Make WordPress Core


Ignore:
Timestamp:
05/29/2014 03:58:41 AM (10 years ago)
Author:
nacin
Message:

Forcing SSL logins now forces SSL for the entire admin, with no middle ground.

fixes #10267.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/link-template.php

    r28590 r28609  
    28462846function set_url_scheme( $url, $scheme = null ) {
    28472847    $orig_scheme = $scheme;
    2848     if ( ! in_array( $scheme, array( 'http', 'https', 'relative' ) ) ) {
    2849         if ( ( 'login_post' == $scheme || 'rpc' == $scheme ) && ( force_ssl_login() || force_ssl_admin() ) )
    2850             $scheme = 'https';
    2851         elseif ( ( 'login' == $scheme ) && force_ssl_admin() )
    2852             $scheme = 'https';
    2853         elseif ( ( 'admin' == $scheme ) && force_ssl_admin() )
    2854             $scheme = 'https';
    2855         else
    2856             $scheme = ( is_ssl() ? 'https' : 'http' );
     2848
     2849    if ( ! $scheme ) {
     2850        $scheme = is_ssl() ? 'https' : 'http';
     2851    } elseif ( $scheme === 'admin' || $scheme === 'login' || $scheme === 'login_post' || $scheme === 'rpc' ) {
     2852        $scheme = is_ssl() || force_ssl_admin() ? 'https' : 'http';
     2853    } elseif ( $scheme !== 'http' && $scheme !== 'https' && $scheme !== 'relative' ) {
     2854        $scheme = is_ssl() ? 'https' : 'http';
    28572855    }
    28582856
Note: See TracChangeset for help on using the changeset viewer.