Support » Plugin: WTI Like Post » [Plugin: WTI Like Post] SSL insecure content

  • Resolved webaware



    This plugin is loading its CSS using the WP_PLUGIN_URL constant instead of the plugin_dir_url() function, so it triggers insecure content warnings on SSL pages. It’s also loading an image (pixel.gif) using WP_PLUGIN_URL. I looked at providing a “fix” (hack) for your plugin with my SSL Insecure Content Fixer but I can’t because of the image being in the content generation (I don’t/won’t filter the content, for performance reasons; WordPress HTTPS does that job).

    Fixing this in your plugin is easy though:

    * use the wp_enqueue_scripts action to enqueue your CSS, instead of printing it from wp_head action
    * use plugin_dir_url() to get your plugin dir, instead of WP_PLUGIN_URL, so that it handles the transition to SSL (HTTPS)
    * you could also use wp_localize_script() instead of the script block in your WtiLikePostAddHeaderLinks() function, and change your scripts to access blog_url through your namespace (see link)


Viewing 1 replies (of 1 total)
  • Plugin Author webtechideas


    Hi Ross,
    These are really some handy points and thanks for putting them here. Frankly speaking SSL was never in my mind at the time of development. These findings will surely improve the plugin.


Viewing 1 replies (of 1 total)
  • The topic ‘[Plugin: WTI Like Post] SSL insecure content’ is closed to new replies.