https://bugzilla.wikimedia.org/show_bug.cgi?id=29898
--- Comment #2 from Brion Vibber <[email protected]> 2011-07-15 19:06:37 UTC --- Running all login forms through HTTPS, then after that either keeping you in secure HTTPS-land or giving you an insecure cookie and shoving you back to HTTP, is common practice. Forcing all logged-in sessions EVER onto HTTPS is my real preference, but I don't know if we're ready for that yet. :) -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
