From 5f4f0b5bdd2d9f9bfaa55acf1fa02b1889281a60 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Mon, 29 Nov 2010 16:32:23 -0400 Subject: [PATCH] merged sslcookie-auto --- debian/changelog | 3 +++ doc/todo/use_secure_cookies_for_ssl_logins.mdwn | 2 ++ 2 files changed, 5 insertions(+) diff --git a/debian/changelog b/debian/changelog index ec995a08a..82f9ece19 100644 --- a/debian/changelog +++ b/debian/changelog @@ -7,6 +7,9 @@ ikiwiki (3.20101130) UNRELEASED; urgency=low * API: urlto without a defined second parameter now generates an url that starts with "/" (when possible; eg when the site's url and cgiurl are on the same domain). + * Now when users log in via https, ikiwiki sends a secure cookie, that can + only be used over https. If the user switches to using http, they will + need to re-login. (smcv) -- Joey Hess Mon, 29 Nov 2010 14:44:13 -0400 diff --git a/doc/todo/use_secure_cookies_for_ssl_logins.mdwn b/doc/todo/use_secure_cookies_for_ssl_logins.mdwn index f72b2d2d5..194db2f36 100644 --- a/doc/todo/use_secure_cookies_for_ssl_logins.mdwn +++ b/doc/todo/use_secure_cookies_for_ssl_logins.mdwn @@ -32,3 +32,5 @@ get a secure session cookie, but if you log in over HTTP, you won't. > first, so that dual https/http sites can better be set up. --[[Joey]] >> Thanks for merging that! :-) --s + +[[merged|done]] --[[Joey]] -- 2.39.5