Posted by greggles on July 20, 2009 at 10:07pm
Jump to:
| Project: | Secure Pages |
| Version: | 6.x-1.x-dev |
| Component: | Documentation |
| Category: | task |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | closed (fixed) |
Issue Summary
The module http://drupal.org/project/securepages_prevent_hijack is an important enhancement for securepages. I think it should be listed on the project page, like:
Users who are looking for protection against a sniffer reading form data in the clear should use securepages. If you also want to prevent the "hijack" of a user's session then you will need to also use the Securepages Hijack Prevention module.
Comments
#1
What about just merging the two together, since in most cases people need both anyway? Are they maintained by the same person?
#2
That does seem better to me as well to merge them. I don't know why they are separate. They are not the same author.
#3
Basically the reason I have not included this patch was because it was going to break things that I am in the process of implementing such as shared ssl support.
#4
Sure, but you could add it to the project page for users of the 6.x-1.* (I assume your new features will be in a 2.x branch).
#5
Mod parent up.
It seems absurd that securepages does not do this out of the box. Glad there is already a plan to integrate these.
#6
The project page currently has this text:
#7
Indeed - I got bored of waiting http://drupal.org/node/65632/revisions/view/517050/776326
#8
Automatically closed -- issue fixed for 2 weeks with no activity.