Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-46269

Convert http embedded content to https on https sites where available

    Details

    • Testing Instructions:
      Hide
      1. Administration > Site administration > Plugins > Manage Filters. Turn "Convert embedded content to match current HTTP security" to 'on'
      2. Change the site's wwwroot in config.php to https:
      3. Create a new course
      4. Include an image from an external site to it's description. Ensure that the site supports both http and https. Ensure that the url typed in is http.
      5. View the course list
      6. Check that the image is displayed
      7. Check that the https address is loaded. (Use open image in new tab or similar)
      Show
      Administration > Site administration > Plugins > Manage Filters. Turn "Convert embedded content to match current HTTP security" to 'on' Change the site's wwwroot in config.php to https: Create a new course Include an image from an external site to it's description. Ensure that the site supports both http and https. Ensure that the url typed in is http. View the course list Check that the image is displayed Check that the https address is loaded. (Use open image in new tab or similar)
    • Affected Branches:
      MOODLE_28_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-46269-master
    • Story Points (Obsolete):
      100

      Description

      This could be a once off thing (e.g. when someone changes from http to https and back) or a constant thing (whenever they add a link)

      Note that apache server can be configured to choose http or https automatically, and other servers may have similar functionality.

      The protocol relative url option can be considered as well. "//www.example.com" will link to https://www.example.com if you are on https://moodle.org or http://www.example.com if you are on http://moodle.org

      Finally, a filter could be made.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

              Hide
              johno John Okely added a comment -

              Blocking MDL-42834. The sooner this work is completed the better. The work for MDL-42834 covers a lot of code and as such will start to gain more and more conflicts as time goes by.

              Show
              johno John Okely added a comment - Blocking MDL-42834 . The sooner this work is completed the better. The work for MDL-42834 covers a lot of code and as such will start to gain more and more conflicts as time goes by.
              Hide
              johno John Okely added a comment -

              Moved to the top of the backlog so it can be scaled and prioritised.

              Show
              johno John Okely added a comment - Moved to the top of the backlog so it can be scaled and prioritised.
              Show
              johno John Okely added a comment - - edited http://docs.moodle.org/27/en/Filters http://docs.moodle.org/27/en/Convert_URLs_into_links_filter
              Hide
              johno John Okely added a comment -

              See db_replace in lib/adminlib.php for an example of how to search and/or replace in the database

              Show
              johno John Okely added a comment - See db_replace in lib/adminlib.php for an example of how to search and/or replace in the database
              Hide
              johno John Okely added a comment -

              Discussion regarding this issue: https://moodle.org/mod/forum/discuss.php?d=265155

              Show
              johno John Okely added a comment - Discussion regarding this issue: https://moodle.org/mod/forum/discuss.php?d=265155
              Hide
              moodle.com moodle.com added a comment -

              Removing this from the sprint so we can focus on Gradebook work.

              Show
              moodle.com moodle.com added a comment - Removing this from the sprint so we can focus on Gradebook work.
              Show
              johno John Okely added a comment - https://code.google.com/p/phpquery/
              Hide
              johno John Okely added a comment -

              Added patch. Not ready for deployment. Unit tests need to be expanded and code modified to account for more external content and more edge cases.

              Show
              johno John Okely added a comment - Added patch. Not ready for deployment. Unit tests need to be expanded and code modified to account for more external content and more edge cases.
              Hide
              cibot CiBoT added a comment -

              Fails against automated checks.

              Checked MDL-46269 using repository: git://github.com/xow/moodle.git

              More information about this report

              Show
              cibot CiBoT added a comment - Fails against automated checks. Checked MDL-46269 using repository: git://github.com/xow/moodle.git master (branch: MDL-46269-master | CI Job ) Coding style problems found More information about this report
              Show
              poltawski Dan Poltawski added a comment - https://www.w3.org/TR/upgrade-insecure-requests/ http://caniuse.com/#feat=upgradeinsecurerequests

                People

                • Votes:
                  8 Vote for this issue
                  Watchers:
                  15 Start watching this issue

                  Dates

                  • Created:
                    Updated: