[allura:tickets] #6668 Login overlay iframe may not work if on http page

[Dave Brondsema <br...@users.sf.net>]

- **status**: code-review --> closed
- **QA**: Dave Brondsema



---

** [tickets:#6668] Login overlay iframe may not work if on http page**

**Status:** closed
**Labels:** import 
**Created:** Wed Sep 18, 2013 06:14 PM UTC by Dave Brondsema
**Last Updated:** Tue Sep 24, 2013 05:24 PM UTC
**Owner:** Cory Johns

If you're on an http page, and the login overlay is used, and the fragment URL is on https and specifies the `X-Frame-Options: SAMEORIGIN` header, then it will not load.

I think we should make the scheme of the login overlay page match that of the iframe fragment URL.


---

Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/

To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.