[wp-trac] [WordPress Trac] #26800: Multisite is hardcoded to redirect to http:// for invalid domains
WordPress Trac
noreply at wordpress.org
Fri Jan 24 08:46:10 UTC 2014
#26800: Multisite is hardcoded to redirect to http:// for invalid domains
------------------------------------+-----------------------------
Reporter: glen.pike.hf | Owner:
Type: defect (bug) | Status: new
Priority: low | Milestone: Future Release
Component: Bootstrap/Load | Version: 3.0
Severity: minor | Resolution:
Keywords: has-patch dev-feedback | Focuses: multisite
------------------------------------+-----------------------------
Comment (by glen.pike.hf):
> It seems the answer here isn't necessarily checking for the scheme of
the request, but checking for a desired scheme assigned to the
`$current_site->domain` the redirect will be made to. If the domain
requested is invalid, there's nothing saying that the scheme is valid.
That makes sense to me.
>
> I guess one question would be whether forcing SSL in this scenario
should occur in WordPress core, or in the web server configuration as an
immediate redirect.
Our particular Wordpress setup is such that we have a WP host on port 80,
but it is behind a proxy serving on SSL. The visitor sees WP on https://
but Wordpress' Apache config is not.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/26800#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list