# HG changeset patch
# User Chris Cannam
# Date 1298023330 0
# Node ID 83bf35c4f9d1ec4531adf7552c1c97892b3460b0
# Parent  497c5985af720d5ed4dc6a55a7d8a1f312c964cd# Parent  4b1a23d816833b62ff51ac4a262921aea85bef69
Merge from branch "bug_83"

diff -r 497c5985af72 -r 83bf35c4f9d1 app/controllers/application_controller.rb
--- a/app/controllers/application_controller.rb	Thu Feb 17 19:47:09 2011 +0000
+++ b/app/controllers/application_controller.rb	Fri Feb 18 10:02:10 2011 +0000
@@ -263,6 +263,12 @@
         uri = URI.parse(back_url)
         # do not redirect user to another host or to the login or register page
         if (uri.relative? || (uri.host == request.host)) && !uri.path.match(%r{/(login|account/register)})
+          # soundsoftware: if login page is https but back_url http,
+          # switch back_url to https to ensure cookie validity (#83)
+          if (uri.scheme == "http") && (URI.parse(request.url).scheme == "https")
+            uri.scheme = "https"
+            back_url = uri.to_s
+          end
           redirect_to(back_url)
           return
         end