	cosign-discuss at umich.edu
	general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

url for services should be secure?

To: Cosign Discussion <cosign-discuss@xxxxxxxxx>
Subject: url for services should be secure?
From: Phil Pishioneri <pgp@xxxxxxx>
Date: Wed, 12 May 2004 14:27:06 -0400
User-agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7b) Gecko/20040421

Shouldn't the URL for the services menu be secure? (Not because it's sensitive info, but because most people are only running the login/logout service on the secure port.)

Patch attached.

-Phil

--- cgi.c.ORIG  Tue May 11 23:49:39 2004
+++ cgi.c       Wed May 12 14:15:05 2004
@@ -290,7 +290,7 @@
        }
 
        /* authentication successful, show service menu */
-       printf( "Location: http://%s%s\n\n";, cosign_host, SERVICE_MENU );
+       printf( "Location: https://%s%s\n\n";, cosign_host, SERVICE_MENU );
        exit( 0 );
     }
 
@@ -613,7 +613,7 @@
        exit( 0 );
     }
 
-    printf( "Location: http://%s%s\n\n";, cosign_host, SERVICE_MENU );
+    printf( "Location: https://%s%s\n\n";, cosign_host, SERVICE_MENU );
     exit( 0 );
 
 loginscreen:

Follow-Ups:
- Re: url for services should be secure?
  - From: johanna bromberg craig

Prev by Date: ISAPI & MIT K5 Tickets
Next by Date: Re: url for services should be secure?
Previous by thread: ISAPI & MIT K5 Tickets
Next by thread: Re: url for services should be secure?
Index(es):
- Date
- Thread