WP Core hard coded to use http://www.w3.org/1999/xhtml not HTTPS

There isn’t a proper https/SSL variant of the link you have given, so probably, likely you are getting problems when enforcing it – no matter how you do it. I strongly assume that is the reason why the “unsecure” URL is used in the first place.

From comment:

So does this mean it is impossible to have a truly secure dashboard?

Firstly I’d say, the URL you are talking about is more or less documentary. Secondly, if an external source is malicious, then it really doesn’t matter if it is accessed via SSL or not.

Related Posts:

  1. Use a different domain for SSL
  2. Share same domain for wp-admin but for different website
  3. How to get the post editor and media library to respect HTTPS administration mode?
  4. Upgrade to SSL Breaks Admin Dashboard
  5. SSL Partially breaking admin panel and elementor
  6. Why is there an intermediate redirect to https://public-url.org/wp-admin?
  7. FORCE_SSL_ADMIN not working
  8. Too many redirects after added SSL redirect on port 80 virtual host
  9. Have different site location for wp-admin in IIS
  10. Wp-admin loguts me. When sign with Wp_singon
  11. Having SSL enabled on admin, but disabled on post preview and live preview?
  12. Mixed content and expired session issues with SSL and wp-admin
  13. SSL doesn’t deliver parts of WordPress Administration Module
  14. Forcing WordPress Administration onto a separate SSL Host
  15. ‘Too many redirects’ error after changing site URL in WordPress [closed]
  16. Https Website: CSS and JS files load in http and admin page does not load too
  17. sortable custom column in media library
  18. how do I force a single column layout in screen layout
  19. Sortable admin columns, when data isn’t coming from post_meta
  20. wp_list_table search box does not show
  21. How to remove the site health dashboard widget?
  22. stop redirection on /wp-admin call to /wp-login
  23. How to Display Post Excerpts in Admin by Default?
  24. Wp3.5 Media Gallery Edit modal: change captions to title
  25. What is the capability that permits access to WP-Admin?
  26. WordPress in sub directory wp-admin problem
  27. Admin account only shows Profile and Dashboard with no activity
  28. Is it possible to set a option, and then redirect to another page directly from a admin notice link?
  29. Adding body class to login page?
  30. Edit a WordPress site without the username and password?
  31. WordPress admin menu gap when debug mode is enabled?
  32. Call to undefined function insert_with_markers
  33. How can I remove the new stats message? [closed]
  34. AJAX requests broken due to HTTPS for wp-admin
  35. How to inhibit dashboard and profile management access to normal users?
  36. Admin Blank Page with Working Front-End After Updating to WordPress 4.6
  37. Why can’t I exclude private posts from this query?
  38. Distinguish profile user and admin user IDs / get ID of user being edited
  39. Moved wordpress from localhost to live and wp-admin shows white screen
  40. Auto create post title in admin
  41. Cannot Access Admin Area After Migration
  42. Redirect non-admin users away from wp-admin/index.php (main dashboard page) to wp-admin/profile.php
  43. Modify wp-admin page header ‘viewport’ meta data
  44. The uploaded file exceeds!
  45. wp-admin – 404 after custom login form
  46. How to apply a CSS file to my admin pages?
  47. How to create admin tabs [closed]
  48. Having troubles connecting to WordPress login page using Mamp
  49. Remove or move admin submenus under a new menu
  50. Where can I find admin-header.php file online?
  51. class-wp-hook.php on line 288
  52. Can content be recovered in this situation?
  53. Efficient way to check local WordPress php files and Database for malicious code? [duplicate]
  54. How to disable categories/most used in ‘add new post’?
  55. Is it possible to create two different wp-admins for a wp website
  56. Am I able to change the name of /wp-admin/options-general.php?
  57. how to customize the default #adminmenu in wp-admin
  58. blocking the admin section (but still using admin-ajax.php)
  59. WP Admin messed up
  60. Why is WordPress enqueuing admin relevant scripts (e.g., React, ReactDOM, Redux, hooks, TinyMCE etc) when not logged in?
  61. wp-login not found – All usual solutions not working
  62. Is there a filter to edit html of user-edit.php
  63. Why when I try to access to this old WordPress site it is opened the installation page?
  64. What do I need for testing a single script in admin
  65. Cannot change Connection Information in admin interface
  66. How can I remove unwanted word on my WP site?
  67. Add custom fields to a page template, admin side
  68. Error messages & can’t reach admin after upgrading to 3.4.1 WordPress
  69. WordPress blog clone.. wp-admin issue
  70. How to take the help button and link off the dashboard
  71. Newly created user role not displaying on users screen
  72. Could not override the url in wp-config file
  73. How do I fix wp-admin error when exporting reusable blocks?
  74. issue with wordpress [wp-admin] redirects, when using kubernetes ingress hosting two wordpress websites using path
  75. Can’t acces login on new site
  76. WordPress Admin Panel Left Sidebar No showing on Post create page
  77. How to remove the color picker code from users-edit.php
  78. wp-config.php not affecting my site
  79. How to prevent spams from admin-ajax.php file?
  80. After changing Site http to https, can’t access wp login page with a digitalocean hosting
  81. wp-admin and wp-login.php not Accessible after Cloudflare
  82. Strange wp-admin problem for all users/adminstrators except the original one?
  83. Get rendered HTML of Page in Admin Area
  84. adding existing menu page on new customer user role
  85. stop customize.php redirect to login page if admin is not logged in
  86. Google flagged a wp-admin redirect as phishing
  87. Organising and display thousands of photos in media library
  88. Problem with admin columns
  89. Checkbox not showing as checked on UserProfile (even with checked=”checked”)
  90. Get URL of current featured image with JS in edit post view
  91. Added fields in quick edit screen need to update at the moment
  92. Custome column sort by date not title
  93. Block tools menu in wp-admin?
  94. is_admin() triggers error
  95. WordPress Admin: open popup window on a custom button
  96. No HTML/Visual mode option in admin panel (New Post)
  97. Removing Author name
  98. Taking over a WordPress site
  99. WordPress blog fails to open
  100. LinkControl not showing suggestions when used on admin page