Add support for https: protocol

bobbingwide / oik

OIK Information Kit

https://www.oik-plugins.com/oik-plugins/oik

GNU General Public License v2.0

2 stars 0 forks source link

Add support for https: protocol #70

Closed bobbingwide closed 5 years ago

bobbingwide commented 7 years ago

Some logic in the oik plugin is used to generate URLs which are displayed on the page. If the site has an SSL certificate, and is capable of using the https protocol then it should be using https for all requests to avoid getting warning messages in the Browser.

Mixed Content: The page at 'https://wp-a2z.org/wp-login.php?redirect_to=https%3A%2F%2Fwp-a2z.org%2Fwp-admin%2F&reauth=1' 
was loaded over HTTPS, but requested an insecure image 
'http://wp-a2z.org/wp-content/uploads/2016/03/wordpress-icon-256x256.jpg'. 
This content should also be served over HTTPS.

This is good for SEO.

Proposed solution

Steps to start using https are.

Obtain and install an SSL Certificate.
Demonstrate you can access the site using https://
Switch siteurl and home to https://
Some other things

bobbingwide commented 7 years ago

Areas which need changing are:

File	Logic	Proposed Change
shortcodes/oik-googlemap.php	[bw_show_googlemap] shortcode	Use set_url_scheme() for "http://maps.googleapis.com/maps/api/js?&region=GB"
shortcodes/oik-domain.php	[bw_wpadmin]	use set_url_scheme() rather than hardcoded http://
oik.php	Enqueue stylesheets	Use plugins_url() rather than WP_PLUGIN_URL

bobbingwide commented 7 years ago

Note:

http:// in comments will not be changed.
Use of http:// in the parameter to set_url_scheme() need not be changed.

Other areas which need changing are:

File	Logic	Proposed change
shortcodes/oik-follow.php	_bw_social_scheme	Remove function and change code that called it to use https as default
admin/oik-admin.inc	oik_get_plugins_server, OIK_PLUGINS_COM and OIK_PLUGINS_COUK	Use https:. Define the constants if not already defined. Note: In the latest code this function may not actually be used.
includes/oik-remote.inc	oik_lazy_themes_api_result	Use https: in hardcoded URL.
libs/class-oik-remote.php	oik_lazy_themes_api_result	Set $url = oik_update::oik_get_themes_server()
libs/class-oik-update.php	oik_get_plugins_server	Use https:
shortcodes/oik-bob-bing-wide.php	bw_loik	Use https: in hardcoded URL
shortcodes/oik-button.php	bw_button__example	Use https: in hardcoded URL
shortcodes/oik-codes.php	bw_code_example_link	Use https: in hardcoded URL

Note: Some of the tests for these changes are in oik-libs

bobbingwide commented 7 years ago

Note: In the PHP Unit test output we sometimes see http: even when using set_url_scheme(). This is a feature of PHPUnit testing. You'll also discover that site_url() and home_url() produce different results under PHPUnit even when the options values are both set with https://. Go figure.

bobbingwide commented 5 years ago

You'll also discover that site_url() and home_url() produce different results

I suffered from this problem again recently while developing new logic for oik-clone which is run on the command line.

The set_master method uses get_site_url() which returns the URL with a scheme of http even though the siteurl option is https://s.b/wordpress .

Note: home is also https://s.b/wordpress.