On 7-7-2012 5:05, Timothy Makobu wrote: > For secure logins, this helps > https://docs.djangoproject.com/en/dev/topics/http/sessions/?from=olddocs/#session-cookie-secure >
No it doesn't. That is for secure /sessions/, which means that if you use this during the login process then the session is created on the HTTPS connection and only /valid/ on the HTTPS connection. In other words, if you set this flag the scenario of having an unencrypted site with an encrypted login procedure is impossible. -- Melvyn Sopacua -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
