is_ssl() returning false can lead to misleading results

[danielbachhuber]

On the command line, is_ssl() returns false because the corresponding $_SERVER['https'] variable isn't.

While technically this is correct, it can lead to misleading behavior within WP-CLI. For instance:

$ wp option get siteurl
https://example.com
$ wp site list --field=url
http://example.com

I don't have an opinion for an immediate solution on this; more so, flagging behavior for visibility.

From https://wordpress.slack.com/archives/C02RP4T41/p1508444879000316

[schlessera]

We could try to provide some semi-smart guesses and adapt the URL accordingly. For example, if FORCE_SSL is set to true, the expected URL should generally be HTTPS.

[danielbachhuber]

A more graceful approach would be to disable set_url_scheme() in CLI context. Or, solely for the http -> https and https -> http conversions.

[schlessera]

Yes, that might work as well and be less of a hack. There's a filter that provides both the original and the changed URL.

[uglyrobot]

We are running into issues with network_site_url() function in multisite as well. It always returns http even when site is https. In this case it's happening with plugins that rely on that when commands are triggered or cron is run via wp cli.