Skip to content

Comments: Revert "Always use https for jetpack.wordpress.com"#7205

Merged
eliorivero merged 1 commit intomasterfrom
revert/ssl-comments
May 23, 2017
Merged

Comments: Revert "Always use https for jetpack.wordpress.com"#7205
eliorivero merged 1 commit intomasterfrom
revert/ssl-comments

Conversation

@kraftbj
Copy link
Copy Markdown
Contributor

@kraftbj kraftbj commented May 18, 2017

In Safari, if the site is http and the iframe loads https, it throws a warning about submitting a secure form to an insecure site.

This is because of the following path:

  • http site loading an https iframe (no problem)
  • https iframe submitting a form (no problem)
  • the iframe takes the submission from the https form to the wp-comments-post.php of the http site (this is the problem)

While we should SSL all the things, we may need to rethink this in light of confusion of scary security warnings.

As reported in 3216198-t

@kraftbj kraftbj added [Feature] Comments [Pri] Normal [Status] Needs Review This PR is ready for review. Bug When a feature is broken and / or not performing as intended labels May 18, 2017
@jeherve
Copy link
Copy Markdown
Member

jeherve commented May 18, 2017
edited
Loading

Fixes #3565

Introduced in #3475

jeherve
jeherve reviewed May 19, 2017
View reviewed changes
Copy link
Copy Markdown
Member

@jeherve jeherve left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is odd. The change is correctly applied to my site, but I still get the warning when trying to submit a comment in Safari:

screenshot 2017-05-19 at 14 02 37

screenshot 2017-05-19 at 13 59 19

Does it work for you?

@jeherve jeherve added [Status] Needs Author Reply We need more details from you. This label will be auto-added until the PR meets all requirements. and removed [Status] Needs Review This PR is ready for review. labels May 19, 2017
@kraftbj
Copy link
Copy Markdown
Contributor Author

kraftbj commented May 19, 2017

Huh, maybe clear browser cache? I didn't get the error on my Safari after applying the patch.

@jeherve
Copy link
Copy Markdown
Member

jeherve commented May 19, 2017

Hooray! My bad, I should have tried that first!

jeherve
jeherve approved these changes May 19, 2017
View reviewed changes
Copy link
Copy Markdown
Member

@jeherve jeherve left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Works in my tests! 🚢

@jeherve jeherve added [Status] Ready to Merge Go ahead, you can push that green button! and removed [Status] Needs Author Reply We need more details from you. This label will be auto-added until the PR meets all requirements. labels May 19, 2017
eliorivero
eliorivero approved these changes May 23, 2017
View reviewed changes
Copy link
Copy Markdown
Contributor

@eliorivero eliorivero left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!

@eliorivero eliorivero merged commit c3220eb into master May 23, 2017
@eliorivero eliorivero deleted the revert/ssl-comments branch May 23, 2017 20:46
@eliorivero eliorivero removed the [Status] Ready to Merge Go ahead, you can push that green button! label May 23, 2017
@jeherve jeherve mentioned this pull request May 24, 2017
Closed
jeherve added a commit that referenced this pull request May 29, 2017
@jeherve
Changelog: add #7205
c32bc9a
eliorivero pushed a commit that referenced this pull request May 30, 2017
@jeherve @eliorivero
Changelog: first pass at a changelog for 5.0 (#7116)
eee27f0 
* Changelog: first pass at a changelog for 5.0

* Changelog: delete 4.9 testing list.

* Changelog: update minimum WP version to match ver. in jetpack.php

Fixes #7158

* Changelog: add #6051

* Changelog: add #6753

* Changelog: add #6928

* Changelog: add #6964

* Changelog: add #7014

* Changelog: add #7057

* Changelog: add #7060

* Changelog: add #7068

* Changelog: add #7070

* Changelog: add #7072

* Changelog: add #7071

* Changelog: add release date and post shortlink.

* Changelog: add #7094

* Changelog: add #7100

* Changelog: add #7108

* Changelog: add #7113

* Changelog: add #7123

* Changelog: add #7135

* Changelog: add #7143

* Changelog: add #7151

* Changelog: add #6996

* Changelog: add #7105

* Changelog: add #7132

* Changelog: add #7166

* Changelog: fix typo in 4.9 changelog.

* Changelog: remove older releases' changelogs.

@see p1HpG7-42e-p2

* Changelog: add #7090

* Changelog: add #7095

* Changelog: add #7112

* Changelog: add #7115

* Changelog: add #7122

* Changelog: add #7137

* Changelog: add #7138

* Changelog: add #7140

* Changelog: add #7154

* Changelog: add ##7155

* Changelog: add #7163

* Changelog: add #7167

* Changelog: add #7171

* Changelog: add #7180

* Changelog: add #7181

* Changelog: add #7183

* Changelog: add #7184

* Changelog: add #7189

* Changelog: add #7191

* Changelog: add #7193

* Changelog: add #7198

* Changelog: add #7200

* Changelog: add #7209

* Changelog: add #7212

* Testing list: add instructions for #7115

* Changelog: add #7188

* Changelog: add #7205

* Changelog: add #7225

* Changelog: add #6872

* Changelog: add #7107

* Changelog: add #7118

* Changelog: add #7142

* Changelog: add #7170

* Changelog: add #7210

* Changelog: add #7218

* Changelog: add #7232

* Changelog: add #7211

* Changelog: add #7213

* Changelog: add #7229

* Changelog: add #7230

* Changelog: add #7214

* Draft changelog for 5.0

* Changelog updates: 2nd pass at a clearer changelog.

- Fix typos.
- Use consistent tense and tone across all changelog.
- Remove unclear items.

* Changelog: add #7026

* Changelog: add #7058

* Changelog: add #7125

* Changelog: add #7249

* Changelog: add #7185

* add mentions of image widget migration

* Changelog: add info about new output for CLI command.

* Changelog: add WP version number matching the new Image Widget.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jeherve jeherve jeherve approved these changes

+1 more reviewer

@eliorivero eliorivero eliorivero approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

Bug When a feature is broken and / or not performing as intended [Feature] Comments [Pri] High

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@kraftbj @jeherve @eliorivero