Defect #20556

Redirect to HTTPS

Added by Dennis Olsson almost 3 years ago. Updated about 1 year ago.

Status:NewStart date:
Priority:NormalDue date:
Assignee:Jean-Philippe Lang% Done:

0%

Category:Website (redmine.org)
Target version:-
Resolution: Affected version:

Description

http://www.redmine.org/account/register and other sensitive pages should (IMHO) redirect to HTTPS when passwords are involved. Even better would be to redirect all traffic, since session cookies are involved and impersonation is trivial if you are in the right/wrong position/place.

Adding as a defect since HTTPS is configured on the server.


Related issues

Related to Redmine - Feature #25764: Redmine site shoud send emails with HTTPS links Closed

History

#2 Updated by Fernando Hartmann about 1 year ago

+1

#3 Updated by Toshi MARUYAMA about 1 year ago

  • Related to Feature #25764: Redmine site shoud send emails with HTTPS links added

Also available in: Atom PDF