changeset 5238:5c20ed1c0e24

do not use httponly session cookies, makes trouble with twikidraw and ACLs
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Sun, 11 Oct 2009 13:37:19 +0200
parents ce70252a3e90
children 90fae67c4cda
files MoinMoin/session.py
diffstat 1 files changed, 1 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/session.py	Wed Oct 07 18:47:05 2009 +0200
+++ b/MoinMoin/session.py	Sun Oct 11 13:37:19 2009 +0200
@@ -342,7 +342,7 @@
 
     def set(self, request, session_name, expires):
         """ Set moin_session cookie """
-        self._set_cookie(request, session_name, expires, http_only=True)
+        self._set_cookie(request, session_name, expires, http_only=False) # TODO: cfg.cookie_httponly as in 1.9
         logging.debug("setting cookie with session_name %r, expiry %r" % (session_name, expires))
 
     def get(self, request):