[wp-trac] [WordPress Trac] #19023: Images in Edit Comments break SSL
WordPress Trac
wp-trac at lists.automattic.com
Fri Oct 21 21:46:25 UTC 2011
#19023: Images in Edit Comments break SSL
----------------------------+------------------------------
Reporter: joostdevalk | Owner: nacin
Type: defect (bug) | Status: reviewing
Priority: high | Milestone: Awaiting Review
Component: Administration | Version: 3.3
Severity: normal | Resolution:
Keywords: |
----------------------------+------------------------------
Changes (by kurtpayne):
* cc: kpayne@… (added)
Comment:
Doing a simple http -> https replacement won't work in circumstances where
a user has attached an image from an external domain. I have created
proof-of-concept patch to do http -> https rewrites where possible at the
display level, and also use a local proxy to fetch external images without
throwing SSL warnings.
This is a rough patch, and the functions may be in the wrong files, but
I'm interested in feedback. Is this feasible? Has it been attempted in
the past and rejected?
Is this the wrong place in the stack to hook `the_comment`? It looks like
this would just modify the display and not the database altering effects
you're talking about.
Thanks!
--
Ticket URL: <http://core.trac.wordpress.org/ticket/19023#comment:4>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list