https atom service document doesn't point to https collections
|Reported by:||rubys||Owned by:||westi|
It turns out that specifying https://<your_blog_here>.wordpress.com/wp-app.php doesn't actually get you a secure connection... all it does it retrieves a relatively static service document securely. Unfortunately, that document points you to unsecured collections and category documents.
The fix is relatively straightforward, and attached as a patch. But there is a second problem in that users of RSD will never discover the secure connection (unlike xml-rpc, supporting https is a requirement for AtomPub). This is also included in the patch.
Finally, there is a small issue with the RSD in that Atom doesn't have a notion of a "blogID", and the definition of RSD indicates that blogID should be "" in such circumstances. That, too, is included in the patch.
Change History (15)
comment:2 foolswisdom — 6 years ago
- Keywords has-patch added
- Milestone changed from 2.5 to 2.4
- Version set to 2.3.1
- Owner changed from anonymous to westi
- Status changed from new to assigned