WordPress.org
Get WordPress

Plugin Directory

Changeset 1503877


Ignore:
Timestamp:
09/27/2016 05:31:04 PM (10 years ago)
Author:
123teru321
Message:

1.3.3

Location:
cfiltering
Files:
110 added
8 edited

Legend:

Unmodified
Added
Removed

  • cfiltering/trunk/collaborative-filtering.php

    r1503847 r1503877  
    55  Description: Recommendation plugin using collaborative filtering
    66  Author: 123teru321
    7   Version: 1.3.2
     7  Version: 1.3.3
    88  Author URI: http://technote.space/
    99  Text Domain: CollaborativeFiltering
     
    2727
    2828//plugin version
    29 define( 'COLLABORATIVE_FILTERING_PLUGIN_VERSION', '1.3.2' );
     29define( 'COLLABORATIVE_FILTERING_PLUGIN_VERSION', '1.3.3' );
    3030
    3131//plugin file name

  • cfiltering/trunk/languages/CollaborativeFiltering-ja.po

    r1503356 r1503877  
    33"Project-Id-Version: collaborative-filtering0.0.0.0.1\n"
    44"POT-Creation-Date: 2016-07-19 20:40+0900\n"
    5 "PO-Revision-Date: 2016-09-27 14:58+0900\n"
     5"PO-Revision-Date: 2016-09-28 02:09+0900\n"
    66"Last-Translator: \n"
    77"Language-Team: \n"
     
    185185msgid "whether to use admin-ajax.php on front page"
    186186msgstr "フロントでadmin-ajax.phpを使用するかどうか"
     187
     188msgid "whether to check referer when ajax access without nonce check"
     189msgstr "nonceチェックをせずにAjaxアクセスする場合にリファラをチェックするかどうか"

  • cfiltering/trunk/lib/common/030-base-class.php

    r1503368 r1503877  
    3333        "show_result" => array( "label" => "whether to set button to show result", "type" => "bool", "default" => COLLABORATIVE_FILTERING_SHOW_RESULT ),
    3434        "front_admin_ajax" => array( "label" => "whether to use admin-ajax.php on front page", "type" => "bool", "default" => COLLABORATIVE_FILTERING_FRONT_ADMIN_AJAX ),
     35        "check_referer" => array( "label" => "whether to check referer when ajax access without nonce check", "type" => "bool", "default" => COLLABORATIVE_FILTERING_CHECK_REFERER ),
    3536    );
    3637

  • cfiltering/trunk/lib/common/090-api-base.php

    r1502487 r1503877  
    326326            }
    327327        } else {
    328             $host = $_SERVER['HTTP_REFERER'];
    329             $str = parse_url( $host );
    330             $server_name = isset( $_SERVER['HTTP_X_FORWARDED_SERVER'] ) ? $_SERVER['HTTP_X_FORWARDED_SERVER'] : $_SERVER['SERVER_NAME'];
    331             if ( !stristr( $str['host'], $server_name ) ) {
    332                 status_header( '403' );
    333                 echo 'Forbidden';
    334                 die;
     328            if ( $this->apply_filters( 'check_referer', COLLABORATIVE_FILTERING_CHECK_REFERER ) ) {
     329                $host = $_SERVER['HTTP_REFERER'];
     330                $str = parse_url( $host );
     331                $server_name = isset( $_SERVER['HTTP_X_FORWARDED_SERVER'] ) ? $_SERVER['HTTP_X_FORWARDED_SERVER'] : $_SERVER['SERVER_NAME'];
     332                if ( !stristr( $str['host'], $server_name ) ) {
     333                    status_header( '403' );
     334                    echo 'Forbidden';
     335                    die;
     336                }
    335337            }
    336338        }

  • cfiltering/trunk/readme.txt

    r1503847 r1503877  
    3232
    3333== Changelog ==
     34
     35= 1.3.3 =
     36* 2016-09-28  Add filter to decide whether to check ajax referer
    3437
    3538= 1.3.2 =

  • cfiltering/trunk/settings.php

    r1503356 r1503877  
    4242define( 'COLLABORATIVE_FILTERING_SHOW_RESULT', true );
    4343define( 'COLLABORATIVE_FILTERING_FRONT_ADMIN_AJAX', true );
     44define( 'COLLABORATIVE_FILTERING_CHECK_REFERER', true );
    4445
    4546//default value

  • cfiltering/trunk/update.json

    r1503847 r1503877  
    33  "slug": "cfiltering",
    44  "download_url": "https://github.com/123teru321/CFiltering/archive/master.zip",
    5   "version": "1.3.2",
     5  "version": "1.3.3",
    66  "tested": "4.6.1",
    77  "homepage": "https://technote.space/",
Note: See TracChangeset for help on using the changeset viewer.