Custom CSS doesn't respect https

[pippinsplugins]

I haven't dug into this yet, but it seems that the custom CSS module does not properly respect pages that are loaded on https and load the custom CSS file over http, resulting in SSL invalidation.

[pippinsplugins]

At least in the instance where I saw the issue, the scheme wasn't getting detected properly in home_url() here.

Perhaps it could be set explicitly?

[jeherve]

home_url() should already use the appropriate protocol. I'm not sure what's happening here.

Would something like this help?

$prot = is_ssl() ? 'https' : 'http';
$href = home_url( '/', $prot );

[pippinsplugins]

Yeah I think that would work, give me a few minutes and I can test it to confirm.

[pippinsplugins]

Hmm, interestingly, even setting the schema to https directly fails to make it load via https.

[jeherve]

I just tested it on a test site of mine, and setting the schema to https seems to work on my end.

Does your site use a reverse proxy, or anything that may force the use of http, as mentioned in the codex?

[georgestephanis]

@jeherve Please don't use a ternary with is_ssl -- instead use either set_url_scheme or just //whatever.com protocol agnostic urls.

[pippinsplugins]

Removing the schema complete would work fine.

[jeherve]

👍 . I didn't know about set_url_scheme.

[georgestephanis]

@pippinsplugins Did you test that? There's the chance that something in core would add a url scheme via set_url_scheme

[Ipstenu]

Just to pipe in, I use custom css on my https only site without any issues. See https://store.halfelf.org/ for it. No invalid SSL :)

[pippinsplugins]

Setting the scheme did not work, but removing the call to home_url() completely did:

        $href = add_query_arg( 'custom-css', 1 );
        $href = add_query_arg( 'csblog', $blog_id, $href );
        $href = add_query_arg( 'cscache', 6, $href );
        $href = add_query_arg( 'csrev', (int) get_option( $option . '_rev' ), $href );

[lancewillett]

Closing as "worksforme".