[eluser]RickP[/eluser]
I have just started to use CI and like it very much but this is a potential problem.
Before using CI my code was effectively similar to CI but backwards. IOW, when a page executed the first thing that happened was that several variables specific to that page were set and then 'header.php' was included. The first lines of header.php check if the variable $safe was 'yes' and whether the url was http:// or https://. If the two didn't match then I would execute a header("Location:..." with the correct info and the same page.
Thus, pages that needed to be secure, and
only those pages, used https://.
