Use SSL to download plugins from the Marketplace #7582

Task c: Security Backlog (Help wanted)
@mattab opened this Issue on March 30th 2015 Member

The goal of this issue is to have Piwik core download plugins and themes from the Marketplace over SSL when supported.

If upgrade of plugins fail over HTTPS, over fallback to HTTP update of plugins (helping users keeping plugins up to date is vital)

Follows up: #6441, Refs #7488

@SimonWaters commented on August 4th 2016

Note that to do https fetches WordPress implements a copy of the Mozilla CA list.

@ziegenberg commented on September 28th 2021 Contributor

I think this can be closed because Matomo already does try to use HTTPS when supported on the server-side. See https://github.com/matomo-org/matomo/blob/2ac2bc1aeaf8efce6bb9af92506311da99e1757f/plugins/Marketplace/config/config.php#L8-L16

@bx80 commented on July 7th 2022 Contributor

I believe this has been now been resolved by PR https://github.com/matomo-org/matomo/pull/19098

This Issue was closed on July 7th 2022
Home | Back
Powered by GitHub Issue Mirror
Privacy Policy