[wp-trac] [WordPress Trac] #32186: URL Scheme on media attachments is incorrectly set to https when administration performed over SSL
WordPress Trac
noreply at wordpress.org
Wed Apr 29 12:31:11 UTC 2015
#32186: URL Scheme on media attachments is incorrectly set to https when
administration performed over SSL
--------------------------+------------------------
Reporter: khlo | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: Media | Version: 4.2
Severity: normal | Resolution: duplicate
Keywords: | Focuses:
--------------------------+------------------------
Description changed by SergeyBiryukov:
Old description:
> My site is set up as follows:
> * Administration is performed at https://example.com/wp-admin. This uses
> a self-signed SSL certificate to protect against eavesdropping (e.g. on
> public wi-fi).
> * The front-end is accessed through http://example.com.
> * Our Wordpress siteurl is set to http://example.com.
> * We use `define('FORCE_SSL_ADMIN', true);` in wp-config.php to enforce
> SSL on the admin (but not on the front-end).
>
> In Wordpress 4.2, [https://core.trac.wordpress.org/changeset/31614
> changeset #31614] was introduced to fix
> [https://core.trac.wordpress.org/ticket/15928 ticket #15928].
>
> Unfortunately, this has broken images on our website. As administration
> is being performed over SSL, `wp_get_attachment_url()` returns an image
> with the https:// URL schema. This is then saved in the post. When
> readers access the post through our http front-end, images will not load
> as the img src attribute uses https (not available due to the self-signed
> certificate).
>
> Expected behaviour: `wp_get_attachment_url()` should use the same URL
> schema as siteurl (i.e. it should use the http schema as we've
> specifically set this in our siteurl).
New description:
My site is set up as follows:
* Administration is performed at https://example.com/wp-admin. This uses a
self-signed SSL certificate to protect against eavesdropping (e.g. on
public wi-fi).
* The front-end is accessed through http://example.com.
* Our WordPress siteurl is set to http://example.com.
* We use `define('FORCE_SSL_ADMIN', true);` in wp-config.php to enforce
SSL on the admin (but not on the front-end).
In WordPress 4.2, changeset [31614] was introduced to fix ticket #15928.
Unfortunately, this has broken images on our website. As administration is
being performed over SSL, `wp_get_attachment_url()` returns an image with
the https:// URL schema. This is then saved in the post. When readers
access the post through our http front-end, images will not load as the
img src attribute uses https (not available due to the self-signed
certificate).
Expected behaviour: `wp_get_attachment_url()` should use the same URL
schema as siteurl (i.e. it should use the http schema as we've
specifically set this in our siteurl).
--
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32186#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list