Opened 4 years ago
Last modified 4 years ago
#52730 new defect (bug)
Mixed content error with RSS widget
Reported by: | gregmagn1 | Owned by: | |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | normal | Version: | 5.6.2 |
Component: | Widgets | Keywords: | needs-patch reporter-feedback |
Focuses: | ui | Cc: |
Description
To avoid SSL Mixed content warning, it is needed to force the RSS icon to load with https
Change History (4)
#3
@
4 years ago
Hi. My WordPress address use https. All other pictures, icons and plugins contents served secured content correctly. The only icon that makes problem with "Mixed Content Warning" is the RSS plugin icon ...
#4
@
4 years ago
- Keywords reporter-feedback added
Hi @gregmagn1,
Can you provide some additional details? Which theme are you using? Also, have you tested this on a fresh install?
@sabernhardt is correct in that the RSS icon is output by passing the URL through the includes_url()
function. Ultimately, is_ssl()
is called to detect whether the site supports SSL or not.
It's likely code on your site is either filtering the result of includes_url()
or set_url_scheme()
, or something is incorrectly configured causing WordPress to guess wrong in this situation, It could also be an issue in Core, but there is not enough information for the reasons to be clear yet.
@gregmagn1 Thanks for the report!
If your WordPress Address (Site URL) setting uses "https" then I don't think the icon should be served insecurely (unless a plugin filters
includes_url
).However, this might be a good situation for using the
includes_url
function's "relative" argument in class-wp-widget-rss.php:If forcing secure, it could be more like this: