diff options
-rw-r--r-- | debian/changelog | 3 | ||||
-rw-r--r-- | doc/todo/use_secure_cookies_for_ssl_logins.mdwn | 2 |
2 files changed, 5 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index ec995a08a..82f9ece19 100644 --- a/debian/changelog +++ b/debian/changelog @@ -7,6 +7,9 @@ ikiwiki (3.20101130) UNRELEASED; urgency=low * API: urlto without a defined second parameter now generates an url that starts with "/" (when possible; eg when the site's url and cgiurl are on the same domain). + * Now when users log in via https, ikiwiki sends a secure cookie, that can + only be used over https. If the user switches to using http, they will + need to re-login. (smcv) -- Joey Hess <joeyh@debian.org> Mon, 29 Nov 2010 14:44:13 -0400 diff --git a/doc/todo/use_secure_cookies_for_ssl_logins.mdwn b/doc/todo/use_secure_cookies_for_ssl_logins.mdwn index f72b2d2d5..194db2f36 100644 --- a/doc/todo/use_secure_cookies_for_ssl_logins.mdwn +++ b/doc/todo/use_secure_cookies_for_ssl_logins.mdwn @@ -32,3 +32,5 @@ get a secure session cookie, but if you log in over HTTP, you won't. > first, so that dual https/http sites can better be set up. --[[Joey]] >> Thanks for merging that! :-) --s + +[[merged|done]] --[[Joey]] |