https://issues.apache.org/bugzilla/show_bug.cgi?id=24739
--- Comment #5 from Andrew Mottaz <[email protected]> 2011-02-22 11:59:24 EST --- How can you say there are no valid use cases? Virtually EVERY ecommerce site on the internet supports this behavior. Amazon.com, Apple.com, Dell.com. Basically - whether a session sticks after secure access is based solely on the whim of your first access method? Just give developers control. It can still default to secure - make it programatic to explicitly use insecure. Right now, hundreds of sites have to do a redirect to an insecure page to establish the session. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
