I've been playing around with a new security feature for Plone.
When you deploy Plone, you might want to have two separate URLs, one being a heavily cached public domain such as https://blabla.com, and one used internally by editors to maintain content such as https://internal.blabla.com
You don't want your editors to log into the https://blabla.com
This new "editing URL" setting in the Security control panel lets you specify an optional editing URL. If it is set, and if someone tries to go to the /login_form from a non-matching URL, e.g. an editor mistakenly tries to login via https://blabla.com/login_form, they'll get a blank page.
The two branches I put this code in are at: