Closed Bug 481910 Opened 15 years ago Closed 15 years ago

Login forms point to http:// instead of https:// when ssl='authenticated sessions'

Categories

(Bugzilla :: User Accounts, defect)

Product:
Bugzilla
Component:
User Accounts
Version:
3.3.3
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Bugzilla 3.4

People

(Reporter: LpSolit, Assigned: LpSolit)

References

Details

(Keywords: regression)

Attachments

(1 file)

patch, v1
937 bytes, patch
mkanat
: review+
Details | Diff | Splinter Review 
Bugzilla 3.2.2 is fine, but this is broken in 3.3.3: the login forms (both new mini forms + the usual one) all three point to http:// instead of https:// when ssl='authenticated sessions'. Not only this breaks the SSL-only session during authentication, but this also prevents Firefox to autocomplete credentials as it detects that you will be redirected to http:// (despite the login page itself is served using https://).

This is a regression due to bug 476090, which removed the check of the 'ssl' parameter.
Flags: blocking3.4+
Attached patch patch, v1Splinter Review 
Restore the correct behavior.
Assignee: user-accounts → LpSolit
Status: NEW → ASSIGNED
Attachment #365953 - Flags: review?(mkanat)
Attachment #365953 - Flags: review?(mkanat) → review+
Flags: approval+
Checking in template/en/default/account/auth/login-small.html.tmpl;
/cvsroot/mozilla/webtools/bugzilla/template/en/default/account/auth/login-small.html.tmpl,v  <--  login-small.html.tmpl
new revision: 1.17; previous revision: 1.16
done
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: