Modify ↓
Opened 19 years ago
Closed 17 years ago
#118 closed defect (wontfix)
SecSession doesn't lock other plugins to https
Reported by: | John Hampton | Owned by: | John Hampton |
---|---|---|---|
Priority: | normal | Component: | SecSessionPlugin |
Severity: | normal | Keywords: | |
Cc: | Trac Release: | 0.8 |
Description
If an authenticated user is viewing a plugin page and cahnges the URL to http instead of https, secsession doesn't catch it.
Attachments (0)
Change History (1)
comment:1 Changed 17 years ago by
Resolution: | → wontfix |
---|---|
Status: | new → closed |
Trac Release: | → 0.8 |
Note: See
TracTickets for help on using
tickets.
plugin is dead and gone for now. Besides, this is non-trivial to fix for 0.9 as there is no plugin loading order, nor any pre-request hooks.