1
Vote

logon insecure by default (no https)

description

Clicking 'Sign In' from the root home page, "http://nuget.org", sends the user to:
http://nuget.org/Users/Account/LogOn?ReturnUrl=%2F

Expected Result:
Clicking 'Sign In' should send the user to:
https://nuget.org/Users/Account/LogOn?ReturnUrl=%2F

(note the https)

Typing the https in explicitly works fine so SSL is set up correctly.

comments