REST API: In the admin area, ensure the REST API endpoint URL is forced to `https` when necessary.

In this situation, a site which uses `http` on the front end but `https` in the admin area is more likely to have a working REST API endpoint URL when used in the admin area. Props mohanjith, westonruter, jnylen0 Fixes #36451 Built from https://develop.svn.wordpress.org/trunk@40843 git-svn-id: http://core.svn.wordpress.org/trunk@40694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-25 18:02:41 +00:00 · 2017-05-25 18:02:41 +00:00 · f750a800d0
parent 2117fa8cee
commit f750a800d0
2 changed files with 9 additions and 1 deletions
--- a/wp-includes/rest-api.php
+++ b/wp-includes/rest-api.php
@ -337,6 +337,14 @@ function get_rest_url( $blog_id = null, $path = '/', $scheme = 'rest' ) {
 		}
 	}

+	if ( is_admin() && force_ssl_admin() ) {
+		// In this situation the home URL may be http:, and `is_ssl()` may be
+		// false, but the admin is served over https: (one way or another), so
+		// REST API usage will be blocked by browsers unless it is also served
+		// over HTTPS.
+		$url = set_url_scheme( $url, 'https' );
+	}
+
 	/**
 	 * Filters the REST URL.
 	 *
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@ -4,7 +4,7 @@
 *
 * @global string $wp_version
 */
-$wp_version = '4.8-beta2-40842';
+$wp_version = '4.8-beta2-40843';

 /**
 * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.