Support SSL for some, all, or no pages

Support SSL URLs either for all pages; no pages; or for sensitive pages accepting passwords, like login, registration, API, and others.
author: Evan Prodromou <evan@controlyourself.ca> 2009-03-26 15:03:59 -0400
committer: Evan Prodromou <evan@controlyourself.ca> 2009-03-30 17:12:02 -0400
commit: e149f3d64b5c0a58b299fb607824a1cd515836a4 (patch)
tree: ddbbd8953ef55888474a56a8f92e6f14203ebea3 /README
parent: 47b89aa2c3a3e07d6dc63cd5be1d558af8ece233 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/README b/README
index 73cb95367..70815c141 100644
--- a/README
+++ b/README
@@ -925,6 +925,16 @@ dupelimit: Time in which it's not OK for the same person to post the
            same notice; default = 60 seconds.
 logo: URL of an image file to use as the logo for the site. Overrides
       the logo in the theme, if any.
+ssl: Whether to use SSL and https:// URLs for some or all pages.
+     Possible values are 'always' (use it for all pages), 'never'
+     (don't use it for any pages), or 'sometimes' (use it for
+     sensitive pages that include passwords like login and registration,
+     but not for regular pages). Default to 'never'.
+sslserver: use an alternate server name for SSL URLs, like
+           'secure.example.org'. You should be careful to set cookie
+           parameters correctly so that both the SSL server and the
+           "normal" server can access the session cookie and
+           preferably other cookies as well.
 
 db
 --
author	Evan Prodromou <evan@controlyourself.ca>	2009-03-26 15:03:59 -0400
committer	Evan Prodromou <evan@controlyourself.ca>	2009-03-30 17:12:02 -0400
commit	e149f3d64b5c0a58b299fb607824a1cd515836a4 (patch)
tree	ddbbd8953ef55888474a56a8f92e6f14203ebea3 /README
parent	47b89aa2c3a3e07d6dc63cd5be1d558af8ece233 (diff)