- From: <bugzilla@jessica.w3.org>
- Date: Fri, 04 Mar 2011 02:37:05 +0000
- To: public-html-bugzilla@w3.org
http://www.w3.org/Bugs/Public/show_bug.cgi?id=11912 --- Comment #15 from Jeremy <jeremy@blazonco.com> 2011-03-04 02:37:04 UTC --- (In reply to comment #14) > > > 2. You're still storing your database credentials using this mechanism. > > No, you're not. Ah, I completely misunderstood what you were suggesting. And it's a pretty great idea. It had never occurred to me that you can use cookies in pretty much the same way as auth credentials as long as you use them *directly*. I am so used to session stores that I completely forgot that cookies can store more than just a session ID - and you can completely control them with a wide variety of approaches. Thanks for the idea! And my thanks to Zewt as well. I still think from a theoretical standpoint that improving HTTP Auth would be a better choice. But from a practical standpoint, you're right - it seems like cookies could be used in much the same way - you just have to be more careful with them (i.e. encryption). -- Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug.
Received on Friday, 4 March 2011 02:37:07 UTC