On Tuesday, March 22, 2016 at 6:50:30 PM UTC-4, Massimo Di Pierro wrote: > > Let's be clear. By default no data is stored in the session cookie. the > session cookie is only a uuid. The data is only stored server side in a > file. Unless you explicitly change this to store sessions data in a cookie. > Is that what you are doing? >
Good point. I assumed he was asking specifically about cookie-based sessions given the mention of cookie_key. The default, of course, is file-based sessions -- so no risk of information leaking via the cookie itself. Anthony -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
