Bug 63687

Summary: HTTPS -> HTTP redirects
Product: [Community] Bugzilla Reporter: Andrew Bartlett <abartlet>
Component: Bugzilla GeneralAssignee: David Lawrence <dkl>
Status: CLOSED CURRENTRELEASE QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 2.8Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-06-18 18:51:56 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Andrew Bartlett 2002-04-17 14:26:55 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.9) Gecko/20020311

Description of problem:
Bugzilla seems to be doing a lot of HTTPS -> HTTP redirects

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Log in with SSL
2. Use mozilla
3. Set message boxes for entering and leaving SSL mode
	

Actual Results:  Lots of warnings as every page caused a redirect to HTTP and
back again

Expected Results:  ALL HTTPS encrypted, secure communication

Additional info:

I think this is exposing my bugzilla password to the world...

I had to log in again with HTTPS before I could submit my bug.

I don't like that...

Comment 1 Andrew Bartlett 2002-04-17 21:14:20 UTC
(typo) I had to log in with HTTP before I could finish submitting my bug.

Comment 2 David Lawrence 2004-06-18 18:51:56 UTC
Reported that this no longer happens. Closing.