raydale
Forum Replies Created
-
Forum: Plugins
In reply to: [Getwid - Gutenberg Blocks] New Vulnerability WarningI understand what you are saying, but I think we’ll have to agree to disagree there @eugenewhite. By not providing an explicit reference to this being a security fix it obfuscates it somewhat.
Forum: Plugins
In reply to: [Getwid - Gutenberg Blocks] New Vulnerability WarningHi @eugenewhite – thank you for the notice about the update of the plugin and security fix.
Why in your changelog are you not listing the security fix?
Forum: Plugins
In reply to: [Getwid - Gutenberg Blocks] New Vulnerability WarningThanks @basz85. I agree, people starting additional threads with their own circumstances does tend to shine a bigger light on it.
Thank you for your response @eugenewhite, it’s good to know that this has been seen and is being worked on.
I’m surprised by the delay in the response. I would also assume that the person who originally discovered the security issue has reached out to you before going public? In all it’s a bit concerning, especially because GetWid has had more than its fair share of security issues.
Forum: Plugins
In reply to: [Getwid - Gutenberg Blocks] New Vulnerability WarningOkay, we’re now over 3 and a half days without a response to a security issue. The issue is also being reported beyond PatchStack and by other credible sources:
- WordFence: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/getwid
- WPScan: https://wpscan.com/plugin/getwid/
Without knowing or any confirmation about what the security issue is, I’m left with a dilemma:
- Do I remove the plugin from any sites and rebuild those areas where the plugin is used (which could be a lot of work)?
- Or, do I wait for a response and increase security with plugins but still potentially leave the websites vulnerable whilst waiting?
Forum: Plugins
In reply to: [Gutenberg Blocks Library & Toolkit - Editor Plus] CSS Output RequestsHello @munirkamal,
Great work, thank you for the update. I have tested on a couple of local installs and it’s working really well as far as I can see.
It would be good to have an option of including the static CSS file in the head, but it’s definitely one for the ‘future’ list.
Hi @munirkamal,
Yes, that’s a good point and in some cases it would not suit the purpose – even cause confusion for some people. However, I believe overall it will help the design choices and more users to have those settings on a group / column level. Each group / column setting could be overridden by the specific settings on the individual text blocks, thus respecting the cascade.
This could be a quick way to layout the basic settings on a column / group to then override those specifics in a given text block itself. Again, this would save on CSS being generated, particularly if you had a lot of different text blocks within a column or group.
It is often the case that I need to create columns with a header, multiple paragraphs, a list and buttons. Styling each of those to achieve a uniform font-size, font-weight and color is overkill. Especially if I can just set them on the column or group level and simply override the h2 (which is often the only point of difference).
I do understand you wanting to keep the options simple and logical to the given block @munirkamal. This is just my take from a design-heavy user perspective.
- This reply was modified 5 years, 7 months ago by raydale.
Thanks @munirkamal,
Thanks for the update and the work on adding Typography options. It looks great.
Any reason why you chose to only enable the typography options on headings and paragraphs etc. rather than all blocks? I’m thinking that adding typography controls to the columns and group blocks (plus many others) would work nicely with my previous requests.
For example: I can see it being very useful to be able to set a whole column to uppercase or a particular font size. Plus you already have a text color control which would then also apply more globally in that instance. This would save having to set each individual element within a block and would reduce the CSS being generated in some cases.
Thank you @munirkamal,
It’s great to see where this plugin is going. I look forward to seeing the updates.
Forum: Plugins
In reply to: [Zero Spam for WordPress] Gravity Forms Spam Getting ThroughThanks @monkeypress, that plugin is a good call and I have reverted to using GF Zero Spam in a few cases.
However, this isn’t part of GF and the FAQs mention the built-in honeypot feature already in GF. Again, I was under the assumption that because the built-in honeypot feature was weak in GF WP Zero Spam had implemented their own version of it.
Forum: Plugins
In reply to: [Zero Spam for WordPress] Gravity Forms Spam Getting ThroughHi, I’m having the same problem here.
First of all WP Zero Spam was simply deactivated a couple of months ago due to the new updates. Then, the Gravity Forms support is dropped.
All of the Gravity Forms employ anti-spam honeypot, but this has been known to be weak for a long time, hence installing WP Zero Spam in the first place.
So, it would be good to know what GF anti-spam features are being referred to here.
Hi @munirkamal,
I can see this working for a number of blocks apart from the specific text level blocks themselves (headings and paragraph blocks) which have specific colour controls.
Those blocks with specific controls would override the more generalised colour settings from EditorPlus. So, this would then reflect the specificity in CSS and create a natural expectation with most users in that the more specific the block settings, the higher the precedence.
Again, hopefully that makes sense?
- This reply was modified 5 years, 7 months ago by raydale.
Forum: Plugins
In reply to: [Gutenberg Blocks Library & Toolkit - Editor Plus] CSS Output RequestsThanks for the speedy response @munirkamal.
I can completely understand that. The better optimised CSS output can wait. You already offer a pretty full feature-set, though I’m sure I can make some helpful suggestions in that regard soon.
In regards to the question about caching: I was wondering if it was possible to optimise the CSS as per my request via any particular caching plugins you’re aware of? I’ve tried a couple but they seem to ignore the generated CSS from EditorPlus when calculating what to minify and render in an external stylesheet.
Forum: Plugins
In reply to: [Breeze Cache] jQuery Undefined with JS minification turned onI will setup a staging site and try to reproduce without plugins & with default themes.
As of now on the live sites I have had to work around the issue and disable JS minification.
Forum: Plugins
In reply to: [Zero Spam for WordPress] Not stopping Gravity Form spam anymoreI am also having this issue. For me, it seems that after the most recent updates the checkbox ‘Verify Gravity Forms Submissions’ was disabled.
Not sure if that helps in the short term, or the issue is wider?
This is happening on multiple websites that I run where that checkbox has been disabled in recent updates – which is obviously an issue and one that the developers can hopefully clarify?
I have this issue too and have submitted a request (just in case nothing has been submitted yet).
The issue seems to be related to the switch from using ID’s in the CSS selectors to classes.