[wp-trac] [WordPress Trac] #47577: Streamline detecting and enabling HTTPS
WordPress Trac
noreply at wordpress.org
Fri Aug 2 14:07:02 UTC 2019
#47577: Streamline detecting and enabling HTTPS
-------------------------------------------------+-------------------------
Reporter: flixos90 | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting
| Review
Component: Administration | Version:
Severity: normal | Resolution:
Keywords: 2nd-opinion needs-unit-tests has- | Focuses:
patch |
-------------------------------------------------+-------------------------
Comment (by miinasikk):
Replying to [comment:6 westonruter]:
> Hyperlinks to other websites would be ignored since merely linking to
another site does not cause a request. Images, videos, iframes, and other
resources would need to be upgraded even on external domains as otherwise
there would be insecure mixed content warnings.
How would you handle the case where external images are not available via
HTTPS? Or are you thinking that perhaps `upgrade-insecure-requests` could
be optional? Or maybe require handling first and/or logging the issues
that need fixing?
Per MDN:
> Note that, if the requested resource is not actually available via
HTTPS, the request will fail without any fallback to HTTP
--
Ticket URL: <https://core.trac.wordpress.org/ticket/47577#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list