Accessing via HTTP signs you out in most cases

Discuss ideas and suggestions around the website.
User avatar
Community Administrator
Posts: 14631
Joined: Tue Nov 27, 2007 8:48 pm
Location: Sandy, Utah

Accessing via HTTP signs you out in most cases

Postby aebrown » Tue Nov 27, 2012 4:47 pm

When you are signed in to, you will be using HTTPS. As long any subsequent links you access use HTTPS, you will continue to be signed in. However, if you access most pages on using HTTP, you will immediately be signed out.

For example, you can visit any of these links and you will be signed out:

This is a problem that I bump into frequently. For example, I might be signed in to and working on the Newsletter. I find I need to do some research, so I open up a new tab in my browser and start doing some searches. In the course of my searching, I may come across a blog post where someone links to the Temples page on I follow that link, and the innocent act of doing so means that when I return to my Newsletter tab, I will be signed out. If I was foolish enough to be in the middle of creating or editing an article when I switched tabs, my edits will be lost. But even if I don't lose work, I have to sign in again, which is a pain.

However, some pages you can visit using HTTP and as soon as you go back to a page using HTTPS, you will find out that you are still signed in. For example:

  • (actually, the General Conference page and all pages under it are the only examples of this behavior that I could find in my admittedly cursory search)
This sign out problem will happen for some links that redirects you to a page on, even if you use HTTPS. For example, any of the following links will take you to the appropriate page on using HTTP, and thus sign you out from

And yet there are some HTTP links that redirect you to content on, where following such links won't sign you out. Here are some examples:

What are my conclusions from all this?

  • It's far too easy to get signed out from by accidentally visiting a page on using HTTP. Since many pages manage to preserve your session even if you happen to use HTTP, all pages should do this.
  • is not at all consistent in how it handles URLS that redirect to a page on In my opinion, using a redirect should not end your session.
I originally noticed some aspects of this behavior in the thread Following links to signs you out, but I think it deserves a new thread.
Questions that can benefit the larger community should be asked in a public forum, not a private message.

Return to “ Website”

Who is online

Users browsing this forum: No registered users and 2 guests