mirror of
https://github.com/WordPress/WordPress.git
synced 2024-12-23 09:37:42 +01:00
Attachment URLs should only be forced to SSL on the front end.
Detecting SSL status on the Dashboard introduces problems when writing content that is saved to the database and then displayed on the front end, where SSL may be optional (or impossible, due to self-signed certificates). The new approach parallels the logic in `get_home_url()` for forcing HTTPS. See [31614] #15928 for background. Fixes #32112 for trunk. Built from https://develop.svn.wordpress.org/trunk@32342 git-svn-id: http://core.svn.wordpress.org/trunk@32313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
08e3572b7c
commit
e59aaa4f67
@ -4992,12 +4992,9 @@ function wp_get_attachment_url( $post_id = 0 ) {
|
||||
$url = get_the_guid( $post->ID );
|
||||
}
|
||||
|
||||
/*
|
||||
* If currently on SSL, prefer HTTPS URLs when we know they're supported by the domain
|
||||
* (which is to say, when they share the domain name of the current SSL page).
|
||||
*/
|
||||
if ( is_ssl() && 'https' !== substr( $url, 0, 5 ) && parse_url( $url, PHP_URL_HOST ) === $_SERVER['HTTP_HOST'] ) {
|
||||
$url = set_url_scheme( $url, 'https' );
|
||||
// On SSL front-end, URLs should be HTTPS.
|
||||
if ( is_ssl() && ! is_admin() && 'wp-login.php' !== $GLOBALS['pagenow'] ) {
|
||||
$url = set_url_scheme( $url );
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -4,7 +4,7 @@
|
||||
*
|
||||
* @global string $wp_version
|
||||
*/
|
||||
$wp_version = '4.3-alpha-32341';
|
||||
$wp_version = '4.3-alpha-32342';
|
||||
|
||||
/**
|
||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||
|
Loading…
Reference in New Issue
Block a user