Context Navigation

← Previous Changeset
Next Changeset →

Changeset 3226477

Timestamp:

01/21/2025 07:52:19 PM (15 months ago)

Author:

parasolbrowsing

Message:

Updating to version 1.1

Location:

parasol

Files:

: 5 added
: 3 edited

Legend:

: Unmodified
: Added
: Removed

parasol/trunk/config.php

-                      r3223111
+                      r3226477
 <?php
+if (!defined('ABSPATH')) {
+  exit;
+/**
+ * Configuration file for Parasol Plugin
+ *
+ * This file contains configuration settings for the Parasol plugin.
+ * It defines constants, API keys, URLs, and other settings used by the plugin.
+ *
+ * @package Parasol
+ */
+if ( ! defined( 'ABSPATH' ) ) {
+    exit;
+}
+define('PARASOL_API', 'https://api.parasolbrowsing.com');
+define('PARASOL_API_KEY', 'cf20c948293a16db47d5e5e0371ec883');
+define('PARASOL_CLOUDFRONT_KEY_ID', 'K2X7KRV1T2NPUT');
+define('PARASOL_ENV', 'prod');
+define('PARASOL_PRIVATE_KEY', '-----BEGIN RSA PRIVATE KEY-----
+define( 'PARASOL_API', 'https://api.parasolbrowsing.com' );
+define( 'PARASOL_API_KEY', 'cf20c948293a16db47d5e5e0371ec883' );
+define( 'PARASOL_CLOUDFRONT_KEY_ID', 'K2X7KRV1T2NPUT' );
+define( 'PARASOL_ENV', 'prod' );
+define(
+    'PARASOL_PRIVATE_KEY',
+    '-----BEGIN RSA PRIVATE KEY-----
 MIIEpQIBAAKCAQEA7DLfPUF7UtKIEB2+ZVjFf/7ATac97mmoPpI27ZKYw5Lp5fVH
 nSo1X3AiA4dynhXLXmXG/k1KkIMQ58nfYBk6Gs4u/SiGOAcHfj+mOKnJvQ+Hip2S
 …
 MYCOmKZhBUwQlTjUgB6tmK9c72irtWjWCtPmp327hePW3fToO0QyC/TtolJzuZmI
 mBCqyIJqdf/NJeQSqxUoNU7A2cb6sok0aoWwSs5Pg5WXWEBPbzJv5Gg=
+-----END RSA PRIVATE KEY-----');
+define('PARASOL_VERSION', '1.0');
+define('PARASOL_WIDGET', 'https://widget.parasolbrowsing.com/' . PARASOL_ENV);
+-----END RSA PRIVATE KEY-----'
+);
+define( 'PARASOL_VERSION', '1.1' );
+define( 'PARASOL_WIDGET', 'https://widget.parasolbrowsing.com/' . PARASOL_ENV );

parasol/trunk/parasol.php

-                      r3223111
+                      r3226477
 <?php
+/*
+Plugin Name: Parasol
+Plugin URI: https://parasolbrowsing.com
+Description: Monetize your website without ads or data tracking
+Version: 1.0
+License: GPLv2 or later
+*/
+if (!defined('ABSPATH')) {
+  exit;
+}
+if (isset($_SERVER['REQUEST_URI']) && basename(sanitize_text_field(wp_unslash($_SERVER['REQUEST_URI']))) === 'favicon.ico') {
+  return;
+}
+if (is_admin() && !wp_doing_ajax() && !wp_doing_cron()) {
+  register_deactivation_hook(__FILE__, 'parasol_deactivation');
+  return;
+}
+if (is_admin() || defined('DOING_AJAX') || defined('REST_REQUEST') || defined('DOING_CRON')) {
+  return;
+}
+if (session_status() === PHP_SESSION_NONE) {
+  session_start();
+}
+require_once plugin_dir_path(__FILE__) . 'config.php';
+$parasol_signed_widget_url = parasol_generate_signed_url(PARASOL_WIDGET, PARASOL_VERSION);
+$parasol_signed_api_url = parasol_generate_signed_url(PARASOL_API);
+add_action('init', 'parasol_initialize');
+/**
+ * Plugin Name: Parasol
+ * Plugin URI: https://parasolbrowsing.com
+ * Description: Monetize your website without ads or data tracking
+ * Version: 1.1
+ * License: GPLv2 or later
+ *
+ * @package Parasol
+ */
+if ( ! defined( 'ABSPATH' ) ) {
+    exit;
+}
+if ( isset( $_SERVER['REQUEST_URI'] ) && basename( sanitize_text_field( wp_unslash( $_SERVER['REQUEST_URI'] ) ) ) === 'favicon.ico' ) {
+    return;
+}
+if ( is_admin() && ! wp_doing_ajax() && ! wp_doing_cron() ) {
+    register_deactivation_hook( __FILE__, 'parasol_deactivation' );
+    return;
+}
+if ( is_admin() || defined( 'DOING_AJAX' ) || defined( 'REST_REQUEST' ) || defined( 'DOING_CRON' ) ) {
+    return;
+}
+if ( session_status() === PHP_SESSION_NONE ) {
+    session_start();
+}
+require_once plugin_dir_path( __FILE__ ) . 'config.php';
+$parasol_signed_api_url    = parasol_generate_signed_url( PARASOL_API );
+$parasol_signed_widget_url = parasol_generate_signed_url( PARASOL_WIDGET, PARASOL_VERSION );
+add_action( 'init', 'parasol_initialize' );
+/**
+ * Initializes the Parasol integration.
+ *
+ * This function handles the initialization of the Parasol integration by:
+ * - Verifying OAuth nonces and processing OAuth session tokens passed via URL parameters.
+ * - Redirecting to a clean URL if OAuth processing occurs.
+ * - Disabling Parasol if certain conditions are met (e.g., `parasol_disabled` transient or `parasol_opt_out` cookie is set).
+ * - Fetching and storing whitelist domains from the Parasol API if they are not available in the transient.
+ * - Generating and setting necessary cookies, including API token and widget URL data.
+ * - Enqueuing Parasol assets (JavaScript).
+ *
+ * @global string $parasol_signed_api_url   The signed API URL for the Parasol API.
+ * @global string $parasol_signed_widget_url The signed widget URL for the Parasol widget.
+ *
+ * @return void
+ */
 function parasol_initialize() {
+  global $parasol_signed_api_url;
+  if (isset($_GET['parasol_opt_out'])) {
+    $clean_url = remove_query_arg('parasol_opt_out');
+    set_transient('parasol_opt_out_' . session_id(), true, 1800);
+    wp_redirect($clean_url);
+    exit;
+  }
+  if (isset($_GET['parasol_oauth_nonce'])) {
+    $parasol_oauth_nonce = sanitize_text_field(wp_unslash($_GET['parasol_oauth_nonce']));
+    $clean_url = remove_query_arg('parasol_oauth_nonce');
+    if (wp_verify_nonce($parasol_oauth_nonce, 'parasol_oauth_nonce')) {
+      if (isset($_GET['parasol_oauth_session_token'])) {
+        set_transient('parasol_session_token_' . session_id(), sanitize_text_field(wp_unslash($_GET['parasol_oauth_session_token'])), 30);
+        $clean_url = remove_query_arg('parasol_oauth_session_token', $clean_url);
+      }
+    }
+    wp_redirect($clean_url);
+    exit;
+  }
+  if (get_transient('parasol_disabled') || get_transient('parasol_opt_out_' . session_id())) {
+    return;
+  }
+  if (!get_transient('parasol_whitelist_domains')) {
+    $http_response = wp_remote_post(PARASOL_API . '/GetSite' . $parasol_signed_api_url, [
+      'body'    => wp_json_encode([
+        'apiToken' => parasol_generate_token([]),
+        'currentVersion' => PARASOL_VERSION,
+      ]),
+      'headers' => [
+        'Content-Type' => 'application/json',
+      ],
+      'timeout' => 10,
+    ]);
+    if (is_wp_error($http_response) || wp_remote_retrieve_response_code($http_response) !== 200) {
+      if (wp_remote_retrieve_response_code($http_response) == 401) {
+        set_transient('parasol_disabled', true);
+      }
+      return;
+    }
+    $parasol_site_data = json_decode(wp_remote_retrieve_body($http_response), true);
+    if (!$parasol_site_data) {
+        return;
+    }
+    set_transient('parasol_whitelist_domains', $parasol_site_data['whitelistDomains'] ?? []);
+  }
+  parasol_disable_domains();
+  add_action('wp_enqueue_scripts', 'parasol_enqueue_assets');
+}
+    global $parasol_signed_api_url, $parasol_signed_widget_url;
+    if ( isset( $_GET['parasol_oauth_nonce'] ) ) {
+        $parasol_oauth_nonce = sanitize_text_field( wp_unslash( $_GET['parasol_oauth_nonce'] ) );
+        $clean_url           = remove_query_arg( 'parasol_oauth_nonce' );
+        if ( wp_verify_nonce( $parasol_oauth_nonce, 'parasol_oauth_nonce' ) ) {
+            if ( isset( $_GET['parasol_oauth_session_token'] ) ) {
+                setcookie( 'parasol_session_token', sanitize_text_field( wp_unslash( $_GET['parasol_oauth_session_token'] ) ), strtotime( '+1 minute' ), '/', '', true, false );
+                $clean_url = remove_query_arg( 'parasol_oauth_session_token', $clean_url );
+            }
+        }
+        wp_safe_redirect( $clean_url );
+        exit();
+    }
+    if ( get_transient( 'parasol_disabled' ) || isset( $_COOKIE['parasol_opt_out'] ) ) {
+        return;
+    }
+    if ( ! get_transient( 'parasol_whitelist_domains' ) ) {
+        $http_response = wp_remote_post(
+            PARASOL_API . '/GetSite' . $parasol_signed_api_url,
+            array(
+                'body'    => wp_json_encode(
+                    array(
+                        'apiToken'       => parasol_generate_token(
+                            array()
+                        ),
+                        'currentVersion' => PARASOL_VERSION,
+                    )
+                ),
+                'headers' => array(
+                    'Content-Type' => 'application/json',
+                ),
+                'timeout' => 10,
+            )
+        );
+        if ( is_wp_error( $http_response ) || wp_remote_retrieve_response_code( $http_response ) !== 200 ) {
+            if ( wp_remote_retrieve_response_code( $http_response ) === 401 ) {
+                set_transient( 'parasol_disabled', true );
+            }
+            return;
+        }
+        $parasol_site_data = json_decode( wp_remote_retrieve_body( $http_response ), true );
+        if ( ! $parasol_site_data ) {
+                return;
+        }
+        set_transient( 'parasol_whitelist_domains', $parasol_site_data['whitelistDomains'] ?? array() );
+    }
+    $api_token_payload = array(
+        'idempotencyKey' => uniqid( session_id(), true ),
+        'parasolKey'     => hash( 'sha256', session_id() . '6a39c2ce25815beb37872e8f7f2eb7ae' ),
+    );
+    $parasol_data = array(
+        'apiDomain'            => PARASOL_API,
+        'apiToken'             => parasol_generate_token( $api_token_payload ),
+        'apiUrlQueryString'    => $parasol_signed_api_url,
+        'devMode'              => PARASOL_ENV === 'dev',
+        'oauthNonce'           => wp_create_nonce( 'parasol_oauth_nonce' ),
+        'widgetDomain'         => PARASOL_WIDGET,
+        'widgetUrlQueryString' => $parasol_signed_widget_url,
+    );
+    setcookie( 'parasol_data', str_replace( array( '+', '/', '=' ), array( '-', '_', '' ), base64_encode( wp_json_encode( $parasol_data ) ) ), strtotime( '+10 minute' ), '/', '', true, false );
+    parasol_disable_domains();
+    add_action( 'wp_enqueue_scripts', 'parasol_enqueue_assets' );
+}
+/**
+ * Enqueues the Parasol JavaScript file.
+ *
+ * This function enqueues the Parasol JavaScript file (`parasol.js`) with a signed widget URL appended as a query parameter.
+ * The script is loaded in the footer (`true` for the last parameter) and is registered with the version defined in
+ * the `PARASOL_VERSION` constant.
+ *
+ * @global string $parasol_signed_widget_url A signed URL used as a query parameter for the script.
+ *
+ * @return void
+ */
 function parasol_enqueue_assets() {
+  global $parasol_signed_api_url;
+  $parasol_signed_widget_url = parasol_generate_signed_url(PARASOL_WIDGET, PARASOL_VERSION);
+  $api_token_payload = [
+    'idempotencyKey' => uniqid(session_id(), true),
+    'parasolKey' => hash('sha256', session_id() . '6a39c2ce25815beb37872e8f7f2eb7ae')
+  ];
+  $is_new_session = false;
+  if (!get_transient('parasol_session_' . session_id())) {
+    set_transient('parasol_session_' . session_id(), true, 1800);
+    $is_new_session = true;
+  }
+  wp_enqueue_style('parasol-styles', PARASOL_WIDGET . '/parasol.css' . $parasol_signed_widget_url, [], PARASOL_VERSION);
+  wp_enqueue_script('stripe-js', 'https://js.stripe.com/v3/', [], true, true);
+  wp_enqueue_script('parasol-js', PARASOL_WIDGET . '/parasol.js' . $parasol_signed_widget_url, [], PARASOL_VERSION, true);
+  wp_localize_script('parasol-js', 'parasol', [
+    'apiDomain' => PARASOL_API,
+    'apiToken' => parasol_generate_token($api_token_payload),
+    'apiUrlQueryString' => $parasol_signed_api_url,
+    'devMode' => PARASOL_ENV === 'dev',
+    'newSession' => $is_new_session,
+    'oauthNonce' => wp_create_nonce('parasol_oauth_nonce'),
+    'sessionToken' => get_transient('parasol_session_token_' . session_id()) ?? '',
+    'widgetDomain' => PARASOL_WIDGET,
+    'widgetUrlQueryString' => $parasol_signed_widget_url,
+  ]);
+  delete_transient('parasol_session_token_' . session_id());
+}
+function parasol_generate_token($payload) {
+  $payload = array_merge($payload, [
+    'timestamp' => time(),
+    'url' => parasol_get_current_url(),
+  ]);
+  $payloadJson = wp_json_encode($payload);
+  $signature = hash_hmac('sha256', $payloadJson, PARASOL_API_KEY);
+  $token = [
+    'payload' => $payloadJson,
+    'signature' => $signature
+  ];
+  return base64_encode(wp_json_encode($token));
+}
+    global $parasol_signed_widget_url;
+    wp_enqueue_script( 'parasol-js', PARASOL_WIDGET . '/parasol.js' . $parasol_signed_widget_url, array(), PARASOL_VERSION, true );
+}
+/**
+ * Generates a signed token for a given payload.
+ *
+ * This function takes a payload (an array), adds a timestamp and the current URL, then creates a
+ * JSON-encoded representation of the payload. It generates a signature using the HMAC SHA-256
+ * algorithm with the payload and a secret API key, and returns a base64-encoded token that includes
+ * the payload and its signature.
+ *
+ * @param array $payload The initial data to include in the token.
+ *
+ * @return string A base64-encoded token consisting of the payload and its signature.
+ */
+function parasol_generate_token( $payload ) {
+    $payload = array_merge(
+        $payload,
+        array(
+            'timestamp' => time(),
+            'url'       => parasol_get_current_url(),
+        )
+    );
+    $payload_json = wp_json_encode( $payload );
+    $signature    = hash_hmac( 'sha256', $payload_json, PARASOL_API_KEY );
+    $token        = array(
+        'payload'   => $payload_json,
+        'signature' => $signature,
+    );
+    return base64_encode( wp_json_encode( $token ) );
+}
+/**
+ * Retrieves the current URL based on the server's protocol, host, and request URI.
+ *
+ * This function constructs the full URL by checking if HTTPS is enabled and appending
+ * the sanitized `HTTP_HOST` and `REQUEST_URI` from the `$_SERVER` superglobal.
+ *
+ * @return string The full URL, including the protocol (http or https).
+ */
 function parasol_get_current_url() {
+  $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') ? 'https://' : 'http://';
+  return $protocol . sanitize_text_field(wp_unslash($_SERVER['HTTP_HOST'] ?? '')) . sanitize_text_field(wp_unslash($_SERVER['REQUEST_URI'] ?? ''));
+}
+function parasol_generate_signed_url($url, $version = '') {
+  $policy = wp_json_encode([
+    "Statement" => [
+      [
+        "Resource" => $url . '/*' . ($version ? '?ver=' . $version : ''),
+        "Condition" => ["DateLessThan" => ["AWS:EpochTime" => time() + 600]],
+      ],
+    ],
+  ]);
+  $encoded_policy = parasol_url_safe_base64_encode($policy);
+  openssl_sign($policy, $signature, PARASOL_PRIVATE_KEY, OPENSSL_ALGO_SHA1);
+  $encoded_signature = parasol_url_safe_base64_encode($signature);
+  $query_delimiter = $version ? 'ver=' . $version . '&' : '';
+  return "?{$query_delimiter}Policy={$encoded_policy}&Signature={$encoded_signature}&Key-Pair-Id=" . PARASOL_CLOUDFRONT_KEY_ID;
+}
+function parasol_url_safe_base64_encode($value) {
+  return str_replace(['+', '=', '/'], ['-', '_', '~'], base64_encode($value));
+}
+    $protocol = ( ! empty( $_SERVER['HTTPS'] ) && 'on' === $_SERVER['HTTPS'] ) ? 'https://' : 'http://';
+    return $protocol . sanitize_text_field( wp_unslash( $_SERVER['HTTP_HOST'] ?? '' ) ) . sanitize_text_field( wp_unslash( $_SERVER['REQUEST_URI'] ?? '' ) );
+}
+/**
+ * Generates a signed URL for accessing a resource with a specified expiration time.
+ *
+ * This function creates a signed URL for a given resource by encoding a policy
+ * that includes a condition for expiration (600 seconds from the current time).
+ * The URL is signed using a private key, and the resulting signature is included
+ * in the URL as a query parameter.
+ *
+ * @param string $url     The URL of the resource to be signed.
+ * @param string $version The version of the resource (optional).
+ *
+ * @return string The signed URL with the policy and signature as query parameters.
+ */
+function parasol_generate_signed_url( $url, $version = '' ) {
+    $policy = wp_json_encode(
+        array(
+            'Statement' => array(
+                array(
+                    'Resource'  => $url . '/*' . ( $version ? '?ver=' . $version : '' ),
+                    'Condition' => array( 'DateLessThan' => array( 'AWS:EpochTime' => time() + 600 ) ),
+                ),
+            ),
+        )
+    );
+    $encoded_policy = parasol_url_safe_base64_encode( $policy );
+    openssl_sign( $policy, $signature, PARASOL_PRIVATE_KEY, OPENSSL_ALGO_SHA1 );
+    $encoded_signature = parasol_url_safe_base64_encode( $signature );
+    $query_delimiter = $version ? 'ver=' . $version . '&' : '';
+    return "?{$query_delimiter}Policy={$encoded_policy}&Signature={$encoded_signature}&Key-Pair-Id=" . PARASOL_CLOUDFRONT_KEY_ID;
+}
+/**
+ * Encodes a value using base64 encoding and replaces URL unsafe characters.
+ *
+ * This function performs base64 encoding on the input value and then replaces
+ * the characters that are not URL-safe (`+`, `/`, `=`) with their URL-safe
+ * equivalents (`-`, `_`, `~`) to make the encoded string safe for use in URLs.
+ *
+ * @param string $value The value to be base64 encoded.
+ *
+ * @return string The URL-safe base64 encoded string.
+ */
+function parasol_url_safe_base64_encode( $value ) {
+    return str_replace( array( '+', '=', '/' ), array( '-', '_', '~' ), base64_encode( $value ) );
+}
+/**
+ * Cleans up transients on plugin deactivation.
+ *
+ * This function deletes specific transients related to the Parasol plugin (`parasol_disabled`
+ * and `parasol_whitelist_domains`) to clean up any stored data when the plugin is deactivated.
+ *
+ * @return void
+ */
 function parasol_deactivation() {
+  delete_transient('parasol_disabled');
+  delete_transient('parasol_whitelist_domains');
+}
+    delete_transient( 'parasol_disabled' );
+    delete_transient( 'parasol_whitelist_domains' );
+}
+/**
+ * Disables certain domains and enqueues custom actions.
+ *
+ * This function hooks into WordPress actions to disable certain domains by adding a custom
+ * content security policy and dequeueing third-party scripts. It hooks `parasol_add_custom_content_security_policy`
+ * to `send_headers` and `parasol_dequeue_third_party_scripts` to `wp_enqueue_scripts` with a priority of 100.
+ *
+ * @return void
+ */
 function parasol_disable_domains() {
+  add_action('send_headers', 'parasol_add_custom_content_security_policy');
+  add_action('wp_enqueue_scripts', 'parasol_dequeue_third_party_scripts', 100);
+}
+    add_action( 'send_headers', 'parasol_add_custom_content_security_policy' );
+    add_action( 'wp_enqueue_scripts', 'parasol_dequeue_third_party_scripts', 100 );
+}
+/**
+ * Adds a custom Content Security Policy (CSP) header.
+ *
+ * This function generates a custom CSP header based on the domains stored in the `parasol_whitelist_domains`
+ * transient. It defines directives for script, style, worker, and frame sources, and then adds the CSP header
+ * to the response using the `header()` function. It supports wildcard domains and includes `unsafe-inline` for
+ * script and style sources.
+ *
+ * @return void
+ */
 function parasol_add_custom_content_security_policy() {
+  $wildcard_domains = array_map(function($domain) {
+    return '*.' . $domain;
+  }, (get_transient('parasol_whitelist_domains') ?? []));
+  $csp_directives = [
+    'script-src' => array_merge(["'self'", "'unsafe-inline'"], $wildcard_domains),
+    'style-src' => array_merge(["'self'", "'unsafe-inline'"], $wildcard_domains),
+    'worker-src' => array_merge(["'self'", 'blob:'], $wildcard_domains),
+    'frame-src' => array_merge(["'self'"], $wildcard_domains),
+  ];
+  $csp_header = parasol_build_csp_header($csp_directives);
+  if ($csp_header) {
+    header("Content-Security-Policy: $csp_header");
+  }
+}
+function parasol_build_csp_header(array $directives): string {
+  $header_parts = [];
+  foreach ($directives as $directive => $sources) {
+    $header_parts[] = "{$directive} " . implode(' ', $sources) . ';';
+  }
+  return implode(' ', $header_parts);
+}
+    $wildcard_domains = array_map(
+        function ( $domain ) {
+            return '*.' . $domain;
+        },
+        ( get_transient( 'parasol_whitelist_domains' ) ?? array() )
+    );
+    $csp_directives = array(
+        'script-src' => array_merge( array( "'self'", "'unsafe-inline'" ), $wildcard_domains ),
+        'style-src'  => array_merge( array( "'self'", "'unsafe-inline'" ), $wildcard_domains ),
+        'worker-src' => array_merge( array( "'self'", 'blob:' ), $wildcard_domains ),
+        'frame-src'  => array_merge( array( "'self'" ), $wildcard_domains ),
+    );
+    $csp_header = parasol_build_csp_header( $csp_directives );
+    if ( $csp_header ) {
+        header( "Content-Security-Policy: $csp_header" );
+    }
+}
+/**
+ * Builds a Content Security Policy (CSP) header from the provided directives.
+ *
+ * This function takes an array of CSP directives, where each directive is associated with a list of sources.
+ * It formats the directives and their corresponding sources into a valid CSP header string, which can be used
+ * in an HTTP response to define security policies for various resources like scripts, styles, and frames.
+ *
+ * @param array $directives An associative array of CSP directives and their corresponding sources.
+ *
+ * @return string A string representing the formatted CSP header.
+ */
+function parasol_build_csp_header( array $directives ): string {
+    $header_parts = array();
+    foreach ( $directives as $directive => $sources ) {
+        $header_parts[] = "{$directive} " . implode( ' ', $sources ) . ';';
+    }
+    return implode( ' ', $header_parts );
+}
+/**
+ * Dequeues third-party scripts not hosted on allowed domains.
+ *
+ * This function checks the list of currently queued scripts and dequeues any third-party scripts
+ * whose source domain is not in the list of allowed domains. The allowed domains are retrieved
+ * from the `parasol_whitelist_domains` transient, along with the site’s own domain.
+ *
+ * The function uses `parasol_is_allowed_script_domain()` to verify whether a script's domain is allowed.
+ *
+ * @return void
+ */
 function parasol_dequeue_third_party_scripts() {
+  global $wp_scripts;
+  $allowed_domains = array_merge((get_transient('parasol_whitelist_domains') ?? []), [wp_parse_url(get_site_url(), PHP_URL_HOST)]);
+  foreach ($wp_scripts->queue as $script_handle) {
+    $script_obj = $wp_scripts->registered[$script_handle] ?? null;
+    if ($script_obj && $script_obj->src && !parasol_is_allowed_script_domain($script_obj->src, $allowed_domains)) {
+      wp_dequeue_script($script_handle);
+    }
+  }
+}
+function parasol_is_allowed_script_domain(string $script_src, array $allowed_domains): bool {
+  $script_domain = wp_parse_url($script_src, PHP_URL_HOST);
+  return $script_domain ? in_array(get_root_domain($script_domain), $allowed_domains, true) : true;
+}
+function get_root_domain(string $domain): string {
+  $parts = explode('.', $domain);
+  if (count($parts) > 2) {
+    return implode('.', array_slice($parts, -2));
+  }
+  return $domain;
+}
+    global $wp_scripts;
+    $allowed_domains = array_merge( ( get_transient( 'parasol_whitelist_domains' ) ?? array() ), array( wp_parse_url( get_site_url(), PHP_URL_HOST ) ) );
+    foreach ( $wp_scripts->queue as $script_handle ) {
+        $script_obj = $wp_scripts->registered[ $script_handle ] ?? null;
+        if ( $script_obj && $script_obj->src && ! parasol_is_allowed_script_domain( $script_obj->src, $allowed_domains ) ) {
+            wp_dequeue_script( $script_handle );
+        }
+    }
+}
+/**
+ * Checks if a script's domain is allowed.
+ *
+ * This function extracts the domain from the given script URL and compares it to the list of allowed
+ * domains. It checks if the root domain of the script’s source is in the allowed domains list. If the
+ * script’s domain is not found or no domain is present in the URL, it returns `true` (indicating the script is allowed).
+ *
+ * @param string $script_src   The URL of the script to check.
+ * @param array  $allowed_domains The list of allowed domains.
+ *
+ * @return bool `true` if the script’s domain is allowed, otherwise `false`.
+ */
+function parasol_is_allowed_script_domain( string $script_src, array $allowed_domains ): bool {
+    $script_domain = wp_parse_url( $script_src, PHP_URL_HOST );
+    return $script_domain ? in_array( get_root_domain( $script_domain ), $allowed_domains, true ) : true;
+}
+/**
+ * Extracts the root domain from a given domain.
+ *
+ * This function takes a domain and returns the root domain by extracting the last two segments
+ * (e.g., for `sub.example.com`, it will return `example.com`). If the domain has two or fewer segments,
+ * the original domain is returned.
+ *
+ * @param string $domain The domain to extract the root from.
+ *
+ * @return string The root domain (last two segments) or the original domain if it has two or fewer segments.
+ */
+function get_root_domain( string $domain ): string {
+    $parts = explode( '.', $domain );
+    if ( count( $parts ) > 2 ) {
+        return implode( '.', array_slice( $parts, -2 ) );
+    }
+    return $domain;
+}

parasol/trunk/readme.txt

-                      r3224076
+                      r3226477
 Tested up to: 6.7.1
 Requires PHP: 7.4
 Stable tag: 1.0
+Stable tag: 1.1
 License: GPLv2 or later
 License URI: https://www.gnu.org/licenses/gpl-2.0.html
 …
 == Changelog ==
+= 1.0.0 =
+= 1.1 =
+* Updates to Parasol asset loading.
+= 1.0 =
 * Initial release of Parasol.
 * Added options for site visitors to access content.
 …
 == Upgrade Notice ==
+= 1.1 =
+Updates to Parasol asset loading.
 = 1.0 =

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory