WordPress.org

Make WordPress Core

Ticket #29727: 29727.2.diff

File 29727.2.diff, 408 bytes (added by thomaswm, 6 years ago)

Send "Upgrade Insecure Requests" HTTP header

  • wp-includes/class-wp.php

     
    437437                        }
    438438                }
    439439
     440                if ( is_ssl() ) {
     441                        $headers['Content-Security-Policy'] = 'upgrade-insecure-requests';
     442                }
     443               
     444               
    440445                /**
    441446                 * Filter the HTTP headers before they're sent to the browser.
    442447                 *