Check the SSL Labs API for external domains

tollmanz / wordpress-https-mixed-content-detector

Monitor a WordPress site served over TLS for mixed content warnings

22 stars 3 forks source link

Check the SSL Labs API for external domains #22

Closed johnbillion closed 9 years ago

johnbillion commented 9 years ago

Just putting this out there as an idea.

For each external domain that gets blocked and then gets re-requested over HTTPS (see #21) and succeeds, we could then asynchronously hit the SSL Labs API for that domain name to fetch its rating and show that next to each violation report.

We'd need some logic in there so that the report for each domain is cached and we only request it once (and atomically) for each domain name, to avoid placing too much load on the SSL Labs API.

tollmanz commented 9 years ago

I love this idea, but am not sure if it should be in this plugin. I like the idea so much that I want a report on every single HTTPS asset the site includes. As such, I think a separate plugin is called for. I would then love to leverage that plugin to provide the grades for the external domains surfaced as violations in this plugin.

Thoughts?

johnbillion commented 9 years ago

I concur.

tollmanz commented 9 years ago

So...it'll be ready next week?

Closing this until you are done with the plugin.