Don't use WP_PLUGIN_URL
-
Please DON’T use “WP_PLUGIN_URL.” in sharethis.php because it’s not SSL aware. When in the back-end admin panel via HTTPS (which means all the time if FORCE_SSL_ADMIN is set!), the ShareThis admin entirely fails to load.
So instead of this:
$plugin_location=WP_PLUGIN_URL.'/'.str_replace(basename( _FILE__),"",plugin_basename(__FILE__));
You’ll want this:
$plugin_location=plugins_url().'/'.str_replace(basename( __FILE__),"",plugin_basename(__FILE__));
All requests to Google-hosted libraries are like this:
src="http://ajax.googleapis.com/..."
Should be protocol-relative, like this:
src="//ajax.googleapis.com/..."
And all requests to
src="http://w.sharethis.com/..."
should be like this instead:src="https://ws.sharethis.com/..."
. You don’t need to do conditional SSL detection here, as there’s a low volume of requests for these files, and they can all just go through the ST SSL servers.Thanks!
- The topic ‘Don't use WP_PLUGIN_URL’ is closed to new replies.