Closed Bug 888068 Opened 7 years ago Closed 7 years ago

Change Default 'Add Media From URL' from HTTP to HTTPS

Categories

(Websites Graveyard :: blog.mozilla.org, defect)

defect
Not set
normal

Tracking

(Not tracked)

RESOLVED WONTFIX

People

(Reporter: bensternthal, Unassigned)

References

Details

Attachments

(1 file)

Attached image Screenshot Of Settings
I would give this a low priority as:

- Users can just change the link
- I would not presume most of these sites support https
Blocks: 888069
No longer blocks: 888069
I think this is a wontfix.

According to wordpress documentation:

Depending on the site you are linking from, this method will not upload the document/file to your blog’s Media Library. Files will be uploaded from specific sites like Blogger in order to provide a smoother, faster, and more reliable experience. 

So for blogger the image will be uploaded to us and served via https.

For other sites, it just puts in the URL. In this scenario I would not pre-suppose that the embedded images are available via https. From my audit of the content on the blog.. it looked like most images referenced on external sites - were from personal sites that did not support https.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WONTFIX
I go to https://blog.mozilla.org/tanvi/wp-admin/post-new.php
I click Add Media
I click Insert from URL
I insert http://people.mozilla.com/~tvyas/FigureA.jpg
I click Insert Into Post

The following is added to my post:
<img src="http://people.mozilla.com/~tvyas/FigureA.jpg" width="637" height="309" class="alignnone" />

Most times user's will just copy/paste in the link.  Providing the "https://" text by default gives user's a hint to use the SSL version.  Without that, user's can easily enter the http version and the lock icon will not show up on blog.mozilla.org because of Mixed Dispaly Content  - 
https://people.mozilla.com/~tvyas/FigureE.jpg
After much poking around I found where this is set:

https://github.com/WordPress/WordPress/blob/master/wp-includes/js/media-views.js#L3903

Unfortunately this is hardcoded into the JS for wordpress and is not exposed via a setting. We should not edit any core wordpress files. Keeping this as wontfix.
Product: Websites → Websites Graveyard
Product: Websites Graveyard → Websites
Product: Websites → Websites Graveyard
You need to log in before you can comment on or make changes to this bug.