Hi, sounds plausible, thanks for the reply :)<br><br>mark<br><br><div><span class="gmail_quote">On 2/1/07, <b class="gmail_sendername">Martijn Pieters</b> <<a href="mailto:mj@zopatista.com">mj@zopatista.com</a>> wrote:
</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">On 1/31/07, mark hellewell <<a href="mailto:mark.hellewell@gmail.com">mark.hellewell@gmail.com
</a>> wrote:<br>> and was wondering why the auth cookie is deleted from the request every<br>> time?<br><br>The cookie information is removed from the request, the cookie itself<br>still remains in the browser cookie store for the next request. I
<br>assume that removing it keeps other Zope code (which may be untrusted)<br>from snooping on that information. In other words, it's a security<br>measure.<br><br>--<br>Martijn Pieters<br></blockquote></div><br>