you cannot do it. why do you want this?
Sorry Emre, but I think you are just understimating a possible security issue on your plugin.
Of course, this precise technical aspect could be debatable…but I don’t see any “nonsense” here…when WordPress is free to choose in between http and https there’s always a potential risk. (See what’s happening about “mixed content” security warnings too).
Why don’t you offer a simple configuration option so that anyone can decide this behaviour on his own website?
Looking forward your feedback about my proposal, thank you.
because I think it is unnecessary. Our motto is “the fastest and the easiest” plugin. I don’t wanna show some unnecessary settings to my customers.
I think your plugin IS and ALWAYS WILL BE “the fastest and the easiest”.
That’s the reason why I’m choosing yours for all my websites. And this is also the reason I’m writing on this forum and not on a competitor’s one! 🙂
But adding a very simple but useful option (for “worried” people like me or for anyone else who wants to better his own website security score) i think it would be a huge “plus”. Nobody would complaint about it, I’m confident about that.
“More secure” doesn’t mean “more complicated”. We’re talking about a check-box and probably a php ternary operator usage in a couple of place inside your code.
Try to make some research on the web, Emre: you will find a lot of security auditing tools who care about this aspect and also a lot of people saying that, wherever is possible, everyone should use “https” instead relative protocol.
This is another very interesting resource:
https://webhint.io/docs/user-guide/hints/hint-no-protocol-relative-urls/
I know you could be busy with thousands of other things to do…but I don’t think you should ignore this issue at all…please save it in your to-do list!! 😉
-
This reply was modified 6 years, 1 month ago by
nerik73.