| Summary | Sidebar doesn't respect use_ssl setting |
| Queue | Horde Framework Packages |
| Queue Version | Git master |
| Type | Bug |
| State | Resolved |
| Priority | 2. Medium |
| Owners | slusarz (at) horde (dot) org |
| Requester | jan (at) horde (dot) org |
| Created | 2009-08-26 (3495 days ago) |
| Due | |
| Updated | 2009-09-01 (3489 days ago) |
| Assigned | 2009-08-31 (3490 days ago) |
| Resolved | 2009-08-31 (3490 days ago) |
| Milestone | |
| Patch | No |
thus the frameset is loaded over HTTPS (by means of the login form),
while the frames are plain HTTP. This should of course not happen,
because it makes the user think he is accessing Horde over HTTPS.
But it's probably not worth fixing this, when the frameset is going
away anyway.
Summary ⇒ Sidebar doesn't respect use_ssl setting
State ⇒ Resolved
source was not a full URL. But everything in the main window was
correctly loading non-securely.
http://cvs.horde.org/diff.php/horde/templates/index/frames_index.inc?rt=horde&r1=2.46&r2=2.47&ty=u
State ⇒ Feedback
1. URL to non-secure page
2. Redirected to non-secure login page, with POST action of secure-login page
3. Process login in horde/login.php. If verified, loads index.php.
index.php either redirects to the original URL if given (see
#1) oruses initial application settings. All of these initial application
URLs are generated via url() or applicationUrl() without the force_ssl
override.
Type ⇒ Bug
State ⇒ Assigned
Priority ⇒ 2. Medium
Summary ⇒ Login over SSL doesn't work
Queue ⇒ Horde Framework Packages
Assigned to Michael Slusarz
Milestone ⇒
Patch ⇒ No