Context Navigation

← Previous Ticket
Next Ticket →

#20702 closed defect (bug) (fixed)

Theme Customizer: Insecure content warnings when loading preview

Reported by:	ryan	Owned by:
Milestone:	3.4	Priority:	normal
Severity:	normal	Version:	3.4
Component:	Customize	Keywords:
Focuses:		Cc:

Description

When visiting the customizer over ssl, https should be used for all links to resources. This includes the link used for the XHR request to the frontend to populate the preview. Further, the default themes should also use https links for all resources when visited over ssl.

Attachments (1)

20702.diff (4.7 KB) - added by ryan 13 years ago.

Download all attachments as: .zip

Change History (5)

@ryan
13 years ago

Attachment 20702.diff added

#1 @ryan
13 years ago

Patch loads the preview via SSL if is_ssl() and no domain mapping. Fixes some links to image headers. Includes set_url_scheme() from #18017.

#2 @ryan
13 years ago

In [20829]:

Load the customize preview over ssl if the customize admin page is loaded over ssl and the frontend and admin are on the same domain. This avoids insecure content warnings and allows a more complete preview in browsers such as Chrome that block loading of css until user confirmation allows mixed content loading. see #20702

#3 @ryan
13 years ago

In [20830]:

set_url_scheme() for header and background image srcs. see #20702

#4 @ryan
13 years ago

Resolution set to fixed
Status changed from new to closed

Note: See TracTickets for help on using tickets.

Trac UI Preferences

Download in other formats:

Make WordPress Core