Summary | Sidebar doesn't respect use_ssl setting |
Queue | Horde Framework Packages |
Queue Version | Git master |
Type | Bug |
State | Resolved |
Priority | 2. Medium |
Owners | slusarz (at) horde (dot) org |
Requester | jan (at) horde (dot) org |
Created | 08/26/2009 (5795 days ago) |
Due | |
Updated | 09/01/2009 (5789 days ago) |
Assigned | 08/31/2009 (5790 days ago) |
Resolved | 08/31/2009 (5790 days ago) |
Github Issue Link | |
Github Pull Request | |
Milestone | |
Patch | No |
thus the frameset is loaded over HTTPS (by means of the login form),
while the frames are plain HTTP. This should of course not happen,
because it makes the user think he is accessing Horde over HTTPS.
But it's probably not worth fixing this, when the frameset is going
away anyway.
Summary ⇒ Sidebar doesn't respect use_ssl setting
State ⇒ Resolved
source was not a full URL. But everything in the main window was
correctly loading non-securely.
http://cvs.horde.org/diff.php/horde/templates/index/frames_index.inc?rt=horde&r1=2.46&r2=2.47&ty=u
State ⇒ Feedback
1. URL to non-secure page
2. Redirected to non-secure login page, with POST action of secure-login page
3. Process login in horde/login.php. If verified, loads index.php.
index.php either redirects to the original URL if given (see
#1) oruses initial application settings. All of these initial application
URLs are generated via url() or applicationUrl() without the force_ssl
override.
Priority ⇒ 2. Medium
Type ⇒ Bug
Summary ⇒ Login over SSL doesn't work
Queue ⇒ Horde Framework Packages
Assigned to Michael Slusarz
Milestone ⇒
Patch ⇒ No
State ⇒ Assigned