LQ Suggestions & FeedbackDo you have a suggestion for this site or an idea that will make the site better? This forum is for you.
PLEASE READ THIS FORUM - Information and status updates will also be posted here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
just noticed something weird... let's say i login to LQ using HTTPS... then i go into my email and click on a link in a LQ "Reply to post" message (or go directly to LQ via HTTP) -- i'll need to login *again* (this time via HTTP)... is this a problem on my end, or can anyone else confirm this behavior??
thanks for the reply!!! yeah, that makes sense... i wonder why i never noticed before... i guess i've always been logged-in using both methods... =/
EDIT: actually, i just did a test and realized the inverse is not true... in other words, if you log-in via HTTP and then switch to HTTPS you'll be fine... you only need to re-login when going from HTTPS to HTTP...
on a side note... what are your thoughts on a checkbox in the user's configuration section which when checked would make it so that the "Reply to post" email messages (or better yet, any LQ message) would use HTTPS links instead of HTTP ones??
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
I believe a "secure" cookie can be read by both, but not the inverse (which makes sense). We've never fully supported or advertised the SSL address, which is something we should do. I'll look into proper support for a future release. Thanks!
I know I saw on one of the security lists a recommendation that, for security reasons, the entire internet should be defaulted to ssl. The drawback is the reduction in speed.
[ takes a few extra seconds to load an ssl page over a non secured page ]
It would remove phishing / fake site issues almost entirely is the reasoning.