myktra

here’s an alternative version i’ve used on a different plugin; i wrote a function for it:


function url_sslize($value) {
return (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? str_replace('https://', 'https://', $value) : $value;
}


i might be wrong, but i think this covers a special case when running your WordPress install on Windows/IIS – if you were that crazy ?? it could also be a bit more foolproof and only replace the protocol if it appears at the start of the string.

Yes, this is a problem with many WordPress plugins I have encountered, including WP-Cufon and ShareThis. The experience is especially irritating for IE users who are interrupted with a dialog in addition to the typical warning icon.

A recommendation to plug-in developers was made recently…you might want to check it out for the backstory.

https://www.ads-software.com/support/topic/326061?replies=2

The Google Analytics plug-in is a good example of how to do it right…it uses a WordPress API (wp_enqueue_script) to serve its JS, and the Google JS itself encodes its own external link references to ensure content is served over HTTPS is an SSL environment. But there are still plugins like ShareThis that download resources from its own servers…and it’s unclear whether you can fetch those over an SSL connection as well.

I have tried the HTTPS for WordPress plugin and sadly it won’t fix the mistakes made by plugin developers. Sounds like the only immediate workaround is to hack any bad-behaving plugin scripts.