[wp-trac] Re: [WordPress Trac] #10267: Login form SSL is confusing
WordPress Trac
wp-trac at lists.automattic.com
Fri Jun 26 01:25:06 GMT 2009
#10267: Login form SSL is confusing
-------------------------------+--------------------------------------------
Reporter: Denis-de-Bernardy | Owner: ryan
Type: defect (bug) | Status: new
Priority: normal | Milestone: 2.8.1
Component: Security | Version:
Severity: normal | Keywords: has-patch dev-feedback
-------------------------------+--------------------------------------------
Comment(by ryan):
The current behavior is on purpose and patterned after gmail where you
have the option of using SSL or not by using either https or http. If we
redirect logins to https the user will end up dumped in an SSL admin
session after login even though they requested http. I think if someone
is concerned with this they should just force ssl admin.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10267#comment:5>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list