ERROR: PDF downloads full content on password protected pages

  • 1. WP Post to PDF Plugin Version 1.0.5
    2. WordPress V 4.1.1
    3. Frameworks: Heroic Knowledge Base 1.4.4, bbPress 1.3.6
    4. List of active + installed plugins: bbpress, easy google fonts, heroic knowledge base, heroic voting, members, onepress image elevator, tiny MCE advanced, user access manager, wp-postviews, WP post to pdf enhanced

    — Description of Problem

    On password protected pages, PDF download button still appears, and when clicked a PDF with the page’s full content is created. Caching exclusions do not seem to work for non-standard posts, in this case these are articles.

    — Expected behaviour:
    On password protected pages, the download PDF button should not show, until the user enters the correct password.

    https://www.ads-software.com/plugins/wp-post-to-pdf-enhanced/

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Lewis Rosenthal

    (@lewisr)

    Acknowledged, and excellent catch.

    I know where this happens, too, and how to fix it. As soon as I get the time, I’ll address this (BTW, I have tested the plugin with WP 4.1.1, and just need to update the readme to show compatibility).

    I would also expect to see this behavior with the development version of the plugin.

    Thanks for bringing this to my attention, and for your clear and concise bug report!

    Cheers

    Thread Starter skycaptsteve

    (@skycaptsteve)

    awesome! looking forward to a fix. Great work on the plugin, it’s the best one I’ve tested.

    We’re currently using it as part of our company’s knowledge base, thanks again for the quick reply and a great plugin.

    Plugin Author Lewis Rosenthal

    (@lewisr)

    You bet!

    I know I’m well behind the curve here, following up on open issues and pushing the next release out the door. Life has a habit of getting in the way of the fun stuff!

    Great to hear that the plugin is useful to you, you’re very welcome, and thank you for the kind words.

    Cheers

    Plugin Author Lewis Rosenthal

    (@lewisr)

    Ugh…

    I think I left this fix out of 1.1.0. I had some svn issues on my end which made updating the repository somewhat tedious over the past few months. Coupled with my overall lack of availability, I honestly can’t recall where I left off on this.

    Bottom line: Please upgrade to 1.1.0 and test. If it’s not there, look for an updated development build soon. I was mostly concerned with the XSS vulnerability when I pushed 1.1.0, and let a number of other things slide.

    Cheers

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘ERROR: PDF downloads full content on password protected pages’ is closed to new replies.