BZ login is insecure

Submitted by Matthew Woehlke

Assigned to Nobody

Link to original bugzilla bug (#1769)

Description

(Not sure how to file a bug against Eigen's BZ; hopefully this will get to the right people.)

Eigen's BZ login is insecure, for no apparent reason. The server, in general, does not auto-redirect HTTP to HTTPS, and the stand-alone login page, even served over HTTPS, wants to submit the login via insecure HTTP.

Live-editing the HTML to "correct" the submit address demonstrates that there is no need for this insecurity.