WordPress.org

Make WordPress Core

Opened 5 years ago

Closed 5 years ago

#10079 closed defect (bug) (invalid)

Codepress not loaded when using administration over SSL

Reported by: riivolepp Owned by:
Milestone: Priority: normal
Severity: normal Version: 2.8
Component: Administration Keywords: reporter-feedback
Focuses: Cc:

Description

Codepress not loaded correctly when setting up Administration over SSL as described in http://codex.wordpress.org/Administration_Over_SSL
Browser gives javascript error when accessing Appearance->Editor on admin console. Editor box is grayed out.

Error: Permission denied to get property Window.CodePress
Source File: https://sitename/wp-admin/load-scripts.php?c=1&load=hoverIntent,common,jquery-color,codepress&ver=58ac14fb6d0d5c1f84fcfac47a249dae
Line: 30

Change History (5)

comment:1 azaozz5 years ago

  • Keywords reporter-feedback added

Seems like CodePress problem. It can be turned off from Screen Options. When you look in the page source, is var codepress_path = 'http... defined properly?

comment:2 riivolepp5 years ago

It's set as following:
var codepress_path = 'https://sitename/wp-includes/js/codepress/';

Also tried to manually change it to http://.. but it will give exactly the same error.
I searched from code that this variable only used by codepress.js #43.

When access file https://sitename/wp-includes/js/codepress/codepress.html directly from browser it will redirected correctly to http://sitename/wp-includes/js/codepress/codepress.html

I think the problem is that browser security doesn't run http: scripts when main page comes from https:

As a workaround I copied codepress catalog to /wp-admin/js and changed codepress_path to that.

comment:3 dd325 years ago

When access file https://sitename/wp-includes/js/codepress/codepress.html directly from browser it will redirected correctly to http://sitename/wp-includes/js/codepress/codepress.html

I think thats your problem.. It shouldnt be redirected to the non-https version at all. It should stay as a https site.

from what i can see, Codepress itself doesnt contain any code which would affect https..

comment:4 riivolepp5 years ago

Redirection is made by Apache because of redirection rules given in http://codex.wordpress.org/Administration_Over_SSL

<VirtualHost nnn.nnn.nnn.nnn:443>

ServerName www.mysite.com

SSLEngine On
SSLCertificateFile /etc/apache2/ssl/thissite.crt
SSLCertificateKeyFile /etc/apache2/ssl/thissite.pem
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

DocumentRoot /var/www/mysite

<IfModule mod_rewrite.c>

RewriteEngine On
RewriteRule ^/wp-admin/(.*) - [C]
RewriteRule /(.*) http://www.mysite.com/$1 [QSA,L]

</IfModule>
...

</VirtualHost>

comment:5 dd325 years ago

  • Milestone 2.8 deleted
  • Resolution set to invalid
  • Status changed from new to closed

Ah. Someone will need to update the docs then to allow wp-includes on the SSL side of things..

Closing as invalid as this has nothing to do with core, and is just a docs thing..

Note: See TracTickets for help on using tickets.