Detecting SSL status on the Dashboard introduces problems when writing content
that is saved to the database and then displayed on the front end, where SSL
may be optional (or impossible, due to self-signed certificates). The new
approach parallels the logic in `get_home_url()` for forcing HTTPS.
See [31614] #15928 for background.
Fixes#32112 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@32342 602fd350-edb4-49c9-b593-d223f7449a82
`wp_get_attachment_url()`, via `wp_upload_dir()`, uses 'siteurl' to generate
attachment URLs. When a site is SSL-optional on the front end - ie, 'siteurl'
is non-HTTPS, but SSL is available - a number of situations can arise where
non-HTTPS attachment URLs cause browser mixed-content warnings:
a) SSL is forced in the admin and `wp_get_attachment_url()` is used to generate the `<img>` tag for an inserted image. In these cases, the post content will contain non-HTTPS. Viewing/editing this post in the Dashboard will result in non-HTTPS images being served in an SSL environment.
b) `wp_get_attachment_url()` is used in a theme to generate an `<img>` `src` attribute on a public page. When viewing that page over SSL, the images will have HTTP URLs.
This changeset switches attachment URLs to HTTPS when it's determined that the
host supports SSL. This happens when 'siteurl' is non-SSL, but the current page
request *is* over SSL, and the host of the current request matches the host of
the URL being generated.
Props joemcgill, boonebgorges.
Fixes#15928.
git-svn-id: https://develop.svn.wordpress.org/trunk@31614 602fd350-edb4-49c9-b593-d223f7449a82
* Check `! empty( $postarr['file'] )` before calling `update_attached_file()`
* Add a unit test: `test_update_attachment_fields()`
* Run the same logic for empty `guid` for attachments that always ran in `wp_insert_post()`, as per #18310. This fixes a unit test that would have broken when this ticket was marked closed.
* Updated the unit test in `Tests_Media::test_wp_prepare_attachment_for_js()` to account for `url` no longer being empty
Props kovshenin, wonderboymusic.
See #21963.
git-svn-id: https://develop.svn.wordpress.org/trunk@28788 602fd350-edb4-49c9-b593-d223f7449a82
wp-tests-config.php can/should reside in the root of a develop checkout. `phpunit` should be run from the root.
see #25088.
git-svn-id: https://develop.svn.wordpress.org/trunk@25165 602fd350-edb4-49c9-b593-d223f7449a82
