-
Leigh B. Stoller authored
switching the menu when user switches between http and https (since the secret cookie is not transferred in http, we have no way of actually knowing the user is logged in from the browser). So, add another cookie that is a crc32 hash of the real cookie, and trasnfer that in http mode. A valid crc32 hash simply indicates that the user is almost certainly logged in from the browser (but does not impart any privs until we get the real cookie), while the absence of the crc32 or a mismatch indicates that user is almost certainly *not* logged in from the browser, and so we draw the usual "not logged in" page.
0efa7677