dimdim
Forum Replies Created
-
Hi Ben,
Apologies for the delay.
I’ve just tested your latest test build and it is working fine.
The initial issue where the Class “SFR\App” could not found is resolved.I’m looking forward to use the production version including this fix.
Thanks for everything!
Best regardsForum: Plugins
In reply to: [File Upload Types by WPForms] Sanitizing style tag in SVGHi Mike,
Thanks for the quick response and the provided example.
It’s unfortunate that no fix will be provided, as extending this via an extra filter could be very useful for developers to apply in custom scenarios. Right now, we’re a bit stuck with the fact that SVGs can’t be properly uploaded to the WordPress Media Library (note, I’m speaking as an admin / content creator – not about an end-user submitting those files).
I completely understand the security concerns you raised, but it would be great if there were some flexibility for such use cases.
To have better understanding about my use case, you can find a screen recording where I try to upload an SVG via the admin portal, but the colors got removed due to the style tags being removed.Also, I’d like to point out that similar risks exist in HTML files, where styles like
background-image: url("javascript:alert('XSS via css')");are still allowed and not stripped. So in terms of consistency, it does feel a bit contradictory.Hope this can be reconsidered.
Thanks,Forum: Plugins
In reply to: [File Upload Types by WPForms] Sanitizing style tag in SVGHi Mike,
Thanks for getting back.
I understand the security measures in place, but I still have a question about this.
It makes sense that CSS injections (using the style-tag) are checked there, but I’m curious about the discrepancy in how SVGs are treated compared to HTML. Wouldn’t the attack vector be the same for both?
It seems more consistent to me that the sanitation do allow/block the same things.That said, I’m happy to hear we, as developer, will be able to override this with some custom behavior :).
Is there a way for me to track the progress on this feature, or do you have an estimate when this will become available?Thanks in advance!
Kind regardsThanks for getting back with this test version.
However, I’m getting an exception:
Fatal error: Uncaught Error: Failed opening required ‘<root path>\wp-content\plugins\simple-feature-requestsvendor/autoload.php’
The directory seperator between__DIR__and the hardcodedvendor/autoload.phppath is missing.
Once that one is added (e.g.require_once __DIR__ . '/vendor/autoload.php';), everything works as expected.Would it be possible to send another test version?
Kind regards
Hi Ben,
Could it be the suggested change did not made it in the latest release (while it is being mentioned in the changelog)?
I couldn’t find it in the diff of the latest release.
Would it be possible to check?
Thanks in advance!Hi Ben,
The issue still persist on v2.4.6.1.
Applying the same code change resolved it again.We’re currently using php 8.2.11.
Best regards
Forum: Plugins
In reply to: [Stars Rating] Stars Rating not using settings of enabled post typesHi Fahid,
The issue was indeed resolved since v4.0.6.
Thanks for your support!
Forum: Plugins
In reply to: [Stars Rating] Stars Rating not using settings of enabled post typesHi,
I’ve tried it again with v4.0.5, but we still encounter the issue.
There is only one post type on which the stars rating feature should be activated and that is correctly reflected in the settings: https://www.awesomescreenshot.com/image/52869526?key=3634c77f070c5a889840a4b2efb4f6ad
However, all post types are now getting the stars rating feature, which is not intended on our website.E.g. even blog posts are getting the review section:
https://www.awesomescreenshot.com/image/52869577?key=872f88bc8ad8d0a9754e5e8892c09078This means we should still use v4.0.3 (which is working fine for us), but we would like to keep our plugins up-to-date :).
When reapplying the status checks in
public/stars-rating-public.phpforrating_average_markup&rating_average_shortcode, everything is working fine again.Let me know if you need additional information.
Best regards,
Forum: Plugins
In reply to: [WooCommerce] Plugin has impact on rendered excerptsHi Shameem,
I have disabled all other plugins and switched from theme. It seems like the trimming code I mentioned earlier conflicts with the OnePress theme.
I would like to show you how a small code change on you end could resolve the issue for us as well as for other using the OnePress theme / other affected themes.
(See my recording where I’m just moving the trimming code some lines below.)I was even wondering why the WooCommerce plugin should trim the content when rendering blocks (‘render_block’-filter). Could you give me a valid explanation why it’s done there?
The documented summary of the ‘add_data_attributes’-method only mentions data-attributes are added for woocomerce-namespaced blocks, while it manipulates all block contents.(The OnePress theme is applying the ‘the_content’-filter on the blog post content which is then underlying calling the wp ‘do_blocks’ method, which then applies the ‘render_block’-filter. Hence newlines are extracted from the output of the ‘do_blocks’ method resulting in the recorded UI-change.)
Looking forward to hearing from you!
Forum: Plugins
In reply to: [WooCommerce] Plugin has impact on rendered excerptsHi Shameem,
I was referring to the WordPress blog posts being rendered different.
I’ve recorded my findings on our beta website to not influence our production site, but the behaviour is still the same.Thanks in advance!
Forum: Plugins
In reply to: [Stars Rating] Stars Rating not using settings of enabled post typesHi Fahid,
We are using your plugin for some post types, but not all of them.
However, after updating to version 4.0.4, your plugin is showing up for all post types including those we don’t want.It would be nice to have the option back working to only enable the stars rating for specific post types.
Kind regards