[wp-hackers] thorough admin SSL

Ryan Boren ryan at boren.nu
Fri Feb 5 21:58:04 UTC 2010


On Wed, Feb 3, 2010 at 4:50 PM, Mike Little <wordpress at zed1.com> wrote:
> I have encountered this on a project before, in particular, wpmu has several
> places hard-coded with 'http' (it also doesn't support a port number in
> urls, but that's another project problem I had to solve).

We're cleaning up the MU links for 3.0. See here:

http://core.trac.wordpress.org/changeset/12978


Core WP/WPMU links that do not obey is_ssl() and the FORCE flags are
bugs. Write tickets, and we'll fix them.  Core will never attempt to
add SSL awareness via filters on the get_option() calls for home and
siteurl because there is insufficient context to apply the SSL rules
properly.  Thus, plugins must use the *_url() API to gain SSL
awareness.


More information about the wp-hackers mailing list