[SAC] Unsafe Trac login; Was: #831: Create alias for nabble admin
Martin Spott
Martin.Spott at mgras.net
Wed Nov 16 04:12:38 EST 2011
Hi folks,
while I was checking this ticket, I noticed, that clicking the "Login"
hyperlink in this:
> Ticket URL: <http://trac.osgeo.org/osgeo/ticket/831>
.... page led be to a login session - where you're being requested to
enter your OSGeo password - over unencrypted !! HTTP. I'd say this is a
bug :-)
If nobody objects, I'll add a general rule to always redirect the
"trac.osgeo.org/osgeo/login" URL to using HTTP*S*.
Cheers,
Martin.
--
Unix _IS_ user friendly - it's just selective about who its friends are !
--------------------------------------------------------------------------
More information about the Sac
mailing list