We also have cookies problems related to Mozilla 1.x with ACS 4.5 and https login.
After many days crazy, today i have received a great help of C.R. Oldham, who solved another problem related to https and cookies at this thread:
https://openacs.org/forums/message-view?message_id=33419
--------
Well, what I discovered was that Mozilla was violating the cookie spec.
It was storing port numbers with the cookie, so that meant if you logged
in with https you were not logged in via http (and could never get
logged in via http) on nonstandard ports. I reported this as a bug to
the Mozilla developers and after much discussion they finally fixed it
in a late 1.1 build I think. But I have not checked this lately, it's
possible they backed out the changes due to user feedback or something.
-------
In our case IE6 run well. It's Mozilla 1.0 and 1.1 who doesn't.
We will try this with the new Mozilla 1.2 an 1.3b, but maybe it's time to revise a little the cookie's thing.
In our case we only want to use non standard ports (8000 and 8443) for a internal little development website.
When we try to use 8443 for the login via https, with the patch from C.R. Oldham for oacs 4.5 and another code from Ybos (acs 4.2) for non-standard ports, we are able to make it work with IE and Opera, but not with Mozilla, due to the non-standard cookies.
/Jorge
