Aw: Re: [Zope] Cookie Crumbler - read Password from login_form

Chris Withers chrisw at nipltd.com
Mon Sep 15 11:26:21 EDT 2003


nicogrubert at arcor.de wrote:
>>>these fieldnames (e.g. __ac_name, __ac_password) are not found in the
>>
>>REQUEST when submitting the form "login_form" since they are stored in a
>>cookie called "__ac".
>>
>>They'll still be in the REQUEST, just not accessible due to their names...
> 
> so I could use REQUEST.get('__ac_password', None) in my external method to get the password in cleartext ?

Maybe, I don't know...

Chris




More information about the Zope mailing list