Skip to content
This repository has been archived by the owner on Apr 16, 2021. It is now read-only.

Why removed from Wordpress plugin site? #28

Open
giggio opened this issue Jul 12, 2019 · 5 comments
Open

Why removed from Wordpress plugin site? #28

giggio opened this issue Jul 12, 2019 · 5 comments
Assignees
@owent
Labels
help wanted

Comments

@giggio
Copy link

giggio commented Jul 12, 2019

I just noticed this plugin was removed from the wordpress plugin site. Why was that?

image
@owent owent self-assigned this Jul 13, 2019
@owent
Copy link
Owner

owent commented Jul 13, 2019

There is a secure problem in this plugin. (see #27 for the detail, thanks to jason0x90.) I have already merge the PR and republish it and send a email to wordpress team to reopen it. Please wait some times.

@owent owent closed this as completed Jul 13, 2019
@giggio
Copy link
Author

giggio commented Aug 12, 2019

Hi, it's been a month, do you know when they are adding it back?

@owent
Copy link
Owner

owent commented Aug 13, 2019

Sorry. The wordpress team tell me there are still some CSRF problems in this plugin when wordpress is setup for multiple sites. I don't use wordpress any more and I have no environment to test it after making a lot of changes to codes. So this plugin may be closed later.

@owent owent reopened this Aug 13, 2019
@giggio
Copy link
Author

giggio commented Oct 25, 2019

How about publishing the version that was updated after the fix from #27?

@owent
Copy link
Owner

owent commented Oct 27, 2019
edited
Loading

Sorry, I have tried to publish it again but the wordpress team tell me I need to sanitize all data(Though I think I have sanitized all the input field.). I don't use wordpress myself any more and I have no environment to test this plugin. I seggust you to find another replacement or just import highlightjs's js and css into your website ,for example, add these codes below into the tail of <body></body>:

<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.10/highlight.min.js"></script>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.10/languages/bash.min.js"></script>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.10/languages/cpp.min.js"></script>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.10/languages/go.min.js"></script>
<!--<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.10/languages/OTHER LANGUAGES.min.js"></script>-->
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.10/styles/vs.min.css" />

And then add these codes to enable it:

<script type="text/javascript">
jQuery(function(){
    hljs.configure({
        tabReplace: '    ',
        useBR: false,
        classPrefix: '',
        languages: []

    });

    jQuery('pre code').each(function(i, block) {
        hljs.highlightBlock(block);
    });

    // add this if you need syntaxhighlighter compatible mode
    jQuery('pre:not(:has(code))').each(function(i, block){
        var class_desc = jQuery(block).attr("class") || "";
        var reg_mat = class_desc.match(/brush\s*:\s*([\w\d]+)/i);
        if(!reg_mat || reg_mat.length < 2)
            return;
        var code_content = jQuery(block).removeClass("brush:").removeClass("ruler:").removeClass("first-line:").removeClass("highlight:")
            .removeClass("brush:" + reg_mat[1] + ";").removeClass(reg_mat[1] + ";").removeClass("true;").removeClass("false;").html();
        jQuery(block).empty().append(jQuery("<code class='hljs'></code>").html(code_content)).addClass(reg_mat[1]);
        hljs.highlightBlock(block);
    });

    // add this if you need prettify compatible mode
    jQuery('pre.prettyprint:not(.prettyprinted), code.prettyprint:not(.prettyprinted), xmp.prettyprint:not(.prettyprinted)').each(function(i, block){
        var jblock = jQuery(block).removeClass("prettyprint");
        if (jblock.prop("tagName").toLowerCase() == "code" && jblock.parent().prop("tagName").toLowerCase() == "pre") {
            hljs.highlightBlock(jblock.parent().get(0));
            return;
        }
        var class_desc = jQuery(block).attr("class") || "";
        var reg_mat = class_desc.match(/lang[^-]*-([\w\d]+)/i);
        var code_content = jQuery("<code class='hljs'></code>");
        if (reg_mat && reg_mat.length >= 2) {
            code_content.addClass(reg_mat[1]);
        }
        if (jblock.prop("tagName") === "PRE") {
            jblock.wrapInner(code_content);
            hljs.highlightBlock(jblock.children().get(0));
        } else {
            var code_content = jblock.html();
            jblock.replaceWith(jQuery("<pre></pre>").append(code_content.html(code_content)));
            hljs.highlightBlock(jblock.get(0));
        }
    });

    // add this if you need crayon compatible mode
    jQuery('pre:not(:has(code))').each(function(i, block){
        var class_desc = jQuery(block).attr("class") || "";
        var reg_mat = class_desc.match(/lang\s*:\s*([\w\d]+)/i);
        var code_content = jQuery("<code class='hljs'></code>").html(jQuery(block).removeAttr('class').html());
        if (reg_mat && reg_mat.length >= 2) {
            code_content.addClass(reg_mat[1]);
        }
        jQuery(block).empty().append(code_content);
        hljs.highlightBlock(block);
    });
});
</script>

If you use ES6 API instead of jQuery, you can also use window.addEventListener('DOMContentLoaded', () => { ... }); to replace jQuery(function(){ ... });, document.querySelectorAll("...") to replace jQuery selector, use forEach((block) => {...}) to replace jQuery.each(function(i, block) {...}) and etc.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@owent owent

Labels
help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@giggio @owent