This project is not covered by Drupal’s security advisory policy.

This module adds support for mixed use of SSL and non-SSL (http and https protocols) for the 6.x branch of Domain Access.

Currently, Domain Access allows you to specify per domain whether to use http or https, and if a domain source is configured, URLs throughout that site (including form actions and so forth) use that protocol. However, if your site mixes use of both protocols (say, with SSL to protect the user login page, admin pages, or authenticated sessions in general), Domain Access does not support that configuration.

For background information, see the original issue: #758714: Allow both http and https for a given domain?

Module status/roadmap

Current features

  1. Make form submissions functional when the domain is configured for http but https is being used on the current page request.

Possible features

  1. Allow certain paths to be configured to use a separate protocol from the domain's main protocol.
  2. Enforce use of the request protocol to reduce "secure and insecure content" errors.

Anyone who could use this functionality is encouraged to post feature requests and especially patches, since the existing module meets the author's needs at present.

Project Information