Opened 2 years ago
Closed 23 months ago
#57017 closed enhancement (fixed)
Non secure links needs to be replaced with the secure ones.
Reported by: | haritpanchal | Owned by: | audrasjb |
---|---|---|---|
Milestone: | 6.2 | Priority: | low |
Severity: | trivial | Version: | |
Component: | General | Keywords: | has-patch |
Focuses: | docs, coding-standards | Cc: |
Description
I came across the file where two non-secure links were added even if the secure links are active on the web.
Attachments (5)
Change History (49)
#1
@
2 years ago
- Keywords commit added
- Milestone changed from Awaiting Review to 6.2
- Owner set to audrasjb
- Status changed from new to accepted
Thanks for the ticket and patch.
Self assigning for commit
.
#3
@
2 years ago
There is a similar link to http://www.opensource.org/licenses/bsd-license.php
in class-IXR.php
. Would be nice to address them all at once.
#4
@
2 years ago
- Keywords commit removed
No need to open a new ticket, we can simply add a PR in this one to address the remaining occurrences.
#5
@
2 years ago
- Resolution fixed deleted
- Status changed from closed to reopened
- Type changed from enhancement to task (blessed)
Reopening and converting to a task to address other similar issues.
This ticket was mentioned in Slack in #core by audrasjb. View the logs.
2 years ago
#10
@
2 years ago
@krunal265 Just noting that 57029.patch
shouldn't be committed directly to core.
As per #57029, comment 3:
SimplePie is an external library, and this should be reported upstream directly to them: https://github.com/simplepie/simplepie
#12
follow-up:
↓ 35
@
2 years ago
- Version set to 6.1
@audrasjb
Replaced HTTP links with HTTPS in IRI.php, IPv6.php, class-IXR.php files.
#13
follow-up:
↓ 15
@
2 years ago
Thank you @itpathsolutions for the patch but you set the version to 6.1 which is incorrect.
#15
in reply to:
↑ 13
;
follow-up:
↓ 17
@
2 years ago
Replying to rudlinkon:
Thank you @itpathsolutions for the patch but you set the version to 6.1 which is incorrect.
@rudlinkon There is no any options to choose wordpress version 6.2.
#16
in reply to:
↑ 14
;
follow-up:
↓ 19
@
2 years ago
Replying to haritpanchal:
@itpathsolutions The patch has been added already.
@haritpanchal It's a different patch with different files. We Replaced HTTP links with HTTPS in IRI.php, IPv6.php, class-IXR.php files.
#17
in reply to:
↑ 15
;
follow-up:
↓ 18
@
2 years ago
Replying to itpathsolutions:
Replying to rudlinkon:
Thank you @itpathsolutions for the patch but you set the version to 6.1 which is incorrect.
@rudlinkon There is no any options to choose wordpress version 6.2.
Actually, you have to choose the version number where the issue has appeared from.
#18
in reply to:
↑ 17
@
2 years ago
Replying to rudlinkon:
Replying to itpathsolutions:
Replying to rudlinkon:
Thank you @itpathsolutions for the patch but you set the version to 6.1 which is incorrect.
@rudlinkon There is no any options to choose wordpress version 6.2.
Actually, you have to choose the version number where the issue has appeared from.
@rudlinkon The issue was reproduced on WordPress version 6.1, that's why we added a version 6.1.
#19
in reply to:
↑ 16
@
2 years ago
Replying to itpathsolutions: Okay, got it. Thanks!
Replying to haritpanchal:
@itpathsolutions The patch has been added already.
@haritpanchal It's a different patch with different files. We Replaced HTTP links with HTTPS in IRI.php, IPv6.php, class-IXR.php files.
#20
follow-up:
↓ 21
@
2 years ago
- Version 6.1 deleted
Removing version 6.1 as it is not the version the issue was introduced :)
Better to keep it empty since those strings were introduced at various moments.
(see this handbook page for more details about the "Version" field)
#21
in reply to:
↑ 20
@
2 years ago
Replying to audrasjb:
Removing version 6.1 as it is not the version the issue was introduced :)
Better to keep it empty since those strings were introduced at various moments.
(see this handbook page for more details about the "Version" field)
Great, thank you @audrasjb
This ticket was mentioned in PR #3651 on WordPress/wordpress-develop by ShamimWP.
2 years ago
#22
Trac ticket: https://core.trac.wordpress.org/ticket/57017
This ticket was mentioned in PR #3652 on WordPress/wordpress-develop by @wpfy.
2 years ago
#23
Trac ticket: https://core.trac.wordpress.org/ticket/57017
@mukesh27 commented on PR #3652:
2 years ago
#24
@SergeyBiryukov can you plz re-run the job?
@audrasjb commented on PR #3652:
2 years ago
#26
I restarted failed jobs.
#27
@
2 years ago
- Keywords changes-requested added
Hi there,
Tests are failing for a good reason: the "URL" used as a value for the xmlns
attribute inside SVG images shouldn't be changed to https
. It's not really a URL, it's a namespace that looks like a URL. It must be written as it, with http
and not https
.
2 years ago
#28
Hi @audrasjb , thanks for your feedback.
I have made the changes. All the namespace is now HTTP
What should I do now.
I am not sure, should I create another Pull Request or how my changes will be reached in place.
@rudlinkon commented on PR #3652:
2 years ago
#29
Thank you @akramulhasan for your changes. @audrasjb can you please run the job again?
2 years ago
#30
Thank you @akramulhasan for your changes. @audrasjb can you please run the job again?
Thanks bro
#31
@
2 years ago
- Focuses performance removed
Removing performance
focus here since this appears to be unrelated and rather about security.
This ticket was mentioned in Slack in #core by costdev. View the logs.
2 years ago
#34
@
2 years ago
- Type changed from task (blessed) to enhancement
This ticket seems to be about some documentation enhancements, to change http://
to https://
in links. As such it doesn't need to be a "Task", can be committed at any time even during RC :)
#35
in reply to:
↑ 12
@
2 years ago
- Component changed from Bundled Theme to General
- Focuses docs added
- Keywords changes-requested removed
- Priority changed from normal to low
- Severity changed from normal to trivial
Replying to itpathsolutions:
@audrasjb
Replaced HTTP links with HTTPS in IRI.php, IPv6.php, class-IXR.php files.
@itpathsolutions sorry but the changes proposed in 57017.diff
are on an external library, so this should be proposed upstream on the Requests lib: https://github.com/WordPress/Requests
Therefore, this patch is invalid. Thanks for the patch though!
Now, I'll be going through other patches :)
#36
@
2 years ago
@krunal265 57029.patch
(Diff API) doesn't look ok to go as it replaces the URL with a 404 one.
@audrasjb commented on PR #3651:
2 years ago
#37
Thanks, committed in https://core.trac.wordpress.org/changeset/55355
@audrasjb commented on PR #3652:
2 years ago
#39
Tests are failing because they this changeset is probably touching some files that need to be build.
Also, it misses more occurrences in readme.txt files. It would be nice to propose a new PR, and to attach it to a specific ticket to replace http links with https specifically on bundled themes. @akramulhasan, would you like to propose a new ticket for this, so it can be handled specifically?
Thanks!
Patch added