summaryrefslogtreecommitdiff
path: root/doc/recentchanges/change_61218e338a7517b25fc82697c3a11fff1edb6803._change
blob: b2e825460d04a89d806f9fca04e3e25766a8a48f (plain) 
    

  1. [[!meta author="""http://smcv.pseudorandom.co.uk/"""]]
    2. 

  2. 

  3. [[!meta authorurl="""http://smcv.pseudorandom.co.uk/"""]]
    4. 

  4. 

  5. [[!meta title="""change to todo/use_secure_cookies_for_ssl_logins on ikiwiki"""]]
    6. 

  6. 

  7. [[!meta permalink="http://ikiwiki.info/recentchanges/#change-61218e338a7517b25fc82697c3a11fff1edb6803"]]
    8. 

  8. 

  9. <div id="change-61218e338a7517b25fc82697c3a11fff1edb6803" class="metadata">
    10. 

  10. <span class="desc"><br />Changed pages:</span>
    11. 

  11. <span class="pagelinks">
    12. 

  12. 

  13. <a href="http://git.ikiwiki.info/?p=ikiwiki;a=blobdiff;f=doc/todo/use_secure_cookies_for_ssl_logins.mdwn;h=a91a15b987874ac3b160b6689322d508a51272d8;hp=0000000000000000000000000000000000000000;hb=61218e338a7517b25fc82697c3a11fff1edb6803;hpb=9180381728e252cf474eb8a4b0460755b5c28340" title="diff" rel="nofollow">[[diff|wikiicons/diff.png]]</a><a href="http://ikiwiki.info/ikiwiki.cgi?page=todo%2Fuse_secure_cookies_for_ssl_logins&amp;do=goto" rel="nofollow">todo/use secure cookies for ssl logins</a>
    14. 

  14. 

  15. 

  16. </span>
    17. 

  17. <span class="desc"><br />Changed by:</span>
    18. 

  18. <span class="committer">
    19. 

  19. 

  20. <a href="http://smcv.pseudorandom.co.uk/" rel="nofollow">smcv</a>
    21. 

  21. 

  22. </span>
    23. 

  23. <span class="desc"><br />Commit type:</span>
    24. 

  24. <span class="committype">web</span>
    25. 

  25. <span class="desc"><br />Date:</span>
    26. 

  26. <span class="changedate"><span class="relativedate" title="Tue, 23 Nov 2010 23:59:03 +0000">23:59:03 11/23/10</span></span>
    27. 

  27. <span class="desc"><br /></span>
    28. 

  28. </div>
    29. 

  29. 

  30. <span class="revert">
    31. 

  31. <a href="http://ikiwiki.info/ikiwiki.cgi?rev=61218e338a7517b25fc82697c3a11fff1edb6803&amp;do=revert" title="revert" rel="nofollow">[[revert|wikiicons/revert.png]]</a>
    32. 

  32. </span>
    33. 

  33. 

  34. <div class="changelog">
    35. 

  35. 

  36. 

  37. another branch<br />
    38. 

  38. 

  39. 

  40. </div>
    41. 

  41. 

  42. <div class="diff">
    43. 

  43. <pre>
    44. 

  44. diff --git a/doc/todo/use_secure_cookies_for_ssl_logins.mdwn b/doc/todo/use_secure_cookies_for_ssl_logins.mdwn
    45. 

  45. new file mode 100644
    46. 

  46. index 0000000..a91a15b
    47. 

  47. --- /dev/null
    48. 

  48. +++ b/doc/todo/use_secure_cookies_for_ssl_logins.mdwn
    49. 

  49. @@ -0,0 +1,12 @@
    50. 

  50. +&#91;&#91;!template id=gitbranch branch=smcv/ready/sslcookie-auto author=&quot;&#91;&#91;smcv&#93;&#93;&quot;&#93;&#93;
    51. 

  51. +&#91;&#91;!tag patch&#93;&#93;
    52. 

  52. +
    53. 

  53. +At the moment `sslcookie =&gt; 0` never creates secure cookies, so if you log in
    54. 

  54. +with SSL, your browser will send the session cookie even over plain HTTP.
    55. 

  55. +Meanwhile `sslcookie =&gt; 1` always creates secure cookies, so you can&#39;t
    56. 

  56. +usefully log in over plain http.
    57. 

  57. +
    58. 

  58. +This branch adds `sslcookie =&gt; 0, sslcookie_auto =&gt; 1` as an option; this
    59. 

  59. +uses the `HTTPS` environment variable, so if you log in over SSL you&#39;ll
    60. 

  60. +get a secure session cookie, but if you log in over HTTP, you won&#39;t.
    61. 

  61. +(The syntax for the setup file is pretty rubbish - any other suggestions?)
    62. 

  62. 

  63. </pre>
    64. 

  64. </div>
    65. 

  65. 

  66. <!-- 61218e338a7517b25fc82697c3a11fff1edb6803 -->
    67.
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 21:46:01 +0000