Pro Sites SSL issue: Https link generated on successful checkout with Stripe

I think this question is primarily for @Aaron, but I'm open anyone who may know of a solution.

This seems to be similar to the issue in these two threads:
https://premium.wpmudev.org/forums/topic/pro-sites-ssl-checkout-warning
https://premium.wpmudev.org/forums/topic/pro-sites-security-warnings

I think I'm still having the same error that was fixed in 3.0.7 according to @Aaron

As far as what was fixed is the visit your site link after checking out was https which as you know throws an error if your cert is not wildcard. That was fixed in 3.0.7.

Reference: https://premium.wpmudev.org/forums/topic/pro-sites-security-warnings#post-172216

Because the issue was fixed in 3.0.7, I tried a number of things on my end including creating a custom page template with no additional links, yet the auto-generated "Visit your newly upgraded site »" is still output as https.

This is strange because in gateway-stripe.php on line 685 I can clearly see that http is specified:

$content .= '<p><a href="' . get_admin_url($blog_id, '', 'http') . '">' . __('Visit your newly upgraded site &raquo;', 'psts') . '</a></p>';

Maybe core is overwriting this function?

My details:
Browser: Chrome
SSL: Installed
Pro Sites version: Latest (3.4)
Gateway: Stripe
Replicate: Yes, consistently.

Further, I've also seen these replies by @Aaron that may be related:

As far as making other links https, that's how WP works, if you are viewing any page in HTTPS then all WP generated links will be HTTPS too.

Reference: https://premium.wpmudev.org/forums/topic/pro-sites-visit-site-link-https-problem#post-320619

Note it's not the plugins that change links to https. That's core wp behavior when the current page is ssl.

Reference: https://premium.wpmudev.org/forums/topic/https-seo#post-192826

So, I'm not sure if this issue was fixed, but now returned or if this is a separate issue related to core behavior (despite specifying http in gateway-stripe.php).

Is there any way around this? If there isn't, would it make sense to just print the URL as plain text (or provide an option) to copy/paste instead automatically outputting a https link? Am I making a mistake and missing something simple?

Any ideas?

Thanks.

  • Gabe
    • The Bug Hunter

    @Aaron

    I've been playing with this one and I think the error is in core. For reference, the location is: wp-includes/link-template.php, get_site_url is on line 1964, and get_admin_url is on line 2006.

    I wasn't able to figure out exactly what the problem is, but I did find a temporary fix for the gateways. On line 685 of gateway-stripe.php and line 1316 of gateway-paypal-express-pro.php you can swap out:

    get_admin_url($blog_id, '', 'http')
    for
    get_site_url($blog_id, 'wp-admin/', 'http')
    You get the desired result, which is a link to the user's dashboard as http. I'm not sure why the 'http' $scheme works for get_site_url and not get_admin_url, but it's a workaround.

    In case I've missed something or anyone has anything to add, I've started a ticket here: http://core.trac.wordpress.org/ticket/24432

    Hope this helps.

  • Aaron
    • CTO

    That's really weird, because get_admin_url calls this directly:
    get_site_url($blog_id, 'wp-admin/', $scheme);
    Not any different than what you are doing. So only thing I can think is maybe you have a plugin or something that is filtering 'admin_url' filter to change the return from WP? Like an ssl plugin?

  • Gabe
    • The Bug Hunter

    @Aaron

    I know, I've no idea why it works with one and not the other.

    I have no SSL plugins, just a certificate installed on the server. Are you able to reproduce? If not and it's just me I can just swap out the lines on my end.

  • Gabe
    • The Bug Hunter

    @Aaron

    No luck, I still get an https link using the below:

    if ($this->complete_message) {
    	    $content = '<div id="psts-complete-msg">' . $this->complete_message . '</div>';
    	    $content .= '<p>' . $psts->get_setting('stripe_thankyou') . '</p>';
    		echo '<p><a href="' . get_admin_url($blog_id, '', 'http') . '">' . __('Visit your newly upgraded site &raquo;', 'psts') . '</a></p>';
    	    return $url;
    }
  • Gabe
    • The Bug Hunter

    Nice @Aaron it works. Here's what it looks like:

    function get_admin_url( $blog_id = null, $path = '', $scheme = 'admin' ) {
    	$url = get_site_url($blog_id, 'wp-admin/', $scheme);
    
    	if ( !empty( $path ) && is_string( $path ) && strpos( $path, '..' ) === false )
    		$url .= ltrim( $path, '/' );
    	return $url;
    	return apply_filters( 'admin_url', $url, $path, $blog_id );
    }

    Just to be sure, I tried it again with 'return $url;' commented out and the link was https again.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.