[wp-hackers] forcing siteurl to HTTPS in admin

Dion Hulse (dd32) wordpress at dd32.id.au
Sun Dec 20 22:41:52 UTC 2009


My thought is, That is_admin() is possibly false at the time your filter  
is called.. Else i see no reason why it wouldnt work.
try removing that and see if it forces everything to https?

On Mon, 21 Dec 2009 02:22:43 +1100, Steve Taylor <steve at sltaylor.co.uk>  
wrote:

> Hi there,
>
> I'm using FORCE_SSL_ADMIN, and I'm trying to overcome the problem when
> a public user (e.g. a subscriber) goes to their profile page and gets
> a "Do you want to display insecure items?" notice. It looks like the
> default in IE for this question has changed from "Yes" to "No" - and
> "No" can block some references to images and scripts.
>
> As ever I tried just sticking a filter in my theme code, but I made it
> a tiny plugin on the strength that the filter will get applied earlier
> in the processing. This is the code:
>
> function slt_adminURL( $value ) {
> 	if ( is_admin() && FORCE_SSL_ADMIN && substr( $value, 0, 8 ) !=  
> "https://" )
> 		$value = str_replace( "http://", "https://", $value );
> 	return $value;
> }
> add_filter( 'option_siteurl', 'slt_adminURL', 0 );
> add_filter( 'option_url', 'slt_adminURL', 0 );
>
> However, there's still a few plugins returning HTTP URLs. It all seems
> to come down to WP_CONTENT_URL being defined in wp-settings.php. It
> uses get_option('siteurl'), but I guess the settings are loaded so
> early that the above filters have no chance.
>
> Any ideas on how to do this? I thought of setting WP_CONTENT_URL in
> wp-config.php, but I guess I would have to do a "manual" check on the
> request URL to decide whether we're in admin or not, and hence whether
> to apply HTTPS or not?
>
> Or is the best approach to set up some kind of filtering of the HTML
> before output in admin, if that's possible?
>
> cheers,
>
> Steve Taylor
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>


-- 
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/


More information about the wp-hackers mailing list