Closed Bug 888068 Opened 8 years ago Closed 8 years ago
Change Default 'Add Media From URL' from HTTP to HTTPS
I would give this a low priority as: - Users can just change the link - I would not presume most of these sites support https
I think this is a wontfix. According to wordpress documentation: Depending on the site you are linking from, this method will not upload the document/file to your blog’s Media Library. Files will be uploaded from specific sites like Blogger in order to provide a smoother, faster, and more reliable experience. So for blogger the image will be uploaded to us and served via https. For other sites, it just puts in the URL. In this scenario I would not pre-suppose that the embedded images are available via https. From my audit of the content on the blog.. it looked like most images referenced on external sites - were from personal sites that did not support https.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
I go to https://blog.mozilla.org/tanvi/wp-admin/post-new.php I click Add Media I click Insert from URL I insert http://people.mozilla.com/~tvyas/FigureA.jpg I click Insert Into Post The following is added to my post: <img src="http://people.mozilla.com/~tvyas/FigureA.jpg" width="637" height="309" class="alignnone" /> Most times user's will just copy/paste in the link. Providing the "https://" text by default gives user's a hint to use the SSL version. Without that, user's can easily enter the http version and the lock icon will not show up on blog.mozilla.org because of Mixed Dispaly Content - https://people.mozilla.com/~tvyas/FigureE.jpg
After much poking around I found where this is set: https://github.com/WordPress/WordPress/blob/master/wp-includes/js/media-views.js#L3903 Unfortunately this is hardcoded into the JS for wordpress and is not exposed via a setting. We should not edit any core wordpress files. Keeping this as wontfix.
You need to log in before you can comment on or make changes to this bug.