Removes the NO_HTTPS flags on three pages:

Removes the NO_HTTPS flags on three pages:

1. We never serve a non-https link to those pages.
2. Setting NO_HTTPS removes the default DO_AUTH flag, which means an
   unauthenticated user will not get the login form.
3. I'm pretty sure the auth cookie is set as secure (at least it
   should), which means an user on http will never be authenticated.

Signed-off-by: Vincent Zanotti <vincent.zanotti@m4x.org>