buggDTC - Bugs: bug #12807, Forcer l'accès HTTPS pour les...

Show feedback again

You are not allowed to post comments on this tracker with your current authentification level.

bug #12807: Forcer l'accès HTTPS pour les utilisateurs authentifiés

Submitted by:  Benoît Sibaud <ruffy>
Submitted on:  Fri 02 Jan 2009 12:43:09 PM UTC  
Category: Interface « my »Severity: 3 - Normal
Priority: 5 - NormalStatus: None
Privacy: PublicAssigned to: None
Open/Closed: Open

Fri 02 Jan 2009 12:43:09 PM UTC, original submission:

Il serait bien de forcer l'accès HTTPS pour les utilisateurs authentifiés.

L'authentification se fait déjà en HTTPS, mais le site rebascule en HTTP par la suite. Et donc le cookie de session est envoyé en clair, les documents réservés aux membres circulent en clair, etc.

D'où l'intérêt de forcer le HTTPS et d'avoir un cookie de session transmissible uniquement en HTTPS.

Benoît Sibaud <ruffy>


No files currently attached


Depends on the following items: None found

Items that depend on this one: None found


Carbon-Copy List
  • -unavailable- added by ruffy (Submitted the item)

    Do you think this task is very important?
    If so, you can click here to add your encouragement to it.
    This task has 0 encouragements so far.

    Only logged-in users can vote.


    Please enter the title of George Orwell's famous dystopian book (it's a date):



    No Changes Have Been Made to This Item
    Show feedback again

    Back to the top

    Powered by Savane 3.1-cleanup