[p2pu-dev] Question about the https change

Jos Flores josmasflores at gmail.com
Fri Apr 13 16:29:37 UTC 2012


Hey guys, is all the site now running under https?
If so, would it make things slower and generate more load on the server?

We are seeing some side effects:
http://help.p2pu.org/discussions/problems/170-cannot-stay-logged-in

I'm sure you guys have a good reason to change to a secure connection
but wouldn't protecting the login page be enough?

Here's a piece of middleware (I haven't tested!) that passes the
cookie back to http after secure login:
http://stackoverflow.com/questions/2799450/django-https-for-just-login-page

Has drawbacks but I think we could live with them? any thoughts?

I realise that a lot of work has gone into this
(http://p2pu.lighthouseapp.com/projects/71002/tickets/529-settup-https-on-newp2puorg#ticket-529-34)
so apologies for being a pain in the neck and bringing this up this
late!

cheers,
José


More information about the p2pu-dev mailing list