Avatar URL is HTTP instead of HTTPS

Quick question!

I use your plugin on this website: LE secret d'un storytelling qui cartonne et 3 modèles d'histoire à adapter à votre activité : La Tranchée

On this link, we can see that I’ve got insecure content on the page because the avatar images are loaded in http.

I think the easiest way to fix it would be to edit the {avatar_url} tag. How should I proceed?

Is the ‘force https’ setting enabled on your Discourse forum? If it is, Discourse should be returning an avatar_template with an https URL. The URL provided by the Discourse avatar template is used by the WordPress plugin to create the link.

I had to deactivate the force https on my discourse install because it caused a problem (infinite redirect) with another app I’m using for the SSO login :confused:

If you can fix that, the avatar links will start using HTTPS. The links will not be updated until new comment data is fetched from Discourse though.

I don’t think that customizing the comment_html template will work for solving this problem. I will add a filter to the WP Discourse function that is used for setting the avatar_url. If you are unable to get ‘force https’ working on your forum, you will be able to hook into this filter to rewrite the avatar URLs. I’ll let you know when it’s been added.

1 Like

Until then, I’ve switched the avatar tag for this value

https://forum.latranchee.com/user_avatar/forum.latranchee.com/{username}/50/7670_1.png

Problem solved :white_check_mark:

Thank you for your prompt response.

3 Likes