Opened 12 years ago
Closed 12 years ago
#20996 closed defect (bug) (duplicate)
wp_get_attachment_url() ignoring HTTPS
Reported by: | xsign.dll | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 3.4 |
Component: | Security | Keywords: | |
Focuses: | Cc: |
Description
SSL is ignored in wp_get_attachment_url() so that a HTTPS website gets invalidated by unsecure content.
Steps to reproduce:
- Add to wp-config.php: define('FORCE_SSL_ADMIN', true);
- Use e.g. the_post_thumbnail() in a theme. This function calls wp_get_attachment_url()
- Visit website via HTTPS => Browser error occurs
Hotfix below. Add to function.php
# Correct SSL Bug function correct_url_ssl($url) { if( function_exists('is_ssl') && is_ssl() ) { return str_replace('http://', 'https://', $url); } return $url; } add_filter('wp_get_attachment_url', 'correct_url_ssl');
Kind regards,
- Wolf
xsigndll.com
Change History (1)
Note: See
TracTickets for help on using
tickets.
#15928