I needed to make sure all my content was being delivered via https recently. Everything functioned just fine after making the switch but I needed to make sure all external content was being loaded via https as well.
I noticed that avatars from facebook were not using https so I searched for, found, and changed the following lines to https in order to fix it for my particular setup.
class_wdfb_model.php line 98 $fb_img = file_get_contents("http(s)://graph.facebook.com/{$fb_uid}/picture?type=large");
class_wdfb_public_pages.php line 237 return "<img class='avatar' src='http(s)://graph.facebook.com/{$fb_uid}/picture' />";
So yippe for me I got it to do what I wanted. The avatars load just fine from https but the moment I upgrade to a new version I will have to re-do my changes constantly.
Are there any reasons why these urls can't be set to https permanently in an upcoming release, or any reason why they couldn't be changed already?
I needed to make sure all my content was being delivered via https recently. Everything functioned just fine after making the switch but I needed to make sure all external content was being loaded via https as well.
I noticed that avatars from facebook were not using https so I searched for, found, and changed the following lines to https in order to fix it for my particular setup.
class_wdfb_model.php line 98 $fb_img = file_get_contents("http(s)://graph.facebook.com/{$fb_uid}/picture?type=large");
class_wdfb_public_pages.php line 237 return "<img class='avatar' src='http(s)://graph.facebook.com/{$fb_uid}/picture' />";
So yippe for me I got it to do what I wanted. The avatars load just fine from https but the moment I upgrade to a new version I will have to re-do my changes constantly.
Are there any reasons why these urls can't be set to https permanently in an upcoming release, or any reason why they couldn't be changed already?
Https actually adds a layer of processing and so represents a significant performance hit.
Unless it's absolutely necessary, it's not wise to put connections through HTTPS hence why the plugin doesn't do so. If we did, we'd make sites slower for no good reason! :)
Responses (2)
Sales & Support Pro — 19th October 2011 12:52 #
Hiya!
Https actually adds a layer of processing and so represents a significant performance hit.
Unless it's absolutely necessary, it's not wise to put connections through HTTPS hence why the plugin doesn't do so. If we did, we'd make sites slower for no good reason! :)
Phil
Member — 19th October 2011 13:53 #
Understood, core hacks are more fun anyways I suppose. =) Thanks for the quick reply!
Become a member