Make WordPress Core


Ignore:
Timestamp:
01/29/2021 07:09:49 PM (3 years ago)
Author:
flixos90
Message:

Security, Site Health: Improve accuracy in messaging about HTTPS support.

Following up on [49904], this changeset focuses mainly on improving the guidance about the current state of HTTPS in Site Health.

  • Correct the existing copy to indicate that both the Site Address and the WordPress Address need to be changed to fully switch to HTTPS.
  • Link to the respective input fields via anchor links rather than to the overall General Settings screen.
  • Show different copy if the site is using HTTPS for the WordPress Address (for example to have only the administration panel in HTTPS), but not for the Site Address.
  • Inform the user about potential problems even when the site is already using HTTPS, for example if the SSL certificate was no longer valid.
  • Always rely on fresh information for determining HTTPS support issues in Site Health, and therefore change the https_status test to become asynchronous.
  • Rename the new private wp_is_owned_html_output() function to a more appropriate wp_is_local_html_output().

Props adamsilverstein, flixos90, johnjamesjacoby, timothyblynjacobs.
See #47577.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/tests/phpunit/tests/rest-api/rest-schema-setup.php

    r50065 r50072  
    138138            '/wp-site-health/v1/tests/background-updates',
    139139            '/wp-site-health/v1/tests/loopback-requests',
     140            '/wp-site-health/v1/tests/https-status',
    140141            '/wp-site-health/v1/tests/dotorg-communication',
    141142            '/wp-site-health/v1/tests/authorization-header',
Note: See TracChangeset for help on using the changeset viewer.