httpauth.py: Fix stupid formatting error.

[chopwood] / cookies.fhtml

diff --git a/cookies.fhtml b/cookies.fhtml
index f8862b33d9e68adef882d5b0d77160516d5cd800..222fdfcf4bcd159aa154d842479f669fcca02c52 100644 (file)
--- a/cookies.fhtml
+++ b/cookies.fhtml
@@ -59,24 +59,17 @@ message whenever you hit the reload button.
 <p>If you actually look at the cookie, you find that it looks something like
 this:
 <blockquote>
-  <tt>1357322139.HFsD16dOh1jjdhXdO%24gkjQ.eBcBNYFhi6sKpGuahfr7yQDzqOJuYZZexJbVug9ultU.mdw</tt>
+  <tt>1357322139.eBcBNYFhi6sKpGuahfr7yQDzqOJuYZZexJbVug9ultU.mdw</tt>
 </blockquote>
-(Did I say something about long and ugly?)  It consists of four pieces
+(Did I say something about long and ugly?)  It consists of three pieces
 separated by dots &lsquo;<tt>.</tt>&rsquo;.
 
 <dl>
 <dt>Datestamp
 <dd>The time at which the cookie was issued, as a simple count of (non-leap)
-seconds since 1974&ndash;01&ndash;01 00:00:00 UTC (or what would have been
+seconds since 1970&ndash;01&ndash;01 00:00:00 UTC (or what would have been
 that if UTC had existed back then in its current form).
 
-<dt>Nonce
-<dd>This is just a random string.  When you change a password, the server
-checks that the request includes a copy of this nonce, as a protection
-against
-<a href="http://en.wikipedia.org/wiki/Cross-site_request_forgery"><em>cross-site
-request forgery</em></a> attacks.
-
 <dt>Tag
 <dd>This is a cryptographic check that the other parts of the token
 haven&rsquo;t been modfied by an attacker.
@@ -91,7 +84,7 @@ behavioural advertising scheme?</h2>
 <p>That&rsquo;s tricky.  I could tell you that this program is
 <a href="http://www.gnu.org/philosophy/free-sw.html">free software</a>, and
 that you can
-<a href="~={script}H/~={package}H-~={version}H.tar.gz">">download its
+<a href="~={script}H/~={package}H-~={version}H.tar.gz">download its
 source code</a> and check for yourself.
 
 <p>That&rsquo;s true, except that it shouldn&rsquo;t do much to convince