SSL and login fixes for rt.cpan.org

For increased security, rt.cpan.org now redirects all non-SSL requests to the HTTPS side of the service. Although we always encouraged using rt.cpan.org over SSL, we haven't required it until now.

This change happily fixes login continuity problems caused by having a secure cookie but clicking on non-secure links. If you had issues staying logged into the service, it should be much better now.

Additionally, OpenID login now works again after applying some fixes last night. The RT security releases from April originally broke it.

If you have problems with the service please email us at cpan-questions@bestpractical.com.

Share this post: