Insecure images in SSL Admin
It appears that user image thumbnails in admin are all loaded over http, even with SSL admin enabled. This wouldn’t be a huge problem if not for IE8’s security theater antics, which halt page load to throw up a confusing error message.
It definitely affects /wp-admin/upload.php and /wp-admin/themes.php?page=custom-header so I assume it’s any page with a user-uploaded image thumb displayed.
- The topic ‘Insecure images in SSL Admin’ is closed to new replies.