[wp-hackers] thorough admin SSL
Andrew Nacin
wp at andrewnacin.com
Wed Feb 3 21:35:00 UTC 2010
>
> How do I hook into the login page footer? admin_head and admin_footer
> - great. I don't need the wp_head and wp_footer, the front isn't SSL.
> login_head - great, halfway there. What about login_footer? I can't
> see a trace of it. Any other options?
>
It depends on what the link is. There isn't a login_footer action but there
are other options.
OK, for this issue I'm resorting to buffering admin output and
> replacing HTTP with HTTPS (a little more refined than that, but you
> get the idea).
>
You should probably open a ticket (I don't think there is a catch-all one)
on core.trac.wordpress.org with any links you find in core that don't check
HTTP v. HTTPS. There are a few functions we we can easily convert links to
to make sure schema is respected, including home_url(), get_home_url() (as
of today), admin_url(), includes_url(), etc.
More information about the wp-hackers
mailing list