Hi Sylvain! Sylvain wrote: > To me this is a bug.
Which part of it? There were several things mentioned. > I also noted in a recent work environment that https was way more > restricted (proxy *whitelist* only) than plain http, so in some > cases, people may want to stay in plain http. Entirely avoiding https is definitely a problematic case. It can't have be a problem for Savannah since https is currently required to log into the site. Since there haven't been changes for a long time (years?) I assume this has been this way for years. Is there anyone that is blocked from using Savannah currently due to this? I don't think that being able to entirely avoid https is a case that should be supported. It is too insecure on the hostile net these days. > There may be a conflict between the choice of the checkbox and a) > HTTPSEverywhere plugin and/or b) a previous Savane cookie requesting > to switch to https. I am not sure what you are trying to say here. The HTTPSEverywhere plugin isn't needed for accessing Savannah since Savannah already switches users to https without the plugin. Bob
