diff --git a/checkin_notes b/checkin_notes
index e539621fcd..7b0920a6b9 100644
--- a/checkin_notes
+++ b/checkin_notes
@@ -6625,3 +6625,16 @@ David  15 Sept 2010
 
     client/
         cs_benchmark.cpp
+
+David  15 Sept 2010
+    - web: don't require that SECURE_URL_BASE be set,
+        or that it end with a /
+
+    html/
+        inc/
+            user.inc
+            util.inc
+        user/
+            create_account_form.php
+            edit_email_form.php
+            login_form.php
diff --git a/html/inc/user.inc b/html/inc/user.inc
index 00712df746..4ab6f0fdbe 100644
--- a/html/inc/user.inc
+++ b/html/inc/user.inc
@@ -209,7 +209,7 @@ function show_user_info_private($user) {
     row2(tra("Postal code"), $user->postal_code);
     row2(tra("%1 member since", PROJECT), date_str($user->create_time));
     $url_tokens = url_tokens($user->authenticator);
-    row2(tra("Change"), "<a href=\"edit_email_form.php\">".tra("email address")."</a> | <a href=\"".SECURE_URL_BASE."edit_passwd_form.php\">".tra("password")."</a> | <a href=\"edit_user_info_form.php?$url_tokens\">".tra("other account info")."</a>");
+    row2(tra("Change"), "<a href=\"edit_email_form.php\">".tra("email address")."</a> | <a href=\"".SECURE_URL_BASE."/edit_passwd_form.php\">".tra("password")."</a> | <a href=\"edit_user_info_form.php?$url_tokens\">".tra("other account info")."</a>");
     row2("", "<a href=\"logout.php?$url_tokens\">".tra("Log out")."</a>");
     row2(tra("User ID")."<br/><span class=\"note\">".tra("Used in community functions")."</span>", $user->id);
     if (!no_computing()) {
diff --git a/html/inc/util.inc b/html/inc/util.inc
index e5c272e267..e08bbb833a 100644
--- a/html/inc/util.inc
+++ b/html/inc/util.inc
@@ -28,6 +28,10 @@ ini_set("memory_limit", "64M");
 
 date_default_timezone_set("UTC");
 
+if (!defined('SECURE_URL_BASE')) {
+    define('SECURE_URL_BASE', URL_BASE);
+}
+
 $generating_xml = false;
 $caching = false;
 
diff --git a/html/user/create_account_form.php b/html/user/create_account_form.php
index 8c76823e04..4b51267720 100644
--- a/html/user/create_account_form.php
+++ b/html/user/create_account_form.php
@@ -27,7 +27,7 @@ if (defined('SECURE_URL_BASE')
     && strstr(SECURE_URL_BASE, "https://")
     && !$_SERVER['HTTPS']
 ) {
-    Header("Location: ".SECURE_URL_BASE."create_account_form.php?next_url=$next_url");
+    Header("Location: ".SECURE_URL_BASE."/create_account_form.php?next_url=$next_url");
     exit;
 
 }
diff --git a/html/user/edit_email_form.php b/html/user/edit_email_form.php
index 043d9d29bd..ab4523445e 100644
--- a/html/user/edit_email_form.php
+++ b/html/user/edit_email_form.php
@@ -44,7 +44,7 @@ row2(tra("New email address").
 
 row2(
     tra("Password").
-    "<br><a href=".SECURE_URL_BASE."edit_passwd_form.php><font size=-2>".tra("No password?")."</font></a>",
+    "<br><a href=".SECURE_URL_BASE."/edit_passwd_form.php><font size=-2>".tra("No password?")."</font></a>",
     "<input type=password name=passwd>"
 );
 row2("", "<input type=submit value='".tra("Change email address")."'>");
diff --git a/html/user/login_form.php b/html/user/login_form.php
index 40cb413e02..6dc114d19d 100644
--- a/html/user/login_form.php
+++ b/html/user/login_form.php
@@ -25,7 +25,7 @@ if (defined('SECURE_URL_BASE')
     && strstr(SECURE_URL_BASE, "https://")
     && !$_SERVER['HTTPS']
 ) {
-    Header("Location: ".SECURE_URL_BASE."login_form.php?next_url=$next_url");
+    Header("Location: ".SECURE_URL_BASE."/login_form.php?next_url=$next_url");
     exit;
 
 }
@@ -35,7 +35,7 @@ $user = get_logged_in_user(false);
 page_head("Log in");
 
 echo "
-    <form name=\"f\" method=\"post\" action=\"".SECURE_URL_BASE."login_action.php\">
+    <form name=\"f\" method=\"post\" action=\"".SECURE_URL_BASE."/login_action.php\">
     <input type=\"hidden\" name=\"next_url\" value=\"$next_url\">
 ";
 start_table();