@@/' (usually)
>> in their URL. So it might be an idea to skip those requests from
>> counting.
>
> Seems to me skipping anything except POST requests would be the right
> thing to do: suppose the user reloads the login form for some reason
> (maybe their browser crashes, whatever).
I see you're working on this issue. That's fantastic. If you need a
tester... by all means let me know :-)
regards,
jw
More information about the Zope-Dev
mailing list