jili xiyangyang.REGISTER NOW GET FREE 888 PESOS REWARDS!

Resolved dciphered
(@dciphered)

4 months ago
I’ve recently discovered an error within browser dev console which exposes the hidden fields & data configured via the DTX plugin, including post author’s email which is considered sensitive. The following is a redacted excerpt of the error, referencing “non-unique id’s” being used across the ‘dynamichidden’ fields configured within the contact form. When attempting to add a unique id or class to the string, the syntax isn’t accepted. This occurs on all pages where this contact form is being used:

[DOM] Found 4 elements with non-unique id #: (More info: )
“input type=?”hidden” name=?”custom-post-author-name-shortcode” id class=?”wpcf7-form-control wpcf7-hidden wpcf7dtx wpcf7dtx-hidden” aria-invalid=?”false” value=?”NAME REDACTED””
“input type=?”hidden” name=?”your-email” id class=?”wpcf7-form-control wpcf7-hidden wpcf7dtx wpcf7dtx-hidden” aria-invalid=?”false” value”
“input type=?”hidden” name=?”Posttitle” id class=?”wpcf7-form-control wpcf7-hidden wpcf7dtx wpcf7dtx-hidden” aria-invalid=?”false” value=?”TITLE REDACTED””
“input type=?”hidden” name=?”custom-post-author-email-shortcode” id class=?”wpcf7-form-control wpcf7-hidden wpcf7dtx wpcf7dtx-hidden” aria-invalid=?”false” value=?”SOMETHING@gmail.com””

Keen to understand how to resolve the issue.

Many thanks in advance.
- This topic was modified 4 months ago by dciphered.
- This topic was modified 4 months ago by dciphered.

Viewing 4 replies - 1 through 4 (of 4 total)

Plugin Author Tessa (they/them), AuRise Creative
(@tessawatkinsllc)

4 months ago

I’ve been able to reproduce your issue with my demo forms here. I’ll see what’s up. Thanks!

Thread Starter dciphered
(@dciphered)

3 months, 4 weeks ago

Thanks Tessa, looking forward to your update.

Plugin Author Tessa (they/them), AuRise Creative
(@tessawatkinsllc)

3 months, 3 weeks ago

Please update to version 5.0.1 and this should be resolved! Your specific error…

Found 4 elements with non-unique id #:

…was referring to the elements with empty id attributes. Version 5.0.1 now excludes attributes with empty values so the id attribute will no longer appear in the DOM to cause the error.

I’m not 100% sure why the class attribute was empty, but I’ve applied a consistent approach for getting dynamic attributes and it’s working again.

On a related note, I recommend adding in the author’s email address after the form is submitted so it’s not exposed on the client-side at all.

Thread Starter dciphered
(@dciphered)

3 months, 3 weeks ago

Wonderful, confirming that it’s working as expected now. Thanks for the quick turnaround and fix!

Viewing 4 replies - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.