Changeset 1070808

Timestamp:

01/19/2015 06:01:40 AM (10 years ago)

Author:

tollmanz

Message:

Sync with Github.

Location:

https-mixed-content-detector

Files:

• assets/screenshot-1.png (modified) (previous)
• assets/screenshot-2.png (added)
• trunk/beacon.php (modified) (6 diffs)
• trunk/config.php (modified) (1 diff)
• trunk/helpers.php (modified) (5 diffs)
• trunk/https-mixed-content-detector.php (modified) (4 diffs)
• trunk/policy.php (modified) (1 diff)
• trunk/readme.txt (modified) (3 diffs)
• trunk/violation-locations (added)
• trunk/violation-locations/content-autoembed.php (added)
• trunk/violation-locations/content-base.php (added)
• trunk/violation-locations/content-filtered.php (added)
• trunk/violation-locations/content-raw.php (added)
• trunk/violation-locations/content-shortcode.php (added)
• trunk/violation-locations/enqueue-base.php (added)
• trunk/violation-locations/enqueue-script.php (added)
• trunk/violation-locations/enqueue-style.php (added)
• trunk/violation-locations/violation-location-base.php (added)
• trunk/violation-locations/violation-location-collection.php (added)
• trunk/violation-locations/violation-location-interface.php (added)
• trunk/wp-cli.php (modified) (4 diffs)

https-mixed-content-detector/trunk/beacon.php

@@ -72 +72 @@
             'show_in_admin_bar'   => false,
             'menu_position'       => 25,
-            'menu_icon'           => null,
+            'menu_icon'           => ,
             'can_export'          => false,
             'delete_with_user'    => false,
@@ -115 +115 @@
     public function manage_edit_csp_report_columns( $columns ) {
         unset( $columns['title'] );
-
-        $columns['blocked-uri']        = __( 'Blocked URI', 'zdt-mdc' );
-        $columns['document-uri']       = __( 'Document URI', 'zdt-mdc' );
-        $columns['referrer']           = __( 'Referrer', 'zdt-mdc' );
-        $columns['violated-directive'] = __( 'Violated Directive', 'zdt-mdc' );
-        $columns['original-policy']    = __( 'Original Policy', 'zdt-mdc' );
+        unset( $columns['date'] );
+
+        $columns['blocked-uri']        = __( 'Blocked URI', 'zdt-mcd' );
+        $columns['document-uri']       = __( 'Document URI', 'zdt-mcd' );
+        $columns['referrer']           = __( 'Referrer', 'zdt-mcd' );
+        $columns['violated-directive'] = __( 'Violated Directive', 'zdt-mcd' );
+        $columns['report-date']        = __( 'Date', 'zdt-mcd' );
+        $columns['location']           = __( 'Location', 'zdt-mcd' );
+        $columns['resolve-status']     = __( 'Resolved', 'zdt-mcd' );
+        $columns['secure-status']      = __( 'Secure URI', 'zdt-mcd' );
 
         return $columns;
@@ -137 +141 @@
         switch ( $column ) {
             case 'blocked-uri' :
-                echo esc_url( get_the_title( $post_id ) );
+                echo esc_url( get_ ) );
                 break;
 
@@ -154 +158 @@
                 break;
 
-            case 'original-policy' :
-                $original_policy = get_post_meta( $post_id , 'original-policy' , true );
-                echo ( ! empty( $original_policy ) ) ? esc_html( wp_strip_all_tags( $original_policy ) ) : __( 'N/A', 'zdt-mcd' );
+            case 'report-date' :
+                echo human_time_diff( get_the_date( 'U', get_the_ID() ) );
+                break;
+
+            case 'location':
+                $location_id = get_post_meta( get_the_ID(), 'location', true );
+                $collector = mcd_get_mixed_content_detector()->violation_location_collector;
+                $location = $collector->get_item( $location_id );
+
+                if ( method_exists( $location, 'get_location_name' ) ) {
+                    echo esc_html( $location->get_location_name() );
+                } else if ( 'unknown' === $location_id ) {
+                    echo __( 'Unknown', 'zdt-mcd' );
+                } else {
+                    echo __( 'N/A', 'zdt-mcd' );
+                }
+
+                break;
+
+            case 'resolve-status':
+                echo ( 1 === (int) get_post_meta( get_the_ID(), 'resolved', true ) ) ? __( 'Yes', 'zdt-mcd' ) : __( 'No', 'zdt-mcd' );
+                break;
+
+            case 'secure-status':
+                $status = (int) get_post_meta( get_the_ID(), 'valid-https-uri', true );
+
+                if ( 1 === $status ) {
+                    $message = __( 'Yes', 'zdt-mcd' );
+                } elseif ( 0 === $status ) {
+                    $message = __( 'No', 'zdt-mcd' );
+                } else {
+                    $message = __( 'Unknown', 'zdt-mcd' );
+                }
+
+                echo $message;
                 break;
         }
@@ -171 +207 @@
      */
     public function handle_report_uri() {
-        // If you can turn on the plugin, the beacon should work for you
-        if ( ! current_user_can( 'activate_plugins' ) ) {
-            return;
-        }
-
         // Check to make sure the a beacon request has been made
         if ( ! isset( $_GET['mcd'] ) || 'report' !== $_GET['mcd'] ) {
             return;
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
         }
 
@@ -229 +280 @@
         }
 
+
+
+
         // Check if the domain supports HTTPS
         if ( isset( $clean_data['blocked-uri'] ) ) {

https-mixed-content-detector/trunk/config.php

@@ -24 +24 @@
     define( 'MCD_MONITOR_FRONT_END', true );
 }
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+

https-mixed-content-detector/trunk/helpers.php

@@ -8 +8 @@
  *
  * @param  int         $num    The number of violations to query.
+
  * @return WP_Query            The WP_Query containing the violations
  */
-function mcd_get_violation_wp_query( $num = 999 ) {
+function mcd_get_violation_wp_query( $num = 999 ) {
     // Determine number of violations to display
     $num = ( ! empty( $num ) ) ? intval( $num ) : 999; // Use intval to allow -1 if desired
 
-    // Query for all violations
-    $violations = new WP_Query( array(
-        'post_type' => 'csp-report',
+    $args = array(
+        'post_type'      => 'csp-report',
         'posts_per_page' => $num,
-        'no_found_rows' => true,
-    ) );
-
-    return $violations;
+        'no_found_rows'  => true,
+    );
+
+    // If a specific ID is queried, add it to the query
+    if ( 0 !== $id ) {
+        $args['p']              = absint( $id );
+        $args['posts_per_page'] = 1;
+    }
+
+    return new WP_Query( $args );
 }
 endif;
@@ -46 +52 @@
  *
  * @param  int      $num    The number of violations to get.
+
  * @return array            The data for the violations.
  */
-function mcd_get_violation_data( $num = 999 ) {
+function mcd_get_violation_data( $num = 999 ) {
     // Set a data collector
     $data = array();
 
     // Query for the violations
-    $violation_wp_query = mcd_get_violation_wp_query( $num );
+    $violation_wp_query = mcd_get_violation_wp_query( $num );
 
     // Package up the important data
@@ -69 +76 @@
             $original_policy = ( ! empty( $original_policy ) ) ? $original_policy : __( 'N/A', 'zdt-mcd' );
 
+
+
+
             $valid_https_uri = get_post_meta( get_the_ID(), 'valid-https-uri', true );
             $valid_https_uri = ( '0' === $valid_https_uri || '1' === $valid_https_uri ) ? intval( $valid_https_uri ) :  -1;
@@ -74 +84 @@
             $data[ get_the_ID() ] = array(
                 'id'                 => get_the_ID(),
-                'blocked-uri'        => get_the_title(),
+                'blocked-uri'        => get_),
                 'document-uri'       => get_post_meta( get_the_ID(), 'document-uri', true ),
                 'referrer'           => $referrer,
                 'violated-directive' => $v_directive,
                 'original-policy'    => $original_policy,
+
                 'resolved'           => absint( get_post_meta( get_the_ID(), 'resolved', true ) ),
                 'valid-https-uri'    => $valid_https_uri,
@@ -245 +256 @@
 }
 endif;
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+

https-mixed-content-detector/trunk/https-mixed-content-detector.php

@@ -4 +4 @@
  * Plugin URI:     https://github.com/tollmanz/wordpress-https-mixed-content-detector
  * Description:    A tool for proactively detecting mixed content issues in TLS enabled WordPress websites.
- * Version:        1.1.0
+ * Version:        1..0
  * Author:         Zack Tollman
  * Author URI:     https://www.tollmanz.com
@@ -25 +25 @@
      * @var   string    The semantically versioned plugin version number.
      */
-    var $version = '1.1.0';
+    var $version = '1..0';
 
     /**
@@ -53 +53 @@
      */
     var $url_base = '';
+
+
+
+
+
+
+
+
+
 
     /**
@@ -97 +106 @@
         include $this->root_dir . '/policy.php';
 
+
         if ( defined('WP_CLI') && WP_CLI ) {
             include $this->root_dir . '/wp-cli.php';
         }
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
     }
 }

https-mixed-content-detector/trunk/policy.php

@@ -54 +54 @@
      */
     public function add_cps_header() {
-        if ( ! is_user_logged_in() ) {
-            return;
+        /**
+         * The CSP header is added should be added if we are in sample mode or if not in sample mode *and* logged in.
+         * Sample mode will set set a header for every request; however, the beacon will only accept
+         * MCD_SAMPLE_FREQUENCY percent of requests.
+         */
+        if ( false === MCD_SAMPLE_MODE ) {
+            if ( ! is_user_logged_in() ) {
+                return;
+            }
         }
 

https-mixed-content-detector/trunk/readme.txt

@@ -4 +4 @@
 Requires at least: 4.0.1
 Tested up to: trunk
-Stable tag: 1.1.0
+Stable tag: 1..0
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
@@ -35 +35 @@
 
 1. Content Security Policy reports are collected in the Content Security Policy Reports list table.
+
 
 == Changelog ==
+
+
+
+
+
 
 = 1.1.0 =
@@ -54 +60 @@
 == Upgrade Notice ==
 
+
+
+
 = 1.1.0 =
 Adds HTTPS domain checking, WP CLI commands and more specific CSP directives

https-mixed-content-detector/trunk/wp-cli.php

@@ -42 +42 @@
                             $value = $unresolved;
                         } else {
-                            $value = __( '-', 'zdt-mdc' );
+                            $value = __( '-', 'zdt-m' );
                         }
                     }
@@ -59 +59 @@
             // Set up the Headers and Footers
             $header_footers = array(
-                __( 'ID', 'zdt-mdc' ),
-                __( 'Blocked URI', 'zdt-mdc' ),
-                __( 'Document URI', 'zdt-mdc' ),
-                __( 'Referrer', 'zdt-mdc' ),
-                __( 'Violated Directive', 'zdt-mdc' ),
-                __( 'R', 'zdt-mdc' ),
-                __( 'S', 'zdt-mdc' ),
+                __( 'ID', 'zdt-mcd' ),
+                __( 'Blocked URI', 'zdt-mcd' ),
+                __( 'Document URI', 'zdt-mcd' ),
+                __( 'Referrer', 'zdt-mcd' ),
+                __( 'Directive', 'zdt-mcd' ),
+                __( 'Location', 'zdt-mcd' ),
+                __( 'R', 'zdt-mcd' ),
+                __( 'S', 'zdt-mcd' ),
             );
 
@@ -77 +78 @@
             WP_CLI::line( "\n  R = Resolved, S = Secure URI Available\n" );
         } else {
-            WP_CLI::warning( __( 'There are no CSP violations logged.', 'zdt-mdc' ) );
+            WP_CLI::warning( __( 'There are no CSP violations logged.', 'zdt-m' ) );
         }
     }
@@ -254 +255 @@
         WP_CLI::success( $message );
     }
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
 }
 endif;