Make WordPress Core

#57017 closed enhancement (fixed)

Non secure links needs to be replaced with the secure ones.

Reported by: haritpanchal's profile haritpanchal Owned by: audrasjb's profile audrasjb
Milestone: 6.2 Priority: low
Severity: trivial Version:
Component: General Keywords: has-patch
Focuses: docs, coding-standards Cc:

Description

I came across the file where two non-secure links were added even if the secure links are active on the web.

Attachments (5)

57017.patch (722 bytes) - added by haritpanchal 16 months ago.
Patch added
57027.patch (729 bytes) - added by rajeshraval786 16 months ago.
Patch added for same link changes.
57028.patch (491 bytes) - added by hiren1094 16 months ago.
Patch added for this "https://core.trac.wordpress.org/ticket/57028" tickit
57029.patch (4.2 KB) - added by krunal265 16 months ago.
patch added.
57017.diff (1.7 KB) - added by itpathsolutions 16 months ago.
Patch added

Download all attachments as: .zip

Change History (49)

@haritpanchal
16 months ago

Patch added

#1 @audrasjb
16 months ago

  • Keywords commit added
  • Milestone changed from Awaiting Review to 6.2
  • Owner set to audrasjb
  • Status changed from new to accepted

Thanks for the ticket and patch.
Self assigning for commit.

#2 @audrasjb
16 months ago

  • Resolution set to fixed
  • Status changed from accepted to closed

In 54759:

Docs: Replace HTTP links with HTTPS in class-json.php docblocks.

Props haritpanchal.
Fixes #57017.
See #56792.

#3 @audrasjb
16 months ago

There is a similar link to http://www.opensource.org/licenses/bsd-license.php in class-IXR.php. Would be nice to address them all at once.

#4 @audrasjb
16 months ago

  • Keywords commit removed

No need to open a new ticket, we can simply add a PR in this one to address the remaining occurrences.

#5 @audrasjb
16 months ago

  • Resolution fixed deleted
  • Status changed from closed to reopened
  • Type changed from enhancement to task (blessed)

Reopening and converting to a task to address other similar issues.

#6 @audrasjb
16 months ago

#57027 was marked as a duplicate.

This ticket was mentioned in Slack in #core by audrasjb. View the logs.


16 months ago

#8 @audrasjb
16 months ago

#57028 was marked as a duplicate.

@rajeshraval786
16 months ago

Patch added for same link changes.

@hiren1094
16 months ago

Patch added for this "https://core.trac.wordpress.org/ticket/57028" tickit

@krunal265
16 months ago

patch added.

#9 @rudlinkon
16 months ago

#57029 was marked as a duplicate.

#10 @audrasjb
16 months ago

@krunal265 Just noting that 57029.patch shouldn't be committed directly to core.

As per #57029, comment 3:

SimplePie is an external library, and this should be reported upstream directly to them: https://github.com/simplepie/simplepie

Last edited 16 months ago by audrasjb (previous) (diff)

#11 @audrasjb
16 months ago

In 54775:

Docs: Replace HTTP links with HTTPS in class-pop3.php docblocks and JS vendor readme file.

Props rajeshraval786, hiren1094.
See #57017, #56792.

@itpathsolutions
16 months ago

Patch added

#12 follow-up: @itpathsolutions
16 months ago

  • Version set to 6.1

@audrasjb

Replaced HTTP links with HTTPS in IRI.php, IPv6.php, class-IXR.php files.

Last edited 16 months ago by itpathsolutions (previous) (diff)

#13 follow-up: @rudlinkon
16 months ago

Thank you @itpathsolutions for the patch but you set the version to 6.1 which is incorrect.

#14 follow-up: @haritpanchal
16 months ago

@itpathsolutions The patch has been added already.

#15 in reply to: ↑ 13 ; follow-up: @itpathsolutions
16 months ago

Replying to rudlinkon:

Thank you @itpathsolutions for the patch but you set the version to 6.1 which is incorrect.

@rudlinkon There is no any options to choose wordpress version 6.2.

#16 in reply to: ↑ 14 ; follow-up: @itpathsolutions
16 months ago

Replying to haritpanchal:

@itpathsolutions The patch has been added already.

@haritpanchal It's a different patch with different files. We Replaced HTTP links with HTTPS in IRI.php, IPv6.php, class-IXR.php files.

#17 in reply to: ↑ 15 ; follow-up: @rudlinkon
16 months ago

Replying to itpathsolutions:

Replying to rudlinkon:

Thank you @itpathsolutions for the patch but you set the version to 6.1 which is incorrect.

@rudlinkon There is no any options to choose wordpress version 6.2.

Actually, you have to choose the version number where the issue has appeared from.

#18 in reply to: ↑ 17 @itpathsolutions
16 months ago

Replying to rudlinkon:

Replying to itpathsolutions:

Replying to rudlinkon:

Thank you @itpathsolutions for the patch but you set the version to 6.1 which is incorrect.

@rudlinkon There is no any options to choose wordpress version 6.2.

Actually, you have to choose the version number where the issue has appeared from.

@rudlinkon The issue was reproduced on WordPress version 6.1, that's why we added a version 6.1.

#19 in reply to: ↑ 16 @haritpanchal
16 months ago

Replying to itpathsolutions: Okay, got it. Thanks!

Replying to haritpanchal:

@itpathsolutions The patch has been added already.

@haritpanchal It's a different patch with different files. We Replaced HTTP links with HTTPS in IRI.php, IPv6.php, class-IXR.php files.

#20 follow-up: @audrasjb
16 months ago

  • Version 6.1 deleted

Removing version 6.1 as it is not the version the issue was introduced :)

Better to keep it empty since those strings were introduced at various moments.

(see this handbook page for more details about the "Version" field)

#21 in reply to: ↑ 20 @rudlinkon
16 months ago

Replying to audrasjb:

Removing version 6.1 as it is not the version the issue was introduced :)

Better to keep it empty since those strings were introduced at various moments.

(see this handbook page for more details about the "Version" field)

Great, thank you @audrasjb

@mukesh27 commented on PR #3652:


15 months ago
#24

@SergeyBiryukov can you plz re-run the job?

@wpfy commented on PR #3652:


15 months ago
#25

Thanks @akramulhasan PR looks good to me.

Thank you so much. You are most welcome!

@audrasjb commented on PR #3652:


15 months ago
#26

I restarted failed jobs.

#27 @audrasjb
15 months ago

  • Keywords changes-requested added

Hi there,

Tests are failing for a good reason: the "URL" used as a value for the xmlns attribute inside SVG images shouldn't be changed to https. It's not really a URL, it's a namespace that looks like a URL. It must be written as it, with http and not https.

@wpfy commented on PR #3652:


15 months ago
#28

Hi @audrasjb , thanks for your feedback.
I have made the changes. All the namespace is now HTTP
What should I do now.
I am not sure, should I create another Pull Request or how my changes will be reached in place.

@rudlinkon commented on PR #3652:


15 months ago
#29

Thank you @akramulhasan for your changes. @audrasjb can you please run the job again?

@wpfy commented on PR #3652:


15 months ago
#30

Thank you @akramulhasan for your changes. @audrasjb can you please run the job again?

Thanks bro

#31 @flixos90
13 months ago

  • Focuses performance removed

Removing performance focus here since this appears to be unrelated and rather about security.

This ticket was mentioned in Slack in #core by costdev. View the logs.


12 months ago

#33 @johnbillion
12 months ago

  • Component changed from General to Bundled Theme

#34 @azaozz
12 months ago

  • Type changed from task (blessed) to enhancement

This ticket seems to be about some documentation enhancements, to change http:// to https:// in links. As such it doesn't need to be a "Task", can be committed at any time even during RC :)

#35 in reply to: ↑ 12 @audrasjb
12 months ago

  • Component changed from Bundled Theme to General
  • Focuses docs added
  • Keywords changes-requested removed
  • Priority changed from normal to low
  • Severity changed from normal to trivial

Replying to itpathsolutions:

@audrasjb

Replaced HTTP links with HTTPS in IRI.php, IPv6.php, class-IXR.php files.

@itpathsolutions sorry but the changes proposed in 57017.diff are on an external library, so this should be proposed upstream on the Requests lib: https://github.com/WordPress/Requests

Therefore, this patch is invalid. Thanks for the patch though!

Now, I'll be going through other patches :)

#36 @audrasjb
12 months ago

@krunal265 57029.patch (Diff API) doesn't look ok to go as it replaces the URL with a 404 one.

#38 @audrasjb
12 months ago

In 55356:

Docs: Replace HTTP with HTTPS in PHP Manual links located in WP_Privacy_Policy_Content class.

Follow-up to [55355].

See #56792, #57017.

@audrasjb commented on PR #3652:


12 months ago
#39

Tests are failing because they this changeset is probably touching some files that need to be build.
Also, it misses more occurrences in readme.txt files. It would be nice to propose a new PR, and to attach it to a specific ticket to replace http links with https specifically on bundled themes. @akramulhasan, would you like to propose a new ticket for this, so it can be handled specifically?

Thanks!

@wpfy commented on PR #3652:


12 months ago
#40

Hi @audrasjb , thanks for the update. I will do it asap.

This ticket was mentioned in Slack in #core by mukeshpanchal27. View the logs.


12 months ago

This ticket was mentioned in Slack in #core by costdev. View the logs.


12 months ago

This ticket was mentioned in Slack in #core by mukeshpanchal27. View the logs.


12 months ago

#44 @audrasjb
12 months ago

  • Resolution set to fixed
  • Status changed from reopened to closed

As there is currently no patch ready to ship, let's close this as fixed for 6.2 release cycle.

Other occurrences can be addressed in a follow-up ticket during the next release cycle.

Thanks everyone!

Note: See TracTickets for help on using tickets.