[asquabventured]

Good! Now move to https!!!

Secure the damn web.

[rifung]

Only slightly related but even Amazon isn't on HTTPS, which I find to be a much bigger issue since they deal with credit cards

[a457186]

Both https://amazon.com and https://amazon.de work for me.

[atom_enger]

Was hoping someone would say this. This should be the only thing they focus on this year until it's done. I see that they POST to a secure endpoint when logging in but that doesn't make a difference once the session cookies are transmitted in the clear.

[flavioribeiro]

yep, this is on our roadmap