#34299 closed enhancement (fixed)
Force the REST API endpoint to HTTPS when appropriate
Reported by: | johnbillion | Owned by: | johnbillion |
---|---|---|---|
Milestone: | 4.4 | Priority: | normal |
Severity: | normal | Version: | 4.4 |
Component: | REST API | Keywords: | has-patch has-unit-tests |
Focuses: | Cc: |
Description
Given a site which runs over http
but the admin area runs over https
(for example via FORCE_SSL_ADMIN
), the REST API endpoint will point to an http
URL in the admin area. This makes the endpoint inaccessible to clients due to cross-protocol restrictions.
An example of where this is visible is the REST API Console plugin.
If the host name of the REST API endpoint matches the host name of the current request, then the REST API endpoint URL can be forced to https
.
Previous discussion:
Attachments (1)
Change History (10)
#1
@
9 years ago
- Keywords has-patch needs-unit-tests added
- Milestone changed from Awaiting Review to 4.4
#6
@
9 years ago
- Keywords has-unit-tests added; needs-unit-tests removed
- Resolution fixed deleted
- Status changed from closed to reopened
This ticket was mentioned in Slack in #core by johnbillion. View the logs.
9 years ago
Note: See
TracTickets for help on using
tickets.
Related issue and discussion: https://github.com/WP-API/WP-API/issues/259