SSL Insecure Content Fixer v2.2.2

SSL Insecure Content Fixer v2.2.2 has just been released. This release makes protocol header tests case-insensitive; adds support for Amazon’s `CloudFront-Forwarded-Proto` header; and cleans up responsive image srcset links to external images.

It seems that some servers are sending headers with values like “HTTPS” instead of “https”, or “ON” instead of “on”. Thanks to waja, this plugin now handles those servers properly too.

Websites that use Amazon CloudFront sometimes don’t get the standard HTTP_X_FORWARDED_PROTO header. Thanks to gmazovec, you can now select the option to detect HTTPS using the HTTP_CLOUDFRONT_FORWARDED_PROTO header. CloudFront can be configured to send this header when you want it to cache different content for HTTP and HTTPS.

When you paste an image tag into your content for an external image, and it contains a srcset for responsive image sizes, those sizes are now also cleaned up and converted to https when you have the fixer setting at Content or higher.

You can update to version 2.2.2 from your WordPress plugin admin page. Here’s the full changelog for SSL Insecure Content Fixer.