ACP loses HTTPS when session times out
Submitted PeterUK, Jul 18 2012 02:32 PM | Last updated Oct 18 2012 06:25 AM
If you have HTTPS enabled for logins then when you click the AdminCP link from the forum you're forwarded to your admin login page on HTTPS, before being forwarded to the actual ACP using normal HTTP, which is fine.
If, however, your ACP session times out and you click a link and you are prompted to log back in, this page is not HTTPS. I'm not sure it's a huge issue since the page the login is submitted to is HTTPS, however all of the other pages which contain login forms (regular login form, registration form, ACP login form) are served via HTTPS with this setting normally.
If, however, your ACP session times out and you click a link and you are prompted to log back in, this page is not HTTPS. I'm not sure it's a huge issue since the page the login is submitted to is HTTPS, however all of the other pages which contain login forms (regular login form, registration form, ACP login form) are served via HTTPS with this setting normally.
| Status: | Fixed |
| Version: | 3.3.3 |
| Fixed In: | 3.4.0 |
3 Comments
As you say the form itself is already using the https url and right now the page is being loaded "as-is" so we need to add a redirect to an https url if the current one is not using HTTPS. I'll leave this change for 3.4+ for now.
-
Updating Status to: Fixed
-