Forum OpenACS Development: Re: Return URL checking on login breaks when switching from HTTPS to HTTP

I changed the check to this:

    if {[util_complete_url_p $return_url] && ![regexp "^[ad_url]" $return_url]} {

And that works if your register page is HTTPS and you redirect to HTTP. That should cover almost every case. I can't imagine you would have an HTTP login page, but redirect to HTTPS.

Is this reasonable? It checks if the redirect matches the system url as specified in the acs-kernel parameters.