Message231702
After getting a sucessfull response, _open_generic_http will overwrite the the start of the url to be http: regardless of if it was called from open_http() or open_https(). This causes it to appear as if you were redirected to a non-secure site if you check the url properly after an open request. This is especially problematic after being redirected; it appears you were redirected to an insecure version of the site.
Attached is a patch to resolve this. It uses the type, which should be correctly set to http or https based on the calling context. |
|
Date |
User |
Action |
Args |
2014-11-26 10:37:27 | John.McKay | set | recipients:
+ John.McKay |
2014-11-26 10:37:27 | John.McKay | set | messageid: <1416998247.62.0.575795755864.issue22946@psf.upfronthosting.co.za> |
2014-11-26 10:37:27 | John.McKay | link | issue22946 messages |
2014-11-26 10:37:27 | John.McKay | create | |
|