Skip to:
Content

BuddyPress.org

Opened 12 years ago

Closed 12 years ago

#4110 closed defect (bug) (fixed)

Avatar URLs always use http (ignore https)

Reported by: djpaul's profile DJPaul Owned by: djpaul's profile DJPaul
Milestone: 1.6 Priority: normal
Severity: normal Version:
Component: Core Keywords:
Cc:

Description

If on https, the avatar URLs are hardcoded to use http in many situations. User uploaded avatars are fetched over http, and the fallback avatar image passed to gravatar.com is also hardcoded to http (though the gravatar.com URL does use http/s appropriately). This causes warnings in web browsers as you are fetching non-https content when on a https domain.

Change History (2)

#1 @DJPaul
12 years ago

There are a whole bunch of tickets on wptrac about this sort of issue, including wp_upload_path(), which we use for avatar paths. See #WP13941, #WP15928, #WP19037 if interested. I think the issue is worth fixing in BuddyPress as it's lightweight, future proof, and we half-account for https for gravatar already.

#2 @DJPaul
12 years ago

  • Resolution set to fixed
  • Status changed from new to closed

Fixed in r5956.

Note: See TracTickets for help on using tickets.