Don't use WP_PLUGIN_URL

  • Manuel Razzari

    (@manuelrazzari)


    9 years, 7 months ago

    Please DON’T use “WP_PLUGIN_URL.” in sharethis.php because it’s not SSL aware. When in the back-end admin panel via HTTPS (which means all the time if FORCE_SSL_ADMIN is set!), the ShareThis admin entirely fails to load.

    So instead of this:
    $plugin_location=WP_PLUGIN_URL.'/'.str_replace(basename( _FILE__),"",plugin_basename(__FILE__));

    You’ll want this:
    $plugin_location=plugins_url().'/'.str_replace(basename( __FILE__),"",plugin_basename(__FILE__));

    All requests to Google-hosted libraries are like this:

    src="http://ajax.googleapis.com/..."

    Should be protocol-relative, like this:

    src="//ajax.googleapis.com/..."

    And all requests to src="http://w.sharethis.com/..." should be like this instead: src="https://ws.sharethis.com/...". You don’t need to do conditional SSL detection here, as there’s a low volume of requests for these files, and they can all just go through the ST SSL servers.

    Thanks!

    https://wordpress.org/plugins/share-this/

Viewing 1 replies (of 1 total)
  • sharethissupport

    (@sharethissupport)

    9 years, 7 months ago

    Hi Manuel,

    Thank you for your Suggestion, we will definitely forward this to our tech team.
    Our tech team is already working on SSL related issues and this will be fixed in future versions of Plugins.

Viewing 1 replies (of 1 total)
  • The topic ‘Don't use WP_PLUGIN_URL’ is closed to new replies.

Tags