I have updated the Minit plugin to add support for secure asset URIs (SSL/HTTPS). The plugin now enqueues combined Javascript and CSS files using the appropriate URI scheme (uses HTTPS if is_ssl() returns true), and will also rewrite asset URIs inside CSS files (for images, web fonts, etc.) to use the correct URI scheme.
I thought this would have been handled automatically by wp_enqueue_script() and wp_enqueue_style().
Well,
wp_enqueue_script()andwp_enqueue_style()will use whatever you pass to it as the second parameter$url. I can’t rely on plugin and theme authors doing the right thing and usingplugins_url()orget_template_directory_uri()when enqueuing stuff.Secondly, I am storing the combined files in the uploads folder and
wp_upload_dir()doesn’t seem to check for SSL.Ah,
wp_upload_dir()is the problem then.http://core.trac.wordpress.org/ticket/25449
That was quick! Looks perfect!
Not perfect. In fact the solution was a bit crap in retrospect.
This ticket explains some of the problems. They apply to your plugin too:
http://core.trac.wordpress.org/ticket/15928
You need to use content_url() instead of is_ssl() to ensure that you don’t serve the wrong URL if the admin panel is set to https and the frontend to http.
With Minit it is rather simple because I only have to make sure that Minit is returning the same URI scheme as the main request. It is much harder with links and image URLs that are hardcoded in post content.