diff --git a/app/controllers/public/content_viewer_controller.rb b/app/controllers/public/content_viewer_controller.rb
index d4bef04..d414841 100644
--- a/app/controllers/public/content_viewer_controller.rb
+++ b/app/controllers/public/content_viewer_controller.rb
@@ -44,6 +44,10 @@ class ContentViewerController < ApplicationController
       return if redirect_to_ssl
     end
 
+    if @page.public?
+      return unless avoid_ssl
+    end
+
     if !@page.display_to?(user)
       # FIXME find a nice "access denied" layout
       render :action => 'access_denied', :status => 403, :layout => false
diff --git a/test/functional/content_viewer_controller_test.rb b/test/functional/content_viewer_controller_test.rb
index 3f4ddc5..43a642c 100644
--- a/test/functional/content_viewer_controller_test.rb
+++ b/test/functional/content_viewer_controller_test.rb
@@ -460,6 +460,13 @@ class ContentViewerControllerTest < Test::Unit::TestCase
     assert_redirected_to :protocol => 'https://', :profile => 'testinguser', :page => [ 'myarticle' ]
   end
 
+  should 'avoid SSL for viewing public articles' do
+    @request.expects(:ssl?).returns(true).at_least_once
+    page = profile.articles.create!(:name => 'myarticle', :body => 'top secret', :public_article => true)
+    get :view_page, :profile => 'testinguser', :page => [ 'myarticle' ]
+    assert_redirected_to :protocol => 'http://', :profile => 'testinguser', :page => [ 'myarticle' ]
+  end
+
   should 'not redirect to SSL if already on SSL' do
     @request.expects(:ssl?).returns(true).at_least_once
     page = profile.articles.create!(:name => 'myarticle', :body => 'top secret', :public_article => false)
--
libgit2 0.21.2