On 24 May 2002, Jonathan Corbet said:
> The real solution, I think, is to allow None as a value for COOKIE_DOMAIN,
> and to tweak http_response:_get_cookie_headers() to drop attributes with
> null values.  An easy thing to hack up and send in, if people think that's
> the right approach...?

Tee-hee-hee.  I had to borrow Guido's time machine for this:

  $ cvs log http_response.py
  [...]
  ----------------------------
  revision 1.30
  date: 2002/05/15 19:40:21;  author: gward;  state: Exp;  lines: +4 -2
  If a cookie is set with (eg.) domain=None or path=None, don't emit
  that parameter at all -- that way we can just leave COOKIE_DOMAIN
  and COOKIE_PATH set to None most of the time, and the browser will
  Do The Right Thing.

  Fix uncaught typo that would have caused a crash if ever anyone had
  tried to set a cookie with secure=1.

  $ cvs log config.py
  ----------------------------
  revision 1.39
  date: 2002/05/15 19:56:42;  author: gward;  state: Exp;  lines: +9 -6
  Rearranged/redocumented COOKIE_* config variables.  COOKIE_{DOMAIN,PATH}
  both default to None now, because there's really no need to set them.

Time to see about that external CVS repository... ;-)

        Greg