Support » Plugin: Capability Manager » [Plugin: Capability Manager] Please add SSL/https support by using content_url() instead of WP_CONTE

  • Jer Clarke

    (@jeremyclarke)


    Hey, first thanks for the thoroughly useful plugin!

    I’m trying to convert my site to use the FORCE_SSL_ADMIN system so that the admin will go through HTTPS and be more secure. Part of this involves making sure that all content on the admin side is loaded over HTTPS instead of HTTP, because otherwise browsers generate “mixed content” errors.

    The good news is that it’s easy to automatically support this by using the content_url() function in your plugin when generating URLs that lead to the wp-content directory.

    In the Alkivia framework inside capsman you are using the old system for generating URLs using WP_CONTENT_URL (/capsman/framework/init.php). This was the best-practice in the past but unfortunately there is no way to get WP_CONTENT_URL to support https. The only solution currently is to use output buffering on the entire page which is a nightmare.

    So could you please update your plugin to use content_url() or plugins_url() instead? Thanks!

    http://wordpress.org/extend/plugins/capsman/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Jer Clarke

    (@jeremyclarke)

    Oh yeah I forgot to link to this Trac ticket that tries to patch WP_CONTENT_URL to support SSL (but hasn’t been acted on yet and thus this bug will persist even in the new 3.3 update that will come out soon):

    http://core.trac.wordpress.org/ticket/13941

    Jer Clarke

    (@jeremyclarke)

    Hey, sorry for not including this in the original post, but I found another SSL issue with your plugin. This one affects the loading of the /capsman/admin.css file who’s url is generated by $this->mod_url.

    //OLD LINE
    //$this->mod_url = WP_PLUGIN_URL . '/' . basename(dirname($this->mod_file));
    // NEW LINE
    $this->mod_url = plugins_url() . '/' . basename(dirname($this->mod_file));

    Please fix that one too while you’re at it. plugins_url is the new standard.

    FWIW: Please also try enabling WP_DEBUG and using your plugin. There are many warnings that come up in the PHP that could be easily fixed and make your plugin a lot more compatible.

    http://codex.wordpress.org/Editing_wp-config.php#Debug

    These changes are implemented in Capability Manager Enhanced:


    http://wordpress.org/extend/plugins/capability-manager-enhanced/

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘[Plugin: Capability Manager] Please add SSL/https support by using content_url() instead of WP_CONTE’ is closed to new replies.