I think that might be a bit dangerous since browsers save history and there are few known security flows that allow extracting the browser history. not to mention possible ARP poisoning and man in the middle attacks which also can sniff passwords but easier on plan urls. if we to do this it need to be under https
-- You received this bug notification because you are a member of Open Font Library Developers, which is subscribed to Open Font Library. https://bugs.launchpad.net/bugs/728872 Title: users need a separate sign-in page from admins Status in Open Font Library: Fix Committed Bug description: The current "Log in" in the header links to [root]/login, which is the sign-in page for admins. The link could instead read "Sign in" and must point to [root]/users/sign_in or [root]/users/login A widget then needs to be available on at that url to handle sign-in _______________________________________________ Mailing list: https://launchpad.net/~aikiframework.admins Post to : [email protected] Unsubscribe : https://launchpad.net/~aikiframework.admins More help : https://help.launchpad.net/ListHelp
