Support SSL for some, all, or no pages

Support SSL URLs either for all pages; no pages; or for sensitive pages accepting passwords, like login, registration, API, and others.
author: Evan Prodromou <evan@controlyourself.ca> 2009-03-26 15:03:59 -0400
committer: Evan Prodromou <evan@controlyourself.ca> 2009-03-26 15:03:59 -0400
commit: 07eae0ce4d927851a839cf50d5cb9b7a06b979a2 (patch)
tree: b9ddbbe1fb600ae96f3bda88a71eebe832bbb191 /README
parent: 2becd5849d76e052ecfe066b5376a65b9c70fad6 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/README b/README
index 7feb7d90b..62f4f1863 100644
--- a/README
+++ b/README
@@ -925,6 +925,16 @@ dupelimit: Time in which it's not OK for the same person to post the
            same notice; default = 60 seconds.
 logo: URL of an image file to use as the logo for the site. Overrides
       the logo in the theme, if any.
+ssl: Whether to use SSL and https:// URLs for some or all pages.
+     Possible values are 'always' (use it for all pages), 'never'
+     (don't use it for any pages), or 'sometimes' (use it for
+     sensitive pages that include passwords like login and registration,
+     but not for regular pages). Default to 'never'.
+sslserver: use an alternate server name for SSL URLs, like
+           'secure.example.org'. You should be careful to set cookie
+           parameters correctly so that both the SSL server and the
+           "normal" server can access the session cookie and
+           preferably other cookies as well.
 
 db
 --
author	Evan Prodromou <evan@controlyourself.ca>	2009-03-26 15:03:59 -0400
committer	Evan Prodromou <evan@controlyourself.ca>	2009-03-26 15:03:59 -0400
commit	07eae0ce4d927851a839cf50d5cb9b7a06b979a2 (patch)
tree	b9ddbbe1fb600ae96f3bda88a71eebe832bbb191 /README
parent	2becd5849d76e052ecfe066b5376a65b9c70fad6 (diff)