|Anonymous | Login||2015-03-28 01:28 CET|
|My View | View Issues | Change Log | Roadmap | Repositories | Vote Tallies|
|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|07405||Feature requests||[All Projects] Authentication||public||2010-04-26 15:16||2010-04-26 15:16|
|Target Version||Fixed in Version|
|Summary||07405: SSLencrypted Adminlogin without enforcing SSLencrypted access to the surveys|
The setting of $rooturl = "http://$_SERVER['HTTP_HOST'] [^] only allows you to set https or http . No casewise SSLencryption.
Often installations are using selfsigned certs which will produce cryptic messages beside adding load when just delivering surveys to respondents.
A workaround is leaving the $rooturl empty. But that is causing problems with e.g. links in emails incorrect.
To use rewrite url routine of the webserver is another.
|Additional Information||A possible solution: Offer a separate admin url in the config.php|
With the separate admin url setting the SSL can be enforced when loggin in without causing any problems on the frontend side.
|Tags||No tags attached.|
|Only registered users can voice their support. Click here to register, or here to log in.|
|Opponents:||user1, tringate, jjmartinez|
|Copyright © 2000 - 2015 MantisBT Team|