#36993 closed enhancement (fixed)
Update links to HTTPS
Reported by: | bhubbard | Owned by: | johnpgreen |
---|---|---|---|
Milestone: | 4.6 | Priority: | normal |
Severity: | normal | Version: | 4.6 |
Component: | General | Keywords: | good-first-bug has-patch commit |
Focuses: | docs | Cc: |
Description
There are many links within WordPress that should be updated to HTTPS by default. You can see a quick example here:
https://github.com/WordPress/WordPress/search?utf8=%E2%9C%93&q=http%3A%2F%2F
A few example of domain links that can be updated to https:
- Links to http://tools.ietf.org/
- Links to http://jquery.org/
- Links to http://www.tinymce.com
- Links to http://www.w3.org/
- etc
Attachments (2)
Change History (13)
#1
in reply to:
↑ description
@
8 years ago
- Focuses docs added
- Keywords good-first-bug added
#4
@
8 years ago
- Keywords needs-patch added
- Milestone changed from Awaiting Review to Future Release
- Owner set to johnpgreen
- Status changed from new to assigned
#5
@
8 years ago
- Keywords has-patch added; needs-patch removed
First attempt at patch attached.
I searched the source code for the string "http://" and replaced with the resolved "https://" URL when they both resolved to identical pages. This includes standardizing all PHP.net references to the "secure" subdomain.
I avoided making any modifications to URLs that returned 404 errors on both http and https.
I also avoided touching any files that seemed to be included libraries (i.e. SimplePie, ID3), as I assume that's up to their respective maintainers.
#6
@
8 years ago
- Keywords needs-refresh added
Awesome @johnpgreen, patch looks great, nice work on the URLs you didn't change +1
A couple of issues if you could refresh your patch with these changes please:
- Remove the harvard.edu HTTPS change and leave it as HTTP, there are mixed content warnings and even though the certificate appears valid I'm not confident in the hardvard.edu HTTPS configuration I see, anyone else with opinions? See https://cyber.law.harvard.edu
- Change
http://php.net/date
tohttps://secure.php.net/date
, they both redirect to the same locationhttps://secure.php.net/manual/en/function.date.php
and the "short url" helps keep comment line lengths shorter.
- I don't think we should use any shortlink services for URLs in WordPress, change
https://bit.ly/89QxZA
tohttps://en.wikipedia.org/wiki/Motion_Picture_Association_of_America_film_rating_system
Previously #27115, and to note that *ALL* of the below URLs already redirect to their HTTPS enabled site automatically:
Also: