Signup interception vulnerability

[eonsik]

On the signup page, the password input seems like it can be intercepted in the middle and changed to something else than the user intended.

@jeftsd @eonsik

[jeftsd]

Solution: force HTTPS on all server-client communications