Last modified: 2011-10-03 11:56:23 UTC
Hi, I think I've found a major issue in how CentralAuth handles https : when logging in with global login enabled, Special:UserLogin loads remote images from http://wikiwhatever/Special:AutoLogin?token=secrettoken (one image per project), while it should load them from http*s*://sameurl (when browsing using https, of course). What happens is that cookies are sent unencrypted =/ I guess images should use protocol relative URLs as well. Best regards, -- Arkanosis@frwiki
It's due to the switch between secure services. This issue is known, and will be handled today I've been told.
Fine, thanks :)
Fixed in r98745, deployed just now and working for me.
Works for me too. Thanks a lot!