Zope-session

==================

- Add an ability to set cookie effective domain for CookieClientIdManager.
This is useful for simple cases when you have your application set up on
one domain and you want your identification cookie be active for subdomains.

- Python 2.6 compatibility change. Encode strings before calling hmac.new()
as the function no longer accepts the unicode() type.

==================

- Add missing test dependency on ``zope.site`` and
``zope.app.publication``.

==================

- Specify i18n_domain for titles in apidoc.zcml

- ZODB 3.9 no longer contains
ZODB.utils.ConflictResolvingMappingStorage, fixed tests, so they
work both with ZODB 3.8 and 3.9.

==================

New features:

- Added a 'postOnly' option on CookieClientIdManagers to only allow setting
the client id cookie on POST requests. This is to further reduce risk from
broken caches handing the same client id out to multiple users. (Of
course, it doesn't help if caches are broken enough to cache POSTs.)

==================

New features:

- Added a 'secure' option on CookieClientIdManagers to cause the secure
set-cookie option to be used, which tells the browser not to send the
cookie over http.

This provides enhanced security for ssl-only applications.

- Only set the client-id cookie if it isn't already set and try to
prevent the header from being cached. This is to minimize risk from
broken caches handing the same client id out to multiple users.

==================

- Remove ConflictErrors caused on SessionData caused by setting
``lastAccessTime``.