Redirect to HTTPS
|Assignee:||Jean-Philippe Lang||% Done:|
http://www.redmine.org/account/register and other sensitive pages should (IMHO) redirect to HTTPS when passwords are involved. Even better would be to redirect all traffic, since session cookies are involved and impersonation is trivial if you are in the right/wrong position/place.
Adding as a defect since HTTPS is configured on the server.