I'll do ASAP. If the cookie only is used to store session data, I imagine any webapp using this will hit the 4000 chars limit of cookies, right ? Did someone tested how much data (let's say, how many keys of a dict composed by keys 10 characters long with values 10 characters long) can fit in there with AES and hmac signing ?
On Tuesday, October 16, 2012 1:24:00 PM UTC+2, Massimo Di Pierro wrote: > > This is new in trunk and needs to be tested. Add this to your app: > > session.connect(cookie_key='mypassphrase') > > and sessions will be stored in cookies (like Flask does). Cookies are > encrypted with AES 32bites and signed with HMAC+SHA1. > > > --
