WordPress.org
Get WordPress

Plugin Directory

Changeset 3336970


Ignore:
Timestamp:
07/31/2025 05:31:41 AM (8 months ago)
Author:
sethta
Message:

Update to version 1.3.1

Location:
easy-critical-css
Files:
295 added
6 deleted
9 edited

Legend:

Unmodified
Added
Removed

  • easy-critical-css/trunk/easy-critical-css.php

    r3327873 r3336970  
    33 * Plugin Name:       Easy Critical CSS
    44 * Description:       Easily inject Critical CSS and optimized Secondary CSS to improve page speed and performance.
    5  * Version:           1.3.0
     5 * Version:           1.3.1
    66 * Requires at least: 6.2
    7  * Tested up to:      6.8.1
     7 * Tested up to:      6.8.2
    88 * Requires PHP:      7.4
    99 * Author:            CriticalCSS.net
     
    4242    function () {
    4343        delete_option( 'easy_cc_activation' );
     44        wp_clear_scheduled_hook( 'easy_cc_cleanup_old_handshakes' );
    4445    }
    4546);

  • easy-critical-css/trunk/inc/class-api-request-handler.php

    r3317868 r3336970  
    33namespace EasyCriticalCSS;
    44
     5use DateTime;
    56use WP_Error;
    67
     
    5556        }
    5657
     58        $mysql_timestamp = current_time( 'mysql' );
     59
     60        // Convert timestamp to the URL formate we need. This prevents anjy sort of mismatch.
     61        $url_timestamp = '';
     62        $datetime      = DateTime::createFromFormat( 'Y-m-d H:i:s', $mysql_timestamp );
     63        if ( $datetime instanceof DateTime ) {
     64            $url_timestamp = $datetime->format( 'YmdHis' );
     65        }
     66
    5767        $data = array_merge(
    5868            $data,
     
    6171                'page_url'          => esc_url_raw( $url ),
    6272                'processing_status' => 'pending',
    63                 'requested_time'    => current_time( 'mysql' ),
     73                'requested_time'    => $mysql_timestamp,
    6474                'url_hash'          => $url_hash,
    6575            ]
     
    7080        $prepared_url = add_query_arg(
    7181            [
    72                 'critical-css'        => 'skip' . current_time( 'YmdHis' ),
     82                'critical-css'        => 'skip' . $url_timestamp,
    7383                'nocache'             => '',
    7484                'wpr_imagedimensions' => '1',

  • easy-critical-css/trunk/inc/class-critical-css-injector.php

    r3327873 r3336970  
    6060    public static function handle_styles() {
    6161        if ( Critical_CSS::should_skip_critical() ) {
     62            return;
     63        }
     64
     65        // Don't proceed if Critical CSS was never enqueued.
     66        if ( ! wp_style_is( 'easy-critical-css', 'enqueued' ) ) {
    6267            return;
    6368        }

  • easy-critical-css/trunk/inc/class-critical-css.php

    r3327873 r3336970  
    22
    33namespace EasyCriticalCSS;
     4
     5use DateTime;
    46
    57if ( ! defined( 'ABSPATH' ) ) {
     
    1618
    1719        add_action( 'template_redirect', [ __CLASS__, 'generate_critical_css_if_needed' ] );
     20        add_action( 'wp_head', [ __CLASS__, 'add_requested_time' ] );
    1821    }
    1922
     
    415418    }
    416419    // phpcs:enable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
     420
     421    public static function add_requested_time() {
     422        // phpcs:disable WordPress.Security.NonceVerification.Recommended -- No need for nonce verification as we are using this for read-only purposes.
     423        if ( ! isset( $_GET['critical-css'] ) || substr( sanitize_text_field( wp_unslash( $_GET['critical-css'] ) ), 0, 4 ) !== 'skip' ) {
     424            return;
     425        }
     426
     427        $identifier = self::get_page_identifier();
     428        $critical   = self::get_generated_css( $identifier );
     429
     430        if ( empty( $critical['requested_time'] ) ) {
     431            return;
     432        }
     433
     434        // Convert the URL param timestamp into the same format.
     435        $url_timestamp = '';
     436        $datetime      = DateTime::createFromFormat( 'YmdHis', str_replace( 'skip', '', sanitize_text_field( wp_unslash( $_GET['critical-css'] ) ) ) );
     437        if ( $datetime instanceof DateTime ) {
     438            $url_timestamp = $datetime->format( 'Y-m-d H:i:s' );
     439        }
     440
     441        // Output if we have a match or mismatch.
     442        if ( $url_timestamp === $critical['requested_time'] ) {
     443            echo "\n<!-- ECC_REQUESTED_MATCH -->\n";
     444        } else {
     445            echo "\n<!-- ECC_REQUESTED_MISMATCH -->\n";
     446        }
     447
     448        // Only output actual time if Debug Mode is active.
     449        if ( ! Settings::get_global_debug_mode() ) {
     450            echo '<!-- ECC_REQUESTED_AT: ' . esc_html( $url_timestamp ) . " -->\n";
     451        }
     452    }
    417453}

  • easy-critical-css/trunk/inc/class-database.php

    r3327873 r3336970  
    1414    public static function init() {
    1515        self::ensure_db_correct();
     16        add_action( 'easy_cc_cleanup_old_handshakes', [ __CLASS__, 'cleanup_old_handshakes' ] );
    1617    }
    1718
     
    293294        );
    294295    }
     296
     297    public static function cleanup_old_handshakes() {
     298        global $wpdb;
     299
     300        $table_name = esc_sql( self::get_table_name() );
     301        $threshold  = gmdate( 'Y-m-d H:i:s', time() - 12 * HOUR_IN_SECONDS );
     302
     303        $wpdb->query(
     304            $wpdb->prepare(
     305                // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared
     306                "UPDATE {$table_name} SET handshake = NULL WHERE requested_time < %s",
     307                $threshold
     308            )
     309        );
     310    }
    295311}

  • easy-critical-css/trunk/inc/class-plugin.php

    r3327873 r3336970  
    1010    private static $instance = null;
    1111
    12     private static $plugin_version = '1.3.0';
     12    private static $plugin_version = '1.3.1';
    1313
    1414    private static $db_version = '2';
     
    5555            flush_rewrite_rules();
    5656            update_option( 'easy_cc_version', self::$plugin_version );
     57
     58            // Add handshake recycle if it doesn't exist.
     59            if ( ! wp_next_scheduled( 'easy_cc_cleanup_old_handshakes' ) ) {
     60                wp_schedule_event( time(), 'twicedaily', 'easy_cc_cleanup_old_handshakes' );
     61            }
    5762        }
    5863

  • easy-critical-css/trunk/inc/class-rest-api.php

    r3327873 r3336970  
    329329        }
    330330
    331         if ( ! hash_equals( sanitize_text_field( $existing['handshake'] ), $handshake ) ) {
     331        if ( empty( $existing['handshake'] ) || ! hash_equals( sanitize_text_field( $existing['handshake'] ), $handshake ) ) {
    332332            return new WP_Error(
    333333                'invalid_handshake',
     
    377377        }
    378378
    379         // Reset handshake to prevent subsequent posts.
    380         $handshake = wp_generate_password( 20, false );
    381 
    382379        // Determine secondary behavior and prep data to save.
    383380        $behavior          = Settings::get_individual_secondary_behavior( $params['hash'] );
     
    433430            'size_savings'      => $savings,
    434431            'generated_time'    => $timestamp,
    435             'handshake'         => $handshake,
     432            'handshake'         => null, // Clear to prevent brute force attempts
    436433            'processing_status' => 'completed',
    437434        ];

  • easy-critical-css/trunk/readme.txt

    r3327873 r3336970  
    44Tags: critical css, performance, optimization, speed, lighthouse
    55Requires at least: 6.2
    6 Tested up to:      6.8.1
     6Tested up to:      6.8.2
    77Requires PHP:      7.4
    88Stable tag:        trunk
     
    102102== Changelog ==
    103103
     104= 1.3.1 =
     105- SECURITY: Invalidates handshake keys after use to prevent replay or brute force attempts
     106- SECURITY: Expires older/failed generation handshake keys automatically every 12 hours
     107- FIX: Prevents older queued Critical CSS generations from saving CSS if a new generation has been requested
     108- FIX: Runs Secondary CSS functionality only when Critical CSS has already been output
     109
    104110= 1.3.0 =
    105111- FEATURE: Adds WooCommerce compatibility

  • easy-critical-css/trunk/vendor/composer/installed.php

    r3327873 r3336970  
    44        'pretty_version' => 'dev-main',
    55        'version' => 'dev-main',
    6         'reference' => 'a88ecc654551c83ad454541fa5297413a497f7b8',
     6        'reference' => 'd71ba767dfaf00df36eaad3559657a5506bb3a0b',
    77        'type' => 'wordpress-plugin',
    88        'install_path' => __DIR__ . '/../../',
     
    3232            'pretty_version' => 'dev-main',
    3333            'version' => 'dev-main',
    34             'reference' => 'a88ecc654551c83ad454541fa5297413a497f7b8',
     34            'reference' => 'd71ba767dfaf00df36eaad3559657a5506bb3a0b',
    3535            'type' => 'wordpress-plugin',
    3636            'install_path' => __DIR__ . '/../../',
Note: See TracChangeset for help on using the changeset viewer.