Using routes for ajax calls from admin when FORCE_SSL_ADMIN is true

[olitooni]

Hi,

I encountered a problem when setting up routes on a Wordpress installation that has the FORCE_SSL_ADMIN flag set to true.

If I want to use a route in an ajax script fetching the url with the route_url() method it will always use the protocol of the public site even though i'm calling it from admin. That's an issue because browsers will not allow that:

Mixed Content: The page at 'https://localhost/wp-admin/admin.php?page=testPage' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://localhost/testRoute'. This request has been blocked; the content must be served over HTTPS.

I'm not sure this is a good solution but fixed this in a forked version by changing the return statement of the Router::url() method like so:

74a98ec110187480d2d2bd5fefdb40ae6b77effb

Do you think this is a sustainable solution? I can send a pull request if you would like?

Thanks and what great lib btw!