Security suggestion

  • Resolved Jason Lau

    (@jason-lau)


    11 years ago

    Hi,

    I recommend that you adjust this plugin to ignore short codes in Posts or Pages. Otherwise short codes inadvertently become Default Descriptions, which is a security issue. For example, if use short codes to include PHP files in Posts and Pages, the file paths become exposed in the Default Descriptions. So, this plugin should ignore short codes or read the page content from the client side, in order to extract Default Descriptions.

    Additionally, I frequently receive this message when I update Pages –

    SSO Warning :
    Media Library image id 721 rejected: 260×350 is too small for the wpsso-opengraph image dimensions setting (850×520). You must upload a larger version of the original image, or adjust the wpsso-opengraph image dimensions setting.

    I’m not sure where that image ID is coming from, but it’s not the one I have set in the settings.

    Thanks in advance!

    https://www.ads-software.com/plugins/wpsso/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author JS Morisset

    (@jsmoriss)

    Shortcodes are resolved by default — check / uncheck the “Apply Content Filters” option on the SSO Advanced settings page to manage that behavior.

    When shortcodes are not resolved, they are stripped out of the description meta tags etc.

    Image ID 721 must be attached to that page, or perhaps it’s a featured image, or perhaps it was found in the content. If you’ve set a custom Image ID on that page (in the SSO Custom Settings metabox), then that image ID will take precedence, and no additional images will be retrieved if you’ve set the maximum number of images to 1.

    Let me know if you have any other questions. ??

    js.

    Plugin Author JS Morisset

    (@jsmoriss)

    BTW, this may be relevant to your situation: https://surniaulula.com/codex/plugins/wpsso/notes/working-with-image-attachments/

    More documentation here: https://surniaulula.com/codex/plugins/wpsso/

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Security suggestion’ is closed to new replies.