SSL

Really Simple SSL 2.5.14, minor update

2.5.14 was released today, with two adjustments:

  • A bug was discovered in the mixed content fixer, where a match was found on http links across html elements when newlines were removed by optimization plugins. If a link element was found, but the href was https, it would match the first href=”http, which could be an external hyperlink.
    It didn’t come up before, as it only causes an issue in a very specific set of conditions.
  • The wp_rest_api was not forced over SSL yet with PHP. Although the .htaccess redirect should redirect any requests to https, NGINX servers won’t be able to use this. This has now been adjusted.

 

Related Articles

2 Comments

  • ao

    It was redirecting my homepage to the login page. I hope this update will take care of that issue. Nice plugin by the way. Thanks

    • Rogier Lankhorst

      Yes, the wp_safe_redirect had me confused: it can’t be used on the front-end, as it redirects to the login page instead of a similar but safe url. It also kicks in when the www version of the site is used for example. This is fixed as of 2.5.15. Sorry for any problems this might have caused. Somehow this didn’t pop up in the tests. Tests are being improved to prevent this in the future.