Auto-detect SSL session and redirect to secure URL
This comment was split from the discussion: Support forcing admins to use SSL for custom hostnames
There's one gotcha in that the admin ticket update emails use the public URL on our domain (and use http), so clicking a URL in an email about a private ticket just displays the "Are you Joe Sixpack?" login screen. Clicking a public ticket URL shows the ticket but I'm not logged in, since the session cookie is on the tenderapp hostname. Clicking the header Login link does the redirect and lands me back as an admin.
Given that, for folks with custom domains, I could see using the tenderapp hostname in emails to admins. That would also allow linking with https, and make clear that implementors should use the tenderapp hostname for admin logins.
Discussions are closed to public comments.
If you need help with Tender please
start a new discussion.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
1 Posted by Hobson on 24 Apr, 2012 10:44 PM
Troy,
Thanks for the feedback on HTTP URLs being returned in staff communications. I agree that this is a big usability gap in Tender. We're evaluating a solution that would allow us to securely detect an existing HTTPS session and redirect you automatically. Stay tuned.
Regards,
-hobson
2 Posted by Troy on 24 Apr, 2012 11:01 PM
Thanks Zach. Shout if you want a tester. -T
Nicole closed this discussion on 29 Jun, 2012 06:25 PM.