squarecandy
Forum Replies Created
-
That’s great to hear the got back to you so quickly. Thanks for looking into it. Is there any documentation on the new filters?
+1 – experiencing this despite DKIM & SPF authorized transactional email sending via AWS SES that works for all other system emails.
Forum: Plugins
In reply to: [Advanced Custom Fields: Font Awesome Field] API Token SecurityThanks for considering it! No timelines expected on a free plugin, just wanted to log the suggestion.
For kits intended for use on only one site, the security issue can be mitigated by restricting to a certain domain. But we have some cases where we want to keep it open so we can let a bunch of domains make use without having to login to fontawesome.com and allow each one individually.
also curious about this.
Forum: Plugins
In reply to: [Advanced Custom Fields: Extended] WYSIWYG delayed in nested repeatersFantastic, thanks! Look forward to testing this on the next release. We probably won’t get to testing the snippet before then, but I’ll let you know if we do.
Forum: Plugins
In reply to: [Multiple Roles] Maintenance StatusWe’ve been testing on 6.3.2 and it’s working great!
Thanks for your response and for looking into this.
Forum: Plugins
In reply to: [ICS Calendar] Accessibility of Month Grid Toggle and Lightbox optionsSounds great, thanks again for looking into this.
Forum: Plugins
In reply to: [ICS Calendar] Accessibility of Month Grid Toggle and Lightbox optionsThanks for the work you’ve done so far on this. It’s an improvement for sure. Some feedback/additional fixes to what you have implemented:
tabindex="0"is now assigned to every title no matter what. This seems wrong as only some of them do something. It should only be applied to the items with the .has_desc class – so that only items that operate as a toggle for a lightbox or expanding section can be focused.- The workflow in term of the tab order of things on the page works well when you first arrive. It also successfully focuses on the X/close button when you open it. However – once you close it, focus should be placed back on the .title.has_desc item you clicked on. This would let keyboard only users browser around the calendar easily. Give it a try – try to explore multiple popups using just the keyboard and not touching your mouse at all. You’ll see quickly how frustrating it is to have focus moved back to the top of the page when you close the lightbox.
Forum: Plugins
In reply to: [ICS Calendar] Accessibility of Month Grid Toggle and Lightbox optionsFantastic, thanks. We will take a look and test it later this week.
Forum: Plugins
In reply to: [ICS Calendar] Accessibility of Month Grid Toggle and Lightbox optionsSounds great, thanks for looking into it!
Here’s some info about using
aria-expandedif you wanted to implement that at the same time to help out screen reader users:https://www.accessibility-developer-guide.com/examples/sensible-aria-usage/expanded/
Whoops, looks like your email is not working currently.
554 5.1.1 <[email protected]>: Recipient address rejected: undeliverable address: host mail-outgoing.**************.local
550 5.7.1 <[email protected]>: Recipient address rejected: Mailbox is out of service (in reply to RCPT TO command)
Awesome, thanks for the info! Really looking forward to seeing 4.0 and how things progress. Sending you an email about a few other things separately.
Forum: Plugins
In reply to: [WooCommerce Stripe Payment Gateway] Author needs to strengthen securityThanks @gmorrison for posting here.
I just wanted to clarify some of the research we have already done and what we are asking for from the WC dev team.
The existing situation:
- The existing setup to connect to stripe definitely encourages a default to using Standard Keys. There have been some claims that Restricted Keys work, but they appear to trigger errors in the dashboard when implemented, even if they technically work. See https://github.com/woocommerce/woocommerce-gateway-stripe/issues/634
- The standard setup also stores the keys in plaintext in the database. This is a highly insecure setup. Especially when paired with an unrestricted key, but both should be resolved.
What are we asking for?
- Full support for Restricted Stripe API Keys
- Full documentation for how to use/setup Restricted Keys and what the minimum required permissions are
- Ability to add all sensitive settings (Test and Live Secret and Publishable keys + test and live webhook secrets) via constant in wp-config.php
But I think more importantly – after those things are accomplished we want to see the documentation for setup change so that it encourages the most secure secure setup from the start, instead of the easiest to implement.
You can see our proposed shim solution here, but we would much rather see these features actually integrated into the plugin code. https://github.com/squarecandy/woocommerce-stripe-securit
+1 – yes please.
It’s also I think fine to keep it as a plugin that is supported by the @wordpressdotorg team and Automattic indefinitely.
Has anyone here heard any updates on an official EOL for this plugin?
This post from November 2018 has some old and somewhat contradictory info in it:First it says…
The Classic Editor plugin will be officially supported until December 31, 2021.
… indicating that it will hit EOL Jan 1 2022. But then it also says…
In 2021 we will evaluate continuing maintenance of the plugin, based on usage. We expect continued maintenance to be fairly trivial.
Anyone heard anything official on the matter? Huge decisions about our entire fleet of custom websites is on the line, and I’m sure many of you are in the same boat. All of the options if official Classic Editor support gets dropped seem equally bad: Convert Everything to Gutenberg; Be responsible for maintaining Classic Editor by ourselves; Move to something like ClassicPress; Have outdated insecure plugins. #4 breaks our contract with our clients and 1-3 all involve massive amounts of time/labor.
Forum: Plugins
In reply to: [Advanced Editor Tools] Layout Error Firefox, latestI’m getting this too – but not related to Advanced Editor Tools plugin. Did you find a fix? Just on any site with Classic Editor in FireFox