Forum OpenACS Q&A: Re: Secure Vs. Insecure locations
If I login under http as Site Wide Administrator and then select the 'Site Wide Admin' link on the default Main Site page the redirect to https:// is screwy :
Seems to be adding the Url stub inappropriately. If I log in under https the redirect is fine (I remember reading that this is a token issuing anomaly). Can anyone confirm that restricting the login page to https is the only answer.
With 'register/*' restricted to httpS.
If a user has logged in under httpS but then visits a static page under http and selects 'Your Workspace' from the context menu and then selects 'Log Out', the redirect URL for the registration page comes up as :
Where is this extra www.server4.com coming from and can I prevent it?