-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathforce-https.php
175 lines (155 loc) · 6.58 KB
/
force-https.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
<?php
/*
Plugin Name: Force HTTPS
Plugin URI: https://www.littlebizzy.com/plugins/force-https
Description: HTTPS enforcement for WordPress
Version: 2.1.0
Requires PHP: 7.0
Author: LittleBizzy
Author URI: https://www.littlebizzy.com
License: GPLv3
License URI: http://www.gnu.org/licenses/gpl-3.0.html
GitHub Plugin URI: littlebizzy/force-https
Primary Branch: master
*/
// prevent direct access
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
// disable wordpress.org updates for this plugin
add_filter( 'gu_override_dot_org', function( $overrides ) {
$overrides[] = 'force-https/force-https.php';
return $overrides;
}, 999 );
// force https redirection for all non-https requests
add_action( 'init', 'force_https_redirect_non_https', 10 );
function force_https_redirect_non_https() {
if ( ! is_ssl() && ! is_admin() && PHP_SAPI !== 'cli' ) {
if ( ! headers_sent() ) {
$redirect_url = home_url( add_query_arg( array(), null ) );
wp_safe_redirect( set_url_scheme( $redirect_url, 'https' ), 301 );
exit;
}
}
}
// force https on all urls by replacing http:// with https://
function force_https_securize_url( $url ) {
return set_url_scheme( $url, 'https' );
}
// apply https to all relevant wordpress filters
add_filter( 'script_loader_src', 'force_https_securize_url', 20 );
add_filter( 'style_loader_src', 'force_https_securize_url', 20 );
add_filter( 'wp_get_attachment_url', 'force_https_securize_url', 20 );
add_filter( 'the_permalink', 'force_https_securize_url', 20 );
add_filter( 'post_link', 'force_https_securize_url', 20 );
add_filter( 'page_link', 'force_https_securize_url', 20 );
add_filter( 'term_link', 'force_https_securize_url', 20 );
add_filter( 'home_url', 'force_https_securize_url', 20 );
add_filter( 'site_url', 'force_https_securize_url', 20 );
add_filter( 'network_site_url', 'force_https_securize_url', 20 );
add_filter( 'network_home_url', 'force_https_securize_url', 20 );
add_filter( 'template_directory_uri', 'force_https_securize_url', 20 );
add_filter( 'stylesheet_directory_uri', 'force_https_securize_url', 20 );
add_filter( 'get_avatar_url', 'force_https_securize_url', 20 );
add_filter( 'rest_url', 'force_https_securize_url', 20 );
// ensure all urls in the upload directory use https
add_filter( 'upload_dir', 'force_https_fix_upload_dir', 20 );
function force_https_fix_upload_dir( $uploads ) {
$uploads['url'] = set_url_scheme( $uploads['url'], 'https' );
$uploads['baseurl'] = set_url_scheme( $uploads['baseurl'], 'https' );
return $uploads;
}
// Force HTTPS on all elements and attributes with URLs.
add_filter( 'the_content', 'force_https_process_content', 20 );
function force_https_process_content( $content ) {
return preg_replace_callback(
'#(<(?:a|area|audio|blockquote|button|canvas|del|embed|form|iframe|img|input|ins|link|meta|object|picture|q|script|source|style|svg|track|video)[^>]+(?:@font-face|action|background|background-image|cite|classid|codebase|content|data-[^\s=]+|fetch|font-face|formaction|href|longdesc|manifest|ping|poster|src|srcdoc|srcset|style|url|usemap|video|xlink:href)=["\'])(http://|//)([^"\']+)#i',
function( $matches ) {
// Convert protocol-relative URLs like //example.com to https.
if ( strpos( $matches[2], '//' ) === 0 ) {
return $matches[1] . 'https://' . $matches[3];
}
// Convert all http URLs to https.
return $matches[1] . 'https://' . $matches[3];
},
$content
);
}
// enforce https for text widget content (for older wordpress versions)
add_filter( 'widget_text', 'force_https_fix_widget_text', 20 );
function force_https_fix_widget_text( $content ) {
return set_url_scheme( $content, 'https' );
}
// enforce https for text widget content (for newer wordpress versions)
add_filter( 'widget_text_content', 'force_https_fix_widget_text_content', 20 );
function force_https_fix_widget_text_content( $content ) {
return set_url_scheme( $content, 'https' );
}
// apply https to all urls in custom menus
add_filter( 'nav_menu_link_attributes', 'force_https_fix_menu_links', 20 );
function force_https_fix_menu_links( $atts ) {
if ( isset( $atts['href'] ) ) {
$atts['href'] = set_url_scheme( $atts['href'], 'https' );
}
return $atts;
}
// enforce https for oembed urls
add_filter( 'embed_oembed_html', 'force_https_fix_oembed_html', 20 );
function force_https_fix_oembed_html( $html ) {
return set_url_scheme( $html, 'https' );
}
// enforce https for any urls used in shortcodes
add_filter( 'do_shortcode_tag', 'force_https_fix_shortcode_urls', 20 );
function force_https_fix_shortcode_urls( $output ) {
return set_url_scheme( $output, 'https' );
}
// enforce https on wp_resource_hints
add_filter( 'wp_resource_hints', 'force_https_fix_resource_hints', 20 );
function force_https_fix_resource_hints( $urls ) {
if ( is_array( $urls ) ) {
foreach ( $urls as $key => $url ) {
if ( is_array( $url ) && isset( $url['href'] ) ) {
$urls[ $key ]['href'] = set_url_scheme( $url['href'], 'https' );
} elseif ( is_string( $url ) ) {
$urls[ $key ] = set_url_scheme( $url, 'https' );
}
}
}
return $urls;
}
// enforce https on attachment metadata
add_filter( 'wp_get_attachment_metadata', 'force_https_fix_attachment_metadata', 20 );
function force_https_fix_attachment_metadata( $data ) {
if ( isset( $data['file'] ) ) {
$data['file'] = set_url_scheme( $data['file'], 'https' );
}
if ( isset( $data['sizes'] ) && is_array( $data['sizes'] ) ) {
foreach ( $data['sizes'] as &$size ) {
if ( isset( $size['file'] ) ) {
$size['file'] = set_url_scheme( $size['file'], 'https' );
}
}
}
return $data;
}
// enforce https on image srcsets
add_filter( 'wp_calculate_image_srcset', 'force_https_fix_image_srcsets', 20 );
function force_https_fix_image_srcsets( $sources ) {
foreach ( $sources as &$source ) {
if ( isset( $source['url'] ) ) {
$source['url'] = set_url_scheme( $source['url'], 'https' );
}
}
return $sources;
}
// enforce https on custom logo html
add_filter( 'get_custom_logo', 'force_https_fix_custom_logo', 20 );
function force_https_fix_custom_logo( $html ) {
return set_url_scheme( $html, 'https' );
}
// enforce https for login/logout redirect urls
add_filter( 'login_redirect', 'force_https_securize_url', 20 );
add_filter( 'logout_redirect', 'force_https_securize_url', 20 );
// ensure redirects are https
add_filter( 'wp_redirect', 'force_https_securize_url', 20 );
// Ref: ChatGPT