diff options
Diffstat (limited to 'doc/recentchanges/change_61218e338a7517b25fc82697c3a11fff1edb6803._change')
| -rw-r--r-- | doc/recentchanges/change_61218e338a7517b25fc82697c3a11fff1edb6803._change | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/doc/recentchanges/change_61218e338a7517b25fc82697c3a11fff1edb6803._change b/doc/recentchanges/change_61218e338a7517b25fc82697c3a11fff1edb6803._change new file mode 100644 index 000000000..b2e825460 --- /dev/null +++ b/doc/recentchanges/change_61218e338a7517b25fc82697c3a11fff1edb6803._change @@ -0,0 +1,66 @@ +[[!meta author="""http://smcv.pseudorandom.co.uk/"""]] + +[[!meta authorurl="""http://smcv.pseudorandom.co.uk/"""]] + +[[!meta title="""change to todo/use_secure_cookies_for_ssl_logins on ikiwiki"""]] + +[[!meta permalink="http://ikiwiki.info/recentchanges/#change-61218e338a7517b25fc82697c3a11fff1edb6803"]] + +<div id="change-61218e338a7517b25fc82697c3a11fff1edb6803" class="metadata"> +<span class="desc"><br />Changed pages:</span> +<span class="pagelinks"> + +<a href="http://git.ikiwiki.info/?p=ikiwiki;a=blobdiff;f=doc/todo/use_secure_cookies_for_ssl_logins.mdwn;h=a91a15b987874ac3b160b6689322d508a51272d8;hp=0000000000000000000000000000000000000000;hb=61218e338a7517b25fc82697c3a11fff1edb6803;hpb=9180381728e252cf474eb8a4b0460755b5c28340" title="diff" rel="nofollow">[[diff|wikiicons/diff.png]]</a><a href="http://ikiwiki.info/ikiwiki.cgi?page=todo%2Fuse_secure_cookies_for_ssl_logins&do=goto" rel="nofollow">todo/use secure cookies for ssl logins</a> + + +</span> +<span class="desc"><br />Changed by:</span> +<span class="committer"> + +<a href="http://smcv.pseudorandom.co.uk/" rel="nofollow">smcv</a> + +</span> +<span class="desc"><br />Commit type:</span> +<span class="committype">web</span> +<span class="desc"><br />Date:</span> +<span class="changedate"><span class="relativedate" title="Tue, 23 Nov 2010 23:59:03 +0000">23:59:03 11/23/10</span></span> +<span class="desc"><br /></span> +</div> + +<span class="revert"> +<a href="http://ikiwiki.info/ikiwiki.cgi?rev=61218e338a7517b25fc82697c3a11fff1edb6803&do=revert" title="revert" rel="nofollow">[[revert|wikiicons/revert.png]]</a> +</span> + +<div class="changelog"> + + +another branch<br /> + + +</div> + +<div class="diff"> +<pre> +diff --git a/doc/todo/use_secure_cookies_for_ssl_logins.mdwn b/doc/todo/use_secure_cookies_for_ssl_logins.mdwn +new file mode 100644 +index 0000000..a91a15b +--- /dev/null ++++ b/doc/todo/use_secure_cookies_for_ssl_logins.mdwn +@@ -0,0 +1,12 @@ ++[[!template id=gitbranch branch=smcv/ready/sslcookie-auto author="[[smcv]]"]] ++[[!tag patch]] ++ ++At the moment `sslcookie => 0` never creates secure cookies, so if you log in ++with SSL, your browser will send the session cookie even over plain HTTP. ++Meanwhile `sslcookie => 1` always creates secure cookies, so you can't ++usefully log in over plain http. ++ ++This branch adds `sslcookie => 0, sslcookie_auto => 1` as an option; this ++uses the `HTTPS` environment variable, so if you log in over SSL you'll ++get a secure session cookie, but if you log in over HTTP, you won't. ++(The syntax for the setup file is pretty rubbish - any other suggestions?) + +</pre> +</div> + +<!-- 61218e338a7517b25fc82697c3a11fff1edb6803 --> |