Tweaking the default filter values
| Project: | Secure Pages |
| Version: | 6.x-1.8 |
| Component: | Miscellaneous |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
First of all, let me start by saying thankyouthankyouthankyouthankyou. I so needed this module. I have some suggestions for the default path filters, though, because I see some potential problems. These are the defaults I have:
node/add*
I'd split this one so that it makes an exact match with the system paths. Not a big deal, but why not:
node/add
node/add/* (* matches page, forum, blog, etc.)
node/*/edit
No problem here.
user/*
This one's a BIG problem because the user login page is "user" (which doesn't match "user/*") so users can log in without SSL, which I believe is the whole point of this module. I split this one as well so that it exactly matches the system paths:
user
user/* (* matches uid, edit, etc.)
admin*
Like node/add* this should exactly match the system path, but in this case it's more important. This one would redirect to SSL on a url alias called, say, "administration_offices," which is pointless. So I split this one too:
admin
admin/* (* matches menu, aggregator, forum, etc.)
Just some suggestions to make sure SSL comes on at the right time, and not when there's no point.
Thanks again for the module!
#1
Thanks for that detailed explanation of problems with the default filter values. I got here, because I figured out a problem with the unsecure user login.
As the defautl values haven't changed until today, I update the version of this issue.
If I get it right, we have the following list now, covering all the problems you mentioned:
node/addnode/add/*
node/*/edit
user
user/*
admin
admin/*