[wp-trac] [WordPress Trac] #15928: wp_get_attachment_url does not check for HTTPS

WordPress Trac noreply at wordpress.org
Mon Nov 17 18:58:52 UTC 2014


#15928: wp_get_attachment_url does not check for HTTPS
--------------------------+-----------------------------
 Reporter:  atetlaw       |       Owner:  boonebgorges
     Type:  defect (bug)  |      Status:  accepted
 Priority:  normal        |   Milestone:  Future Release
Component:  Permalinks    |     Version:  3.0.3
 Severity:  normal        |  Resolution:
 Keywords:  needs-patch   |     Focuses:
--------------------------+-----------------------------

Comment (by joemcgill):

 Your first three points all make perfect sense to me. I had considered
 whether it would be best limit the filter to only look for the upload
 directory url inside of a src attribute and you're probably correct that
 it's better to be conservative here.

 In terms of your last point, the only question that I would have is
 whether it would be better from a security point of view to return
 https:// urls, which would be broken because of an insecure content
 errors, rather than display the content. Because by not doing so, aren't
 we effectively breaking HTTPS by displaying mixed content when the
 function is being called from within an SSL context (e.g.
 https://secure.mydomain.com)?

 I'm really interested in opinions on that particular point, because we are
 making a pretty important design decision for how that function should
 work. If we go the less aggressive route, I think we need to create extra
 filters for places where this function is used to create content displayed
 in the admin area of a site (when using SSL) than what we currently have
 in place.

 Another approach would be to add a new parameter to that function that is
 basically a boolean for forcing the function to return SSL urls when
 called from an SSL context, and then make sure that all the times the
 admin uses `wp_get_attachment_url()` we are passing along `true` to that
 parameter (or even just make true the default). Would that approach be
 better?

 Once we figure out the right approach, I'm happy to create another patch
 to try to close this up.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/15928#comment:85>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list