On Wed, Feb 17, 2010 at 5:54 PM, Guilherme Salgado <email address hidden> wrote:
> I thought we relied on this to access the webservice API using
> javascript.
I don't think so, but it certainly is something to test. As I understand it, the cookie will still be sent with all HTTP requests, including those initiated from JavaScript to launchpad.net. The JavaScript can't access the cookie itself though so cannot steal or do anything malicious with it.
On Wed, Feb 17, 2010 at 5:54 PM, Guilherme Salgado <email address hidden> wrote:
> I thought we relied on this to access the webservice API using
> javascript.
I don't think so, but it certainly is something to test. As I understand it, the cookie will still be sent with all HTTP requests, including those initiated from JavaScript to launchpad.net. The JavaScript can't access the cookie itself though so cannot steal or do anything malicious with it.
-- www.stuartbisho p.net/
Stuart Bishop <email address hidden>
http://