From 5f4f0b5bdd2d9f9bfaa55acf1fa02b1889281a60 Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@kitenet.net>
Date: Mon, 29 Nov 2010 16:32:23 -0400
Subject: [PATCH] merged sslcookie-auto

---
 debian/changelog                                | 3 +++
 doc/todo/use_secure_cookies_for_ssl_logins.mdwn | 2 ++
 2 files changed, 5 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index ec995a08a..82f9ece19 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -7,6 +7,9 @@ ikiwiki (3.20101130) UNRELEASED; urgency=low
   * API: urlto without a defined second parameter now generates an url
     that starts with "/" (when possible; eg when the site's url and cgiurl
     are on the same domain).
+  * Now when users log in via https, ikiwiki sends a secure cookie, that can
+    only be used over https. If the user switches to using http, they will
+    need to re-login. (smcv)
 
  -- Joey Hess <joeyh@debian.org>  Mon, 29 Nov 2010 14:44:13 -0400
 
diff --git a/doc/todo/use_secure_cookies_for_ssl_logins.mdwn b/doc/todo/use_secure_cookies_for_ssl_logins.mdwn
index f72b2d2d5..194db2f36 100644
--- a/doc/todo/use_secure_cookies_for_ssl_logins.mdwn
+++ b/doc/todo/use_secure_cookies_for_ssl_logins.mdwn
@@ -32,3 +32,5 @@ get a secure session cookie, but if you log in over HTTP, you won't.
 > first, so that dual https/http sites can better be set up. --[[Joey]]
 
 >> Thanks for merging that! :-) --s
+
+[[merged|done]] --[[Joey]] 
-- 
2.44.0