Problem/Motivation

In the initial port of the D8 module, a checkbox to force HTTPS for the login link was added, although the checkbox didn't provide any real functionality.
In the current codebase, there is no URL configured to redirect to, as the SimpleSAMLphp library takes care of the actual redirection.

So in Git I removed this useless checkbox.
I feel like (enforced) HTTPS functionality should be handled by SimpleSAMLphp or on the server level.
If your server is set up to force HTTPS for the /simplesaml path, the checkbox in Drupal is rather useless.

Glancing through the 7.x-2.x and 7.x-3.x codebase, I also don't see code actually implementing this (or I might have looked over it).

Proposed resolution

Discuss whether there is a use case to re-introduce this checkbox.
If not, this can be closed.
If there is, patches should be provided.
Commit cdc9487442680723e966c729a5f3aab4d15e3538 could be reverted as a starting point for this patch.

Comments

svendecabooter created an issue. See original summary.

svendecabooter’s picture

svendecabooter
he/him
Primary language Dutch
Location Gent
commented
Issue summary: View changes
snufkin’s picture

snufkin commented

I agree with the removal and I also think that this is not something the module, but simplesamlphp should handle. For reference here is the issue where we discussed its removal from 7.x-3.x: #2022029: how to force https in 7.x. The 8.x branch was probably started from a version when this checkbox was still available.

svendecabooter’s picture

svendecabooter
he/him
Primary language Dutch
Location Gent
commented
Status: Active » Closed (won't fix)

Should indeed have checked the issue queue before adding this.
Closing this as per #2022029: how to force https in 7.x, since we seem to be all in agreement about this.