MyGeoPosition.COM – CSS on admin page over SSL
-
If accessing the WordPress admin pages via SSL (e.g. if SSL admin/login is enforced in wp-config.php via
define(‘FORCE_SSL_ADMIN’, true);
define(‘FORCE_SSL_LOGIN’, true);AND if WordPress is still accessed via HTTP by ordinary users (i.e. ‘sitename’ references a https:// scheme), then a mixed-content warning is displayed when downloading the MyGeoPosition CSS on the admin page.
e.g. in Firefox (Firebug Warnings):
Loading mixed (insecure) active content “https://www.sitename.com/wp-content/plugins/mygeopositioncom-geotags-geometatags/mygp_geotags_geometatags.css” on a secure page
Because of the following HTML:
<link rel=”stylesheet” type=”text/css” href=”https://www.sitename.com/wp-content/plugins/mygeopositioncom-geotags-geometatags/mygp_geotags_geometatags.css” />
It seems as if the plugin code just uses the main WordPress siteurl parameter and doesn’t call upon the WordPress is_ssl() function.
Perhaps it’d be better to use plugin_dir_url() and plugin_dir_path() instead of static references to /wp-content/plugins/ in this plugin, e.g. at
define(‘MYGP_GEOTAGS_GEOMETATGS_PLUGINPATH’,get_option(‘siteurl’).’/wp-content/plugins/’.plugin_basename(dirname(__FILE__)).’/’);
https://www.ads-software.com/plugins/mygeopositioncom-geotags-geometatags/
- The topic ‘MyGeoPosition.COM – CSS on admin page over SSL’ is closed to new replies.
