Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.node/*/edit is included, but not the delete op.
| Comment | File | Size | Author |
|---|---|---|---|
| securepages.delete.patch | 775 bytes | grendzy |
Comments
Comment #1
shap commentedAlso "user" needs to be added (not to be confused with "user/*"). This causes the primary login page that normally contains the login form to get moved to https. Since the post action in the login block does not specifiy a fully URL, this has the effect of guarding the initial password transfer.
I do not know it this will work correctly when base_url has been specified, but it definitely works when base_url has not been specified, and it should do no harm in other cases.
Comment #2
grendzy commentedautomatically closed - The 4.7 branch is no longer supported. If this issue is present in a currently supported version, please change the version field and re-open. Thanks!