ethanjrt
Forum Replies Created
-
Forum: Plugins
In reply to: [Contact Form 7] Cookies Not Secure (PCI Compliance Fail)Hi Takayuki,
Thanks for your question. Going down my plugin list and further testing a few related plugins helped me figure out that this cookie is actually coming from “Drag and Drop Multiple File Upload for Contact Form 7,” which is maintained by a third party. I am disabling that plugin and opening a request with them instead.
I apologize for taking up your time!
Forum: Plugins
In reply to: [Contact Form 7] Cookies Not Secure (PCI Compliance Fail)Thanks for your reply, Takayuki. The page https://escapenewhaven.com/about was the one that was flagged in the PCI scan, but the problem seems replicated on all pages of the site.
Forum: Plugins
In reply to: [Contact Form 7] Cookies Not Secure (PCI Compliance Fail)A few things I am noticing in trying to hunt down the source of this cookie:
First: This is the code that seems to be creating the cookie. It appears below my footer, right below the tracking codes injected by my tracking code manager plugin.
function dnd_cf7_generateUUIDv4() {
const bytes = new Uint8Array(16);
crypto.getRandomValues(bytes);
bytes[6] = (bytes[6] & 0x0f) | 0x40; // version 4
bytes[8] = (bytes[8] & 0x3f) | 0x80; // variant 10
const hex = Array.from(bytes, b => b.toString(16).padStart(2, "0")).join("");
return hex.replace(/^(.{8})(.{4})(.{4})(.{4})(.{12})$/, "$1-$2-$3-$4-$5");
}document.addEventListener("DOMContentLoaded", function() {
if ( ! document.cookie.includes("wpcf7_guest_user_id")) {
document.cookie = "wpcf7_guest_user_id=" + dnd_cf7_generateUUIDv4() + "; path=/; max-age=" + (12 * 3600) + "; samesite=Lax";
}
});document.addEventListener("DOMContentLoaded", function() {
if ( ! document.cookie.includes("wpcf7_guest_user_id")) {
document.cookie = "wpcf7_guest_user_id=" + dnd_cf7_generateUUIDv4() + "; path=/; max-age=" + (12 * 3600) + "; samesite=Lax";
}
});I can’t figure out where this code is coming from or how to modify it.
Second: Contact Form 7 claims to not use cookies at all unless certain integrations are activated.
= Privacy notices =
With the default configuration, this plugin, in itself, does not:
- track users by stealth;
- write any user personal data to the database;
- send any data to external servers;
- use cookies.
If you activate certain features in this plugin, the contact form submitter’s personal data, including their IP address, may be sent to the service provider. Thus, confirming the provider’s privacy policy is recommended. These features include:
- reCAPTCHA (Google)
- Akismet (Automattic)
- Constant Contact
- Brevo
- Stripe
- Turnstile (Cloudflare)
Under Integrations, the only active integration I had was Akismet. I tried:
- Removing all “akismet: ” prefixes in my contact forms.
- Deactivating Akismet.
However I am still finding (via Chrome Inspector, incognito window) that every visit to every page in my site still includes this code below the footer, and a cookie is still being created.
Forum: Plugins
In reply to: [Tracking Code Manager] Version 2.0.8 Breaks Site FormattingThanks. I’ve opened a ticket (IWPSD-1257) and included screenshots. I have re upgraded to 2.0.10 but limited the gtag code to appearing on a single page to avoid a disruptive page view experience for users. However I plan to revert to 2.0.7 again in 24-48 hours because this means I am losing valuable tracking data.
Thanks,
EthanForum: Plugins
In reply to: [Tracking Code Manager] Version 2.0.8 Breaks Site FormattingHere is my setup for this code in Tracking Code Manager:
<!-- NEW Global site tag (gtag.js) - Google Analytics --> <script async src="https://www.googletagmanager.com/gtag/js?id=AW-XXXXXXX"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'UA-XXXXXXX-1'); gtag('config', 'AW-XXXXXXX'); gtag('config', 'AW-XXXXXXX/XXXXXXXXXXXXXXXX', { 'phone_conversion_number': '(XXX) XXX-XXXX' }); document.addEventListener('wpcf7mailsent', function() { ga('gtag_UA_XXXXXXX_1.send', 'event', 'contact', 'form', location.pathname); }, false ); </script>Position Inside the Code = “Before
</HEAD>“Forum: Plugins
In reply to: [Tracking Code Manager] Version 2.0.8 Breaks Site FormattingUnfortunately neither 2.0.9 nor 2.0.10 fixed the issue for me. This weird code persists, with the tracking code manager starting before
</head>and ending after</body>. Here is the snippet from the source:<!--BEGIN: TRACKING CODE (v2.0.10) MANAGER BY INTELLYWP.COM IN HEAD//--> <!-- NEW Global site tag (gtag.js) - Google Analytics --> </head> <body> <a href="https://www.googletagmanager.com/gtag/js?id=AW-XXXXXXX">https://www.googletagmanager.com/gtag/js?id=AW-XXXXXXX</a> <script src="data:text/javascript,%0D%0A%20%20window.dataLayer%20%3D%20window.dataLayer%20%7C%7C%20%5B%5D%3B%0D%0A%20%20function%20gtag%28%29%7BdataLayer.push%28arguments%29%3B%7D%0D%0A%20%20gtag%28%27js%27%2C%20new%20Date%28%29%29%3B%0D%0A%0D%0A%20%20gtag%28%27config%27%2C%20%27UA-82778403-1%27%29%3B%0D%0A%20%20gtag%28%27config%27%2C%20%27AW-879459243%27%29%3B%0D%0A%20%20gtag%28%27config%27%2C%20%27AW-879459243%2FJ1KNCKeZyKwBEKv3raMD%27%2C%20%7B%0D%0A%20%20%20%20%27phone_conversion_number%27%3A%20%27%28860%29%20576-9997%27%0D%0A%20%20%7D%29%3B%0D%0A%20%20%0D%0A%20%20document.addEventListener%28%27wpcf7mailsent%27%2C%20function%28%29%20%7B%0D%0A%20%20%20%20ga%28%27gtag_UA_XXXXXXX_1.send%27%2C%20%27event%27%2C%20%27contact%27%2C%20%27form%27%2C%20location.pathname%29%3B%0D%0A%7D%2C%20false%20%29%3B%0D%0A%0D%0A" type="text/javascript" defer></script> <!--END: https://ww.wp.xz.cn/plugins/tracking-code-manager IN HEAD//-->I have reverted back to 2.0.7.
- This reply was modified 3 years, 10 months ago by ethanjrt.
Forum: Plugins
In reply to: [Tracking Code Manager] Version 2.0.8 Breaks Site FormattingSame. In my case, my gtag code (which was supposed to be inserted before
</head>) was somehow starting before</head>but then continuing after<body>, and showing up at the top of the body as<a href="(gtag JS file address)">. Reverted back to 2.0.7 and have disabled auto updates until this issue is acknowledged & fixed.Forum: Plugins
In reply to: [Gallery Custom Links] How to activate Lightbox?Thank you for the detailed response, Jordy! I really appreciate the thought you put into this. I have more of a “mess with it until it works” approach, so, while I don’t actually know PHP, I ended up tweaking the plugin earlier today to do what I needed.
Basically I went into the mgcl_linker.php file, found every instance where the image classes are set, and replaced “no-lightbox” with the $rel variable (since I wasn’t using rel for anything else). So now I use the rel= field in each media file to specify the class required by Fancybox for my custom URL to launch properly in a lightbox (e.g. “fancybox-iframe” and “fancybox-image” — depends on what I’m trying to launch). It is working so far… though I realize I can now never update this plugin without reversing these changes. These are the consequences of using “tricks” and I accept them :-p
I’ve pasted the modified mgcl_linker.php file below for reference. (Hopefully this is okay because this is a free plugin? If not, I apologize, and feel free to delete!)
<?php class Meow_Gallery_Custom_Links_Linker { public function __construct( $core ) { $this->core = $core; //add_filter( 'mgcl_linkers', array( $this, 'linker' ), 100, 6 ); } // XXXX: Custom code with $aria, Christoph Letmaier, 14.01.2020 function linker( $element, $parent, $mediaId, $url, $rel, $aria, $target ) { // Let's look for the closest link tag enclosing the image $media = get_post( $mediaId ); $title = the_title_attribute( array( 'echo' => false, 'post' => $media ) ); $potentialLinkNode = $parent; $maxDepth = 5; do { if ( !empty( $potentialLinkNode ) && $potentialLinkNode->tag === 'a' ) { if ( $this->core->enableLogs ) { error_log( 'Linker: The current link (' . $potentialLinkNode->{'href'} . ') will be replaced.' ); } if ( $this->core->parsingEngine === 'HtmlDomParser' ) { $potentialLinkNode->{'href'} = $url; $class = $potentialLinkNode->{'class'}; $class = empty( $class ) ? ( $rel . ' custom-link' ) : ( $class . $rel . ' custom-link' ); $potentialLinkNode->{'class'} = $class; $potentialLinkNode->{'title'} = $title; $potentialLinkNode->{'onclick'} = 'event.stopPropagation()'; if ( !empty( $target ) ) $potentialLinkNode->{'target'} = $target; if ( !empty( $rel ) ) $potentialLinkNode->{'rel'} = $rel; if ( !empty( $aria ) ) $potentialLinkNode->{'aria-label'} = $aria; } else { $potentialLinkNode->attr( 'href', $url ); $class = $potentialLinkNode->attr( 'class' ); $class = empty( $class ) ? ( $rel . ' custom-link' ) : ( $class . $rel . ' custom-link' ); $potentialLinkNode->attr( 'class', $class ); $potentialLinkNode->attr( 'title', $title ); $potentialLinkNode->attr( 'onclick', 'event.stopPropagation()' ); if ( !empty( $target ) ) $potentialLinkNode->attr( 'target', $target ); if ( !empty( $rel ) ) $potentialLinkNode->attr( 'rel', $rel ); if ( !empty( $aria ) ) $potentialLinkNode->attr['aria-label'] = $aria; } return true; } if ( method_exists( $potentialLinkNode, 'parent' ) ) $potentialLinkNode = $potentialLinkNode->parent(); else break; } while ( $potentialLinkNode && $maxDepth-- >= 0 ); // There is no link tag, so we add one and move the image under it if ( $this->core->enableLogs ) { error_log( 'Linker: Will embed the IMG tag.' ); } if ( $this->core->parsingEngine === 'HtmlDomParser' ) { // XXXX: Custom code with $aria, Christoph Letmaier, 22.01.2020 $element->outertext = '<a href="' . $url . '" class="' . $rel . ' custom-link" title="' . $title . '" aria-label="' . $aria . '" onclick="event.stopPropagation()" target="' . $target . '" rel="' . $rel . '">' . $element . '</a>'; } else { if ( $parent->tag === 'figure' ) $parent = $parent->parent(); $a = new DiDom\Element('a'); $a->attr( 'href', $url ); $a->attr( 'class', ( $rel . ' custom-link' ) ); $a->attr( 'onclick', 'event.stopPropagation()' ); $a->attr( 'target', $target ); $a->attr( 'rel', $rel ); // XXXX: Custom code with $aria, Christoph Letmaier, 22.01.2020 $a->attr( 'aria-label', $aria ); $a->appendChild( $parent->children() ); foreach( $parent->children() as $img ) { $img->remove(); } $parent->appendChild( $a ); } return true; } } ?>- This reply was modified 5 years, 9 months ago by ethanjrt.
Forum: Plugins
In reply to: [Gallery Custom Links] How to activate Lightbox?I too would really like an option to keep lightbox enabled! I am trying to use a gallery to open other pages in an iframe (so that the user stays on a single page throughout their experience). I’m using Easy Fancybox so I would need the ability to 1) remove the “.no-lightbox” class, and 2) add a custom class of my own to the link element (e.g. “.lightbox-iframe”). It seems like 7 or 8 other people have also come here looking for the same thing so I am hopeful that this makes it onto your list of feature requests 🙂
- This reply was modified 5 years, 9 months ago by ethanjrt.
Forum: Fixing WordPress
In reply to: How to eliminate "/index.php/" in my page URLsBoom! That’s it! Thank you, Bill! It was under Settings > Permalinks.
Forum: Plugins
In reply to: [Google Forms] Plugin not accepting the updated links from google docsNo, sorry; I just meant I’m using Google’s “embed” link (next to the “link to share” option after you click “Send Form”). Which works fine for a small sidebar signup the way I have it, except that the style clashes a little with the rest of my site and the form doesn’t appear for anyone whose browser doesn’t accept 3rd-party cookies.
Forum: Plugins
In reply to: [Google Forms] Plugin not accepting the updated links from google docsI’m having the same problem. I’m really glad you’re working on it! Using regular embedded Google form in the interim.