WordPress.org
Get WordPress

Plugin Directory

Changeset 3102015


Ignore:
Timestamp:
06/12/2024 08:30:35 PM (21 months ago)
Author:
CodeBard
Message:
  • An issue that made it possible to circumvent image locking by sending a specific referrer header was fixed. Now locked images should not allow circumvention of the protection via referer header
Location:
patreon-connect/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • patreon-connect/trunk/classes/patreon_protect.php

    r3088470 r3102015  
    646646RewriteEngine On
    647647RewriteBase /       
    648 RewriteCond %{REQUEST_FILENAME} (\.png|\.jpg|\.gif|\.jpeg|\.bmp)
    649 RewriteCond %{HTTP_REFERER} !^wp-admin [NC]
     648RewriteCond %{REQUEST_FILENAME} (\.png|\.jpg|\.gif|\.jpeg|\.bmp) [NC]
    650649RewriteRule ^" . $upload_dir . "/(.*)$ index.php?patreon_action=serve_patron_only_image&patron_only_image=$1 [QSA,L]
    651650# END Patreon WordPress".PHP_EOL;

  • patreon-connect/trunk/patreon.php

    r3088470 r3102015  
    55Plugin URI: https://www.patreon.com/apps/wordpress
    66Description: Patron-only content, directly on your website.
    7 Version: 1.9.0
     7Version: 1.9.1
    88Author: Patreon <platform@patreon.com>
    99Author URI: https://patreon.com
     
    6969define( "PATREON_NO_LOCKING_LEVEL_SET_FOR_THIS_POST", 'Post is already public. If you would like to lock this post, please set a pledge level for it' );
    7070define( "PATREON_NO_POST_ID_TO_UNLOCK_POST", 'Sorry - could not get the post id for this locked post' );
    71 define( "PATREON_WORDPRESS_VERSION", '1.9.0' );
     71define( "PATREON_WORDPRESS_VERSION", '1.9.1' );
    7272define( "PATREON_WORDPRESS_BETA_STRING", '' );
    7373define( "PATREON_WORDPRESS_PLUGIN_SLUG", plugin_basename( __FILE__ ) );

  • patreon-connect/trunk/readme.txt

    r3088470 r3102015  
    55Requires PHP: 7.4
    66Tested up to: 6.5.3
    7 Stable tag: 1.9.0
     7Stable tag: 1.9.1
    88License: GPLv2 or later
    99License URI: https://www.gnu.org/licenses/gpl-2.0.html
     
    7979
    8080== Upgrade Notice ==
     81
     82= 1.9.1 =
     83
     84* An issue that made it possible to circumvent image locking by sending a specific referrer header was fixed. Now locked images should not allow circumvention of the protection via referer header
    8185
    8286= 1.9.0 =
     
    507511
    508512== Changelog ==
     513
     514= 1.9.1 =
     515
     516* An issue that made it possible to circumvent image locking by sending a specific referrer header was fixed. Now locked images should not allow circumvention of the protection via referer header
    509517
    510518= 1.9.0 =
Note: See TracChangeset for help on using the changeset viewer.