[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Savannah-hackers-public] "Stay in secure (https) mode after login"

From: Leo Famulari
Subject: [Savannah-hackers-public] "Stay in secure (https) mode after login"
Date: Tue, 14 Mar 2017 15:59:18 -0400
User-agent: Mutt/1.8.0 (2017-02-23)

The Savannah login page includes a checkbox that reads "Stay in secure
(https) mode after login".

Just to see what would happen, I logged in with this box unchecked. I
ended up at <>. I couldn't convince Savannah
and my browsers to log me in to <>.

So I'm wondering, what does that checkbox do? Is there still a
possibility that some communication will pass over unauthenticated

While logged in, I manually entered the HTTP URL and was still able to
access the administration interface for a group that I administer over
the unauthenticated connection.

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]