Many thanks for writing this module, it's exactly what I've been looking for.

I think it might be a good idea to have the display of the user edit form sent over https as well, as it will include private information.

Not sure if it's easiest to rewrite links to the form, or to intercept calls to the form and redirect to https. In fact, maybe it's easier just to do the redirect with Apache and mod_rewrite...

Comments

Ezqimo’s picture

Ezqimo commented

+1

ddyrr’s picture

ddyrr commented

same here.

leop’s picture

leop commented

I think this can be achieved with the Secure Pages module.

mfb’s picture

mfb
they or he
commented
Status: Active » Closed (fixed)

This feature was already added to the module, at least in recent versions. In the settings page you can choose to have all secured forms redirect to HTTPS when they are first rendered, in addition to being submitted via HTTPS.