Project

General

Profile

Bug #9735

Logged-in subdomain view of mapped sites can have SSL errors on assets

Added by Boone Gorges over 3 years ago. Updated over 3 years ago.

Status:
Resolved
Priority name:
Normal
Assignee:
Category name:
Server
Target version:
Start date:
2018-05-08
Due date:
% Done:

0%

Estimated time:

Description

If you visit a mapped domain as a logged in user, under the subdomain URL - eg https://newlaborforum.commons.gc.cuny.edu/ - some assets don't load properly because of SSL issues. For example, the header image in the attached screenshot tries to load from https://newlaborforum.cuny.edu..., which is not available under SSL. I assume this is because of some is_ssl() checks, either in the theme or in core functions like wp_get_attachment_url().

Ray, could I ask you to have a look to see if there's a quick fix or workaround? It's not worth a ton of effort, since (a) these pages will rarely be seen like this (only admins will see it) and (b) it's likely we'll have SSL for these sites in the short to medium term because of Lihua's letsencrypt work. But if there's something relatively easy we can do - eg in the SSL functions in wp-content/mu-plugins/cac-functions.php - it may be worth looking at.

Screenshot_2018-05-08_14-45-53.png (227 KB) Screenshot_2018-05-08_14-45-53.png Boone Gorges, 2018-05-08 10:45 AM

Related issues

Related to CUNY Academic Commons - Bug #9828: redirecting problemResolved2018-05-24

History

#2 Updated by Raymond Hoh over 3 years ago

Ugh, good catch.

The problem is the customizer functionality of WordPress saves the absolute URL of the theme assets from the current URL. Because the original customizer changes were made on the mapped domain, those theme asset URLs are now using the mapped domain instead of the subdomain.

The following snippet fixes this for the various customizer options requiring attachments:

function cac_set_mapped_url_to_subdomain( $url ) {
    global $wpdb;

    // bail if we're on a mapped domain
    if ( cac_is_domain_mapping_enabled_for_current_blog() ) {
        return $url;
    }

    // Check if the currnet blog has a mapped domain...
    $domain = $wpdb->get_var( "SELECT domain FROM {$wpdb->dmtable} WHERE blog_id = '{$wpdb->blogid}' AND active = 1 LIMIT 1" );
    if ( empty( $domain ) ) {
        return $url;
    }

    $url = str_replace( '://' . $domain, '://' . $GLOBALS['current_blog']->domain, $url );
    $url = set_url_scheme( $url, is_ssl() ? 'https' : 'http' );

    return $url;
}
add_filter( 'theme_mod_header_image', 'cac_set_mapped_url_to_subdomain' );
add_filter( 'theme_mod_header_video', 'cac_set_mapped_url_to_subdomain' );
add_filter( 'theme_mod_background_image', 'cac_set_mapped_url_to_subdomain' );
add_filter( 'theme_mod_custom_logo', 'cac_set_mapped_url_to_subdomain' );

But, it uses an uncached DB query because the WPMU Domain Mapping plugin does not cache this info from their DB table.

Since there are way more non-mapped domains, do we want to write a caching layer for WPMU Domain Mapping so we can then apply this snippet?

#3 Updated by Boone Gorges over 3 years ago

Yeah, I'd say it's worth it to write that layer. It'd benefit us elsewhere. Thanks!

#4 Updated by Raymond Hoh over 3 years ago

Boone Gorges wrote:

Yeah, I'd say it's worth it to write that layer. It'd benefit us elsewhere. Thanks!

I've written an object cache layer for wordpress-mu-domain-mapping in a separate branch for our cac repo:
https://github.com/cuny-academic-commons/cac/compare/1.13.x...dm-object-cache

Let me know what you think.

#5 Updated by Boone Gorges over 3 years ago

This looks good to me, Ray. A couple non-critical questions:

- Do you think there's a reason why the plugin authors haven't added caching for this in the past? It seems an obvious win. Maybe there's problems in multi-server environments or something? Would it make sense to package this as a PR/patch for the plugin?
- Is there benefit (maybe not direct to this ticket, but in general) to adding caching in the other direction as well? Ie blog ID lookup given a domain - the query that takes place in sunrise.php. (I think the cache system is booted by this point?)

I'd say you're good to update https://redmine.gc.cuny.edu/issues/9735#note-2 in light of the new cached function, and add it to the codebase for 1.13.2.

#6 Updated by Raymond Hoh over 3 years ago

Would it make sense to package this as a PR/patch for the plugin?

I couldn't find a Git repo for the wordpress-mu-domain-mapping plugin anywhere. There are some forks on Github though. Could post the patch on the wp.org support forums and hope for the best.

Ie blog ID lookup given a domain - the query that takes place in sunrise.php. (I think the cache system is booted by this point?)

Good spot about sunrise.php. I can look into adding caching by domain later down the road, but as you mention, it's not critical for this ticket. We would also have to move some other code into sunrise.php like the wp_cache_add_global_groups( 'wpmu_dm' ); call.

For now, I'll merge what I have into 1.13.x branch and add the code I wrote to address this specific ticket.

Thanks for the feedback!

#7 Updated by Raymond Hoh over 3 years ago

  • Status changed from New to Staged for Production Release

I've merged the dm-object-cache branch in https://github.com/cuny-academic-commons/cac/commit/3211d0aaa1f7b6adc497a5b3f89b46c7e1dcd204

And I've added the fix referenced above in https://github.com/cuny-academic-commons/cac/commit/93abbffbc28237820783a088908fbb088b779fd0.

As for reaching out to the plugin authors, I've posted a thread in the wp.org support forums here with a link to the patch.

#8 Updated by Boone Gorges over 3 years ago

Thanks! Going to mark resolved in advance of the release.

#9 Updated by Boone Gorges over 3 years ago

  • Status changed from Staged for Production Release to Resolved

#10 Updated by Raymond Hoh over 3 years ago

  • Related to Bug #9828: redirecting problem added

Also available in: Atom PDF