Drupal - Secure Pages

Secure pages module redirects the required pages to a SSL version of the page, so you make sure the user is running on a secure page when they are creating/editing content, viewing user details, or administering the site.

ClickPath module is incompatible with secure pages.

Hijack prevention module is an add-on to the securepages module that will prevent hijacked sessions from accessing SSL pages, yet still allow users to stay logged in when browsing non-SSL pages. The login form is also secured, both on the user page and the login block.

Secure pages provides a setting to automatically redirect back to non-secure connection when a target page is not listed in the secure list. This is helpful if you surf your site with Internet Explorer and hit a page with embedded youtube video. Youtube by default provides flash script from non-secure address making IE complain if it is embedded in a secure page. On the other hand this can break Javascript in IMCE or Image Assist which open helpers in a separate window and need to interact with FCKeditor in the original window. If FCKeditor is on secure page and IMCE is not, the browser will deny access and screw things up. Similar problems with AJAX^? uploaders and progress meters. So, if you declare "node/*/edit" as secure, also do include the following in the list of secure pages:

• imce*
  
• img_assist*
  
• filefield/*
  
• upload/js*