[wp-trac] [WordPress Trac] #47577: Streamline detecting and enabling HTTPS
WordPress Trac
noreply at wordpress.org
Fri Aug 16 17:45:42 UTC 2019
#47577: Streamline detecting and enabling HTTPS
-------------------------------------------------+-------------------------
Reporter: flixos90 | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting
| Review
Component: Administration | Version:
Severity: normal | Resolution:
Keywords: 2nd-opinion needs-unit-tests has- | Focuses:
patch |
-------------------------------------------------+-------------------------
Comment (by westonruter):
If a site switches to HTTPS but they have HTTP resources, then (as I
understand):
1. Without `upgrade-insecure-requests`, insecure scripts will be blocked
and insecure media will cause warnings.
2. With `upgrade-insecure-requests`, all insecure resources will
automatically be updated to HTTPS. If the hosts for the resources support
HTTPS, then everything will work seamlessly. If a hosted resource is not
available on HTTPS (scripts and media), then it will fail.
In both cases, the user would need to check their site to check for
problems (unless it's for a new install). But my expectation is that
`upgrade-insecure-requests` will generally result in fewer errors, though
the ones that do occur (e.g. for images) will be harder (failures instead
of warnings). So 2 seems like a better 80% solution.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/47577#comment:10>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list