[wp-trac] [WordPress Trac] #16822: FORCE_SSL_LOGIN causes wp-login.php to have an incorrect https link
WordPress Trac
wp-trac at lists.automattic.com
Thu Apr 7 12:38:02 UTC 2011
#16822: FORCE_SSL_LOGIN causes wp-login.php to have an incorrect https link
--------------------------+------------------------------
Reporter: dbvista | Owner: jakub.tyrcha
Type: defect (bug) | Status: accepted
Priority: normal | Milestone: Awaiting Review
Component: Security | Version: 3.1
Severity: normal | Resolution:
Keywords: |
--------------------------+------------------------------
Changes (by jakub.tyrcha):
* keywords: has-patch needs-testing =>
Comment:
OK, from what I see is_ssl() is not what I thought it was. However, using
is_ssl to determine whether the home page should be displayed as http or
https is a bad idea - with FORCE_SSL_LOGIN or FORCE_SSL_ADMIN set to
'true' there may be a situation where wp-login is https and the home page
is http - using is_ssl() as you suggest would result in getting https
instead of http for the home page.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/16822#comment:5>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list