Force WP JSON REST API endpoints to always be served over HTTPS.
Contributors: fjarrett
Tags: api, json, REST, rest-api, ssl, https, security
Requires at least: 3.9
Tested up to: 4.1
Stable tag: trunk (master)
License: GPLv2 or later
Did you find this plugin helpful? Please consider leaving a 5-star review.
Note: This plugin requires the JSON REST API (WP API) plugin.
For site owners who want the WP API served over SSL always and forever.
All HTTP requests to the JSON REST API will be 301 redirected to their HTTPS equivalent.
If for some reason you don't want to use a plugin to do this, you can also just add this hook to your theme: https://gist.github.com/fjarrett/8cd04bd33e49bbd6e3b7
Development of this plugin is done on GitHub. Pull requests welcome. Please see issues reported there before going to the plugin forum.
- Ensure safe local redirects by using wp_safe_redirect() instead of wp_redirect()
Props johnjamesjacoby
- Initial release
Props fjarrett