id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc,focuses 34109,Incorrect URL scheme for media in the admin area when using administration over HTTPS,johnbillion,jeremyfelt,"It seems that we no longer have a ticket addressing this issue. On a site where `siteurl` and `home` use the `http` scheme but `FORCE_SSL_ADMIN` (or `force_ssl_admin()`) is set to true, media in the admin area is incorrectly served with the `http` scheme and therefore produces mixed content warnings. When `siteurl` uses the `https` scheme, media is served over `https` as expected. This affects the media library, the media manager, featured images, comments on attachments, actively editing an image on its attachment editing screen, and media-new.php. Curiously, the attachment editing screen itself isn't affected until you click 'Edit Image', which means there's most likely a bug there. This was previously tackled by #15928 ([31614]) for 4.2, but was reverted in #32112 ([32342]) for 4.2.2 because it resulted in media with the `https` scheme being inserted into post content, which is not desirable (eg. due to a self-signed cert or restrictions placed on access to the `https` host). It's likely that altering the behaviour of `wp_get_attachment_url()` will have unintended consequences (as above), so we might need to consider the introduction of a new function which is used specifically for media item URLs in the admin context. The introduction of a `$scheme` parameter to `wp_get_attachment_url()` ''might'' work, but probably not.",defect (bug),closed,normal,,Media,,major,wontfix,https has-patch needs-testing bulk-reopened,,administration