Login w/SSL
Quinn Wilson
qwilson at midworld.org
Fri Nov 23 14:28:26 PST 2001
I made a change to Login.php so that it redirects to SSL for authentication
but the rest of the session is over non-SSL. It works the way I want it to,
kinda ( I would like to see the little "lock" in Netscape and IE ) I just
wonder about the overall security of this little change I made.
All I think I need running under SSL is the login, am I being stupid?
the change I made was :
Header('Location: ' .
Horde::url($registry->link('auth/login', array('url' => Horde::url
($url, true))), true)
to
Header('Location: ' .
str_replace( "http:", "https:", Horde::url($registry->link
('auth/login',
array('url' => Horde::url($url, true))), true))
~
~
:qwilson at midworld.org - Lunky C++; Lunky do {;}
More information about the horde
mailing list