Posted by erikwebb on November 19, 2012 at 9:38pm
4 followers
Jump to:
| Project: | Drupal Commons |
| Version: | 7.x-3.x-dev |
| Component: | Code |
| Category: | feature request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Issue Summary
For a largely authenticated site like one that runs Commons, it's always best to use HTTPS to secure all of the user sessions. I'm sure any corporate Intranet will do that and hopefully many community sites will as well.
I know this is not a use case for all Commons sites, so it should not be enabled by default. However, since it is relatively common, we should acknowledge it. But since it requires core patches right now (and the foreseeable future), maybe we should include at least those core patches, so that others do not need to hack Commons core.
Comments
#1
Seems reasonable. I'd accept a patch to add these to the make file.
#2