+I've tested this on a demo website with the CGI enabled, and it seems to
+work nicely (there might be bugs in some plugins, I didn't try all of them).
+The `$config{url}` and `$config{cgiurl}` are both HTTP, but if I enable
+`httpauth`, set `cgiauthurl` to a HTTPS version of the same site and log
+in via that, links all end up in the HTTPS version.
+