Closed Bug 888068 Opened 8 years ago Closed 8 years ago

Change Default 'Add Media From URL' from HTTP to HTTPS


(Websites Graveyard ::, defect)

Not set


(Not tracked)



(Reporter: bensternthal, Unassigned)




(1 file)

Attached image Screenshot Of Settings
I would give this a low priority as:

- Users can just change the link
- I would not presume most of these sites support https
Blocks: 888069
No longer blocks: 888069
I think this is a wontfix.

According to wordpress documentation:

Depending on the site you are linking from, this method will not upload the document/file to your blog’s Media Library. Files will be uploaded from specific sites like Blogger in order to provide a smoother, faster, and more reliable experience. 

So for blogger the image will be uploaded to us and served via https.

For other sites, it just puts in the URL. In this scenario I would not pre-suppose that the embedded images are available via https. From my audit of the content on the blog.. it looked like most images referenced on external sites - were from personal sites that did not support https.
Closed: 8 years ago
Resolution: --- → WONTFIX
I go to
I click Add Media
I click Insert from URL
I insert
I click Insert Into Post

The following is added to my post:
<img src="" width="637" height="309" class="alignnone" />

Most times user's will just copy/paste in the link.  Providing the "https://" text by default gives user's a hint to use the SSL version.  Without that, user's can easily enter the http version and the lock icon will not show up on because of Mixed Dispaly Content  -
After much poking around I found where this is set:

Unfortunately this is hardcoded into the JS for wordpress and is not exposed via a setting. We should not edit any core wordpress files. Keeping this as wontfix.
Product: Websites → Websites Graveyard
Product: Websites Graveyard → Websites
Product: Websites → Websites Graveyard
You need to log in before you can comment on or make changes to this bug.