one report suffices; not yet clear there's a bug

diff --git a/doc/bugs/HTTPS_edit_required_no_authentication.mdwn b/doc/bugs/HTTPS_edit_required_no_authentication.mdwn
deleted file mode 100644 (file)
index e7793dc..0000000
--- a/doc/bugs/HTTPS_edit_required_no_authentication.mdwn
+++ /dev/null
@@ -1,9 +0,0 @@
-Hello,
-
-I've setup authentication on my ikiwiki website using httpauth plugin. I've also disabled anonok, openid and passwordauth so that httpauth is the unique authentication method.
-I've configured the `cgiauthurl` to https://example.com/auth/ikiwiki.cgi in order to make the authentication more secured (password is never sent in clear). My `url` points to http://example.com/ and my `cgiurl` points to http://example.com/ikiwiki.cgi .
-
-When I try to edit a page accessed by http, everything works fine: there is a redirection to https://example.com/auth/ikiwiki.cgi (defined in `cgiauthurl`) and my browser launches an HTTP Basic Authentication login form.
-But when I try to edit a page accessed by https there is no redirection to the `cgiauthurl` url. Instead, I can edit (and save) the page without authentication. I've tried this with a fresh new browser session where I have never been asked for authentication before. It seems that editing pages directly from https://example.com/ikiwiki.cgi?page=page&do=edit works without authentication...
-
-I think that the Ikiwiki CGI do not redirect to `cgiauthurl` when it is accessed by HTTPS.

diff --git a/doc/forum/HTTPS_edit_required_no_authentication.mdwn b/doc/forum/HTTPS_edit_required_no_authentication.mdwn
index 033033f499f706f4cb112a627f9a7c02c2a57d52..4afc134b3f6068c45f0a511188c51f8ea906a126 100644 (file)
--- a/doc/forum/HTTPS_edit_required_no_authentication.mdwn
+++ b/doc/forum/HTTPS_edit_required_no_authentication.mdwn
@@ -1,7 +1,5 @@
 Hello,
 
 Hello,
 

-I've already [[sent a bug|/bugs/HTTPS_edit_required_no_authentication/]] but I think that discussion can also help...
-

 I've setup authentication on my ikiwiki website using httpauth plugin. I've also disabled anonok, openid and passwordauth so that httpauth is the unique authentication method. I've configured the `cgiauthurl` to https://example.com/auth/ikiwiki.cgi in order to make the authentication more secured (password is never sent in clear). My `url` points to http://example.com/ and my `cgiurl` points to http://example.com/ikiwiki.cgi .
 
 When I try to edit a page accessed by http, everything works fine: there is a redirection to https://example.com/auth/ikiwiki.cgi (defined in `cgiauthurl`) and my browser launches an HTTP Basic Authentication login form. But when I try to edit a page accessed by https there is no redirection to the `cgiauthurl` url. Instead, I can edit (and save) the page without authentication. I've tried this with a fresh new browser session where I have never been asked for authentication before. It seems that editing pages directly from https://example.com/ikiwiki.cgi?page=page&do=edit works without authentication...
 I've setup authentication on my ikiwiki website using httpauth plugin. I've also disabled anonok, openid and passwordauth so that httpauth is the unique authentication method. I've configured the `cgiauthurl` to https://example.com/auth/ikiwiki.cgi in order to make the authentication more secured (password is never sent in clear). My `url` points to http://example.com/ and my `cgiurl` points to http://example.com/ikiwiki.cgi .
 
 When I try to edit a page accessed by http, everything works fine: there is a redirection to https://example.com/auth/ikiwiki.cgi (defined in `cgiauthurl`) and my browser launches an HTTP Basic Authentication login form. But when I try to edit a page accessed by https there is no redirection to the `cgiauthurl` url. Instead, I can edit (and save) the page without authentication. I've tried this with a fresh new browser session where I have never been asked for authentication before. It seems that editing pages directly from https://example.com/ikiwiki.cgi?page=page&do=edit works without authentication...