#20137 closed defect (bug) (fixed)
Security Warning when customizing a theme
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Priority: | normal | Milestone: | 3.4 |
| Component: | General | Version: | 3.4 |
| Severity: | normal | Keywords: | has-patch |
| Cc: | matt@… |
Description
When a site using https, when a user chooses 'customize theme' on the themes page (version 3.4-alpha-20032) a security warning is displayed stating that some content will not be display via a secure connection.
Looking deeper, the previewed theme dose not honor "define('FORCE_SSL_ADMIN', true);" and is out put via an insecure connection.
Attachments (1)
Change History (10)
- Keywords has-patch added
20137.patch should work for links from get_permalink or wp_enqueue_script but not for hardcoded links.
Just a s/http/https/ could break things.
- Cc matt@… added
Replying to ocean90:
And the current preview doesn't have a warning?
Correct, in 3.3.1, no error is displayed when previewing a theme under the same setup.
comment:6
koopersmith — 15 months ago
- Resolution set to fixed
- Status changed from assigned to closed
In [20051]:
- Resolution fixed deleted
- Status changed from closed to reopened
Is there a reason for get_home_url( null, '/', $scheme ) rather than home_url( '/', $scheme )?
comment:8
koopersmith — 15 months ago
- Resolution set to fixed
- Status changed from reopened to closed
In [20057]:
And the current preview doesn't have a warning?