SSLMiddleware currently has some SourceForge-specific bits that we should factor out, so anyone can use it.
We should also support secure session cookies, and do so in a way that works with mixed http/https usage. E.g. with a non-secure cookie that acts as a flag indicating a secure session is available and the app can redirect from http->https.
Log in to post a comment.