This fixes an issue where visiting http://code.redpointsoftware.com.au/ would log you out of https://code.redpointsoftware.com.au/
Details
Details
- Reviewers
epriestley - Group Reviewers
Blessed Reviewers - Maniphest Tasks
- T4425: Users are signed out if visiting HTTP when Phabricator is configured for HTTPS
- Commits
- Restricted Diffusion Commit
rP569a5be5617f: Fix issue where accessing HTTP domain would override HTTPS cookie
Applied this patch to a live server and saw the issue go away.
Diff Detail
Diff Detail
- Lint
Lint Skipped - Unit
Tests Skipped
Event Timeline
Comment Actions
Hmm.. maybe it's cleaner for the PhabricatorRedirectController not to try to write this cookie? I think the simplest fix would be to extend it from AphrontController instead of PhabricatorController. I think it's executing a lot of logic which is at best useless and at worst bad (as here) by running through PhabricatorController::willBeginExecution().
Comment Actions
I suppose this is probably worth having as a safety net in any case, since it's definitely correct, it's just a bit odd that we can end up here.