Changes between Initial Version and Version 1 of Ticket #25767, comment 1
- Timestamp:
- 10/30/2013 08:04:01 AM (10 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #25767, comment 1
initial v1 1 1 maybe it is good that this fails as this is a bad idea to have that kind of a configuration. you are sending the cookies encrypted when you are in the admin section but unencrypted when you are on the frontend. If part of the site is SSLed then once a user login all of the site should be SSLed for him. 2 3 If you send the authentication cookies as secure only cookies then you derive your users from any personalization of the front end (no adminbar for admins for example) 2 4 3 5 Maybe the true bug here is that you can have a protocol mismatch between home and siteurl.