[wp-trac] [WordPress Trac] #49515: SSL requirement during installation with SQL command through admin if mixed content
WordPress Trac
noreply at wordpress.org
Fri Aug 14 20:47:05 UTC 2020
#49515: SSL requirement during installation with SQL command through admin if mixed
content
--------------------------------------+---------------------------------
Reporter: bjornenio | Owner: (none)
Type: feature request | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Upgrade/Install | Version:
Severity: normal | Resolution:
Keywords: needs-patch dev-feedback | Focuses: ui, administration
--------------------------------------+---------------------------------
Comment (by WiZZarD_):
This seems like a good idea to me. However, the check using
{{{#!php
$_SERVER['HTTPS']
}}}
wouldn't be optimal. As stated in
https://www.php.net/manual/en/reserved.variables.server.php this is set to
a non-empty value if the script was queried through the HTTPS protocol.
Ideally, you'd want to check for the capability of a secured connection,
not if the user is already using it.
My approach would be to test the given site-url for SSL capabilities, by
using something like [https://www.php.net/manual/en/function.fsockopen.php
fsockopen()]. If the url can be accessed through a secure connection ask
the user if it wants to use that instead. If it's not possible, just
proceed with the install.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/49515#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list