On Sat, 6 Aug 2011 13:13:06 +0200, Lukas Fleischer wrote:
On Sat, Aug 06, 2011 at 01:02:03PM +0200, Thomas Bächler wrote:
Am 05.08.2011 23:54, schrieb Lukas Fleischer:
[1] http://projects.archlinux.org/aur.git/commit/?id=1e7b9d57 [2] http://projects.archlinux.org/aur.git/commit/?id=5ea9fc19 [3] http://projects.archlinux.org/aur.git/commit/?id=973e4f85 [4] http://projects.archlinux.org/aur.git/commit/?id=89721137
Those commits are nothing but a charade. The very least you must do is this:
1) ALWAYS force a redirect to https on the AUR login page, never allow the login to be submitted unencrypted.
Thought about that. The problem is that there currently isn't a separate login page. Maybe removing the overall login form and creating a separate page for that will make things easier.
That was one of my arguments: Using https everywhere is plain simple to implement and you don't have to worry about any holes in your implementation; e.g. if you forgot to secure on form.
2) Ensure that the cookie is never sent over http, only over https.
We discussed that before, see the other replies. This will be implemented.
-- Pierre Schmitz, https://users.archlinux.de/~pierre