Trac allows unencrypted (http) logins
|Reported by:||Michael Witten||Owned by:|
|Version:||unspecified||Keywords:||http https security password login|
|Blocking:||Reproduced by developer:||no|
|Analyzed by developer:||no|
This page (http vs https) should not be functional:
I was at that link when my browser warned me that entering my password would not be secure; that page should probably be disabled under an unencrypted (http) connection, or perhaps redirect to an encrypted connection (https).