#5 cookiedomain is not going away

open
None
1
2004-06-09
2004-04-23
No

Just an official notice that sections.cookiedomain is going away. It's
not being used on any of our sites. I think it was put in before we
worked out cookie domain name and machine name issues, right?

If I'm overlooking something and this is necessary, let me know
now :)

Discussion

  • Chris Nandor

    Chris Nandor - 2004-04-23
    • assigned_to: pudge --> jamiemccarthy
     
  • Chris Nandor

    Chris Nandor - 2004-04-23

    Logged In: YES
    user_id=3660

    We need it.

    [08:39:32] <pudge> as a var, cookiedomain exists so i can have,
    say, a site called called slashdot.org that will still set a cookie for
    .slashdot.org
    [08:39:36] <pudge> https://slashdot.org/admin.pl?
    op=vars&name=cookiedomain
    [08:40:09] <pudge> and conceivably, you could have a SECTION in
    the site whose hostname is "slashstupid.org", that should set a cookie for
    ".slashstupid.org"
    [08:40:41] <jamie> so that section would just override the var.
    [08:40:45] <pudge> yes
    [08:41:00] <pudge> we do use cookiedomain now, though not the
    sectional override
    [08:41:08] <pudge> but it is conceivable that someone would want
    to
    [08:41:30] <pudge> i wouldn't cry if we didn't have it, but i see no
    reason to remove it
    [08:41:35] <jamie> gimme a hypothetical. maybe if linux.com and
    newsforge.com combined and one of them became a skin?
    [08:41:36] <pudge> (the sectional override)
    [08:41:50] <jamie> it's not a question of removing it, it's a
    question of rewriting every damn thing and not bothering to port it :)
    [08:41:55] <pudge> yes, so that when you log into newsforge.com,
    you would also get a cookie set that would work for
    newsvac.newsforge.com
    [08:42:16] <pudge> and vice versa, logging into linux.com could
    give you a cookie for hardware.linux.com
    [08:43:58] <pudge> i thought at one point we autoguessed
    cookiedomain if possible, but it appears we don't.
    [08:44:01] <pudge> which is probably more secure.
    [08:46:19] <pudge> (the part about more secure ... if use.perl.org
    set a .perl.org cookie by default, that would be pretty insecure, as i don't
    control most of the machines in the .perl.org universe)
    [08:47:50] <jamie> i c
    [08:48:21] <jamie> blah. ok. keeping it.

     
  • Jamie McCarthy

    Jamie McCarthy - 2004-06-09
    • priority: 5 --> 1
     
  • Jamie McCarthy

    Jamie McCarthy - 2004-06-09

    Logged In: YES
    user_id=3889

    OK, we decided it's gotta stick around, so it's still in there.

     
  • Jamie McCarthy

    Jamie McCarthy - 2004-06-09
    • summary: cookiedomain is going away --> cookiedomain is not going away
     
  • Jamie McCarthy

    Jamie McCarthy - 2004-06-11

    Logged In: YES
    user_id=3889

    Got to test this on foo.slash.mccarthy.vg I guess.

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks