[wp-trac] [WordPress Trac] #32112: wp_get_attachment_url returns https when it should not
WordPress Trac
noreply at wordpress.org
Mon Apr 27 13:52:39 UTC 2015
#32112: wp_get_attachment_url returns https when it should not
-------------------------------------+---------------------------
Reporter: zabatonni | Owner: boonebgorges
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: 4.2.1
Component: Media | Version: 4.2
Severity: normal | Resolution:
Keywords: has-patch needs-testing | Focuses:
-------------------------------------+---------------------------
Changes (by boonebgorges):
* keywords: needs-patch => has-patch needs-testing
Comment:
[attachment:32112.diff] modifies the send-attachment-to-editor AJAX
callback so that image sources will always be `http` if the site's
canonical URL is `http`, even when the current request is over SSL. This
is how attachment inserting worked prior to 4.2. This change does not
address any content that has been created since 4.2 - only new content. I
would appreciate testing from anyone who is experiencing the problem (if
testing in production, you only need the small patch for ajax-actions.php,
not the `/tests/` changes).
The change suggested in 32112.diff means that we're rolling back a couple
of improvements that had been introduced in 4.2. (a) A site with non-SSL
homeurl which is administered over SSL will see mixed-content warnings
when using the Visual editor. (b) Front-end visitors to an SSL-optional
site (non-SSL homeurl but accessible over HTTPS) will see mixed-content
warnings when viewing posts with attachments. I've been working on more
focused patches to address these issues within the context of the concerns
raised in this ticket, but since they're not 4.2 regressions, I'll open
separate tickets for them, toward a future milestone.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32112#comment:17>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list