Descripción
Insecure Content Warning helps content creators with secure (HTTPS) websites avoid insecure-content warnings in the browser by flagging any elements in the content editor (such as images, videos, and embeds) that are being delivered or sourced from an insecure (HTTP) web address. All insecure elements are flagged before the content is published, and can be fixed manually or simply by clicking “fix it.”
Compatible with the “classic” editor as well as the block editor (aka Gutenberg).
Technical Notes
- Requires PHP 7.4+.
- Requires WordPress 5.8+.
- Requires a secure / SSL (HTTPS) website, front and back end.
Usage
This plugin requires no configuration. Simply activate and the plugin will prevent posts with insecure elements from being published, as well as provide a banner with information on the offending assets.
Optional WP-CLI Commands
These are not required for normal usage of the plugin, but are available as a utility for more advanced usage.
wp icw fix
Used to fix insecure elements in existing content. Can target specific posts or bulk batches.
wp icw fix [<id>] [--include] [--all] [--post_type] [--limit] [--offset] [--dry-run]
Example:
$ wp icw fix --all --post_type=page
Checking post content...
Total posts checked for insecure URL(s): 10
+-------------------------------------+
| URL(s) fixed summary |
+-------------------------------------+
| 0/0 URL(s) fixed in post 98 |
| 0/0 URL(s) fixed in post 96 |
| 0/0 URL(s) fixed in post 76 |
| ........................... |
| 0/0 URL(s) fixed in post 6 |
| 0/0 URL(s) fixed in post 1 |
+-------------------------------------+
Run wp help icw fix for more information on the command args.
Capturas
Example of attempting to publish a post with insecure content - classic editor. 
Example of attempting to publish a post with insecure content - block editor.
Instalación
- Install the plugin via the plugin installer, either by searching for it or uploading a .zip file.
- Activate the plugin.
Reseñas
No hay reseñas para este plugin.
Colaboradores y desarrolladores
«Insecure Content Warning» es un software de código abierto. Las siguientes personas han colaborado con este plugin.
Colaboradores
«Insecure Content Warning» ha sido traducido a 1 idioma local. Gracias a los traductores por sus contribuciones.
Traduce «Insecure Content Warning» a tu idioma.
¿Interesado en el desarrollo?
Revisa el código , echa un vistazo al repositorio SVN o suscríbete al registro de desarrollo por RSS.
Registro de cambios
1.2.0 – 2023-10-16
-
Note that this version bumps the minimum WordPress version from 5.7 to 5.8.
-
Added: Ensure that saving using the keyboard shortcut
Ctrl|Command + Striggers the insecure content check (props @Sidsector9, @dinhtungdu, @jeffpaul, @faisal-alvi via #56). - Added: New admin screen to bulk fix insecure content (props @kmgalanakis, @peterwilsoncc via #112).
- Added: Composer, with PHPCBF and PHPCS to aid with coding standards (props @cameronterry, @peterwilsoncc via #127).
- Added: Check for minimum required PHP version before loading the plugin (props @kmgalanakis, @peterwilsoncc via #135).
- Added: Repo Automater GitHub Action added to automate common repo operations (props @iamdharmesh, @jeffpaul via #142).
- Changed: Bump WordPress “tested up to” version to 6.3 (props @kmgalanakis, @jeffpaul, @dkotter via #140, #144).
- Changed: Bump WordPress minimum supported version from 5.7 to 5.8 (props @iamdharmesh, @dkotter via #145).
- Fixed: Properly handle fixing of multiple different instances of insecure content (props @kmgalanakis, @iamdharmesh via #139).
- Fixed: Ensure all Cypress E2E tests pass when running on WordPress 6.3 (props @iamdharmesh, @dkotter via #145).
- Security: Bump
stylelintfrom 9.10.1 to 15.10.1 (props @dependabot, @ravinderk via #126). - Security: Bump
cypressfrom 11.2.0 to 13.2.0,@10up/cypress-wp-utilsfrom 0.1.0 to 0.2.0 and@wordpress/envfrom 5.8.0 to 8.7.0 (props @iamdharmesh, @dkotter via #145). - Security: Bump
postcssfrom 8.4.27 to 8.4.31 (props @dependabot, @Sidsector9 via #147).
1.1.0 – 2023-06-21
- Added:
View elementlink to highlight and auto-scroll to the insecure element (props @cadic, @peterwilsoncc, @psorensen, @adamsilverstein, @dkotter via #73). - Changed: Bump WordPress “tested up to” version 6.2 (props @Sidsector9, @iamdharmesh via #117).
- Changed: Update the Dependency Review GitHub Action (props @jeffpaul, @Sidsector9 via #122).
- Fixed: Update dependencies of javascript assets (props @cadic, @peterwilsoncc, @psorensen, @adamsilverstein, @dkotter via #73).
- Fixed: Ensure that HTML blocks and converted classic editor blocks are correctly checked for insecure content (props @nateconley, @Sidsector9 via #108).
- Security: Bump
simple-gitfrom 3.15.1 to 3.16.0 (props @dependabot via #107). - Security: Bump
json5from 1.0.1 to 1.0.2 (props @dependabot via #110). - Security: Bump
ua-parser-jsfrom 1.0.2 to 1.0.33 andbrowser-syncfrom 2.27.11 to 2.28.1 (props @dependabot via #111). - Security: Bump
engine.iofrom 6.4.1 to 6.4.2 (props @dependabot via #119). - Security: Bump
socket.io-parserfrom 4.2.2 to 4.2.3 (props @dependabot via #121).
1.0.3 – 2023-01-09
-
Note that this version bumps the minimum PHP version from 7.0 to 7.4 and the minimum WordPress version from 5.3 to 5.7.
-
Added: Documentation for our custom WP-CLI commands (props @csloisel, @iamdharmesh via #99).
- Added: Setup E2E testing using Cypress (props @cadic, @iamdharmesh via #75).
- Changed: Bump minimum PHP version from 7.0 to 7.4 (props @Sidsector9, @iamdharmesh, @vikrampm1 via #81).
- Changed: Bump minimum WordPress version from 5.3 to 5.7 (props @Sidsector9, @iamdharmesh, @vikrampm1 via #81).
- Changed: Update Support Level from
ActivetoStable(props @jeffpaul, @dkotter via #80). - Changed: Bump WordPress version “tested up to” 6.1 (props @jayedul, @dkotter via #97).
- Security: Bump
terserfrom 4.8.0 to 4.8.1 (props @dependabot via #79). - Security: Bump
loader-utilsfrom 1.4.0 to 1.4.2 (props @dependabot via #87). - Security: Bump
minimatchfrom 3.0.4 to 3.1.2 (props @dependabot via #88). - Security: Bump
engine.iofrom 3.2.1 to 6.2.1 (props @dependabot via #90). - Security: Bump
browser-syncfrom 2.26.12 to 2.27.11 (props @dependabot via #90, #104). - Security: Bump
color-stringfrom 1.5.3 to 1.9.1 (props @dependabot via #91). - Security: Bump
is-svgfrom 4.2.1 to 4.3.2 andpostcss-svgofrom 4.0.2 to 4.0.3 (props @dependabot via #92). - Security: Bump
browserslistfrom 4.14.0 to 4.16.5 (props @dependabot via #94). - Security: Bump
inifrom 1.3.5 to 1.3.8 (props @dependabot via #96). - Security: Bump
decode-uri-componentfrom 0.2.0 to 0.2.2 (props @dependabot via #98). - Security: Bump
json5from 1.0.1 to 1.0.2 (props @dependabot via #102). - Security: Bump
qsfrom 6.2.3 to 6.11.0 (props @dependabot via #104).
1.0.2 – 2022-06-27
- Added: Dependency security scanning (props @jeffpaul via #70).
- Changed: Bump WordPress version “tested up to” 6.0 (props @cadic via #74).
- Security: Bump
minimistfrom 1.2.5 to 1.2.6 (props @dependabot via #67). - Security: Bump
postcssfrom 7.0.32 to 7.0.39 (props @dependabot via #68).
1.0.1 – 2022-02-17
- Fixed: Ensure we support WordPress 5.9 (props @dkotter, @mohitwp, @peterwilsoncc).
1.0.0 – 2021-08-24
- Added: Initial public release! 🎉