Cloudflare - Version 4.11.0

Version Description

2022-07-27 =
Restrict access to sensitive files using .htaccess configuration.
Added cloudflare_use_cache hook to determine when to cache.
Allow arrays with url keys to be passed into cache purge requests.
Handle getZoneSettings not returning a key and throwing an unset array key error.

Release Info

Developer	manatarms
Plugin	Cloudflare
Version	4.11.0
Comparing to
See all releases

Code changes from version 4.10.1 to 4.11.0

Files changed (14) hide show

.htaccess +54 -0
.vscode/launch.json +0 -21
cloudflare.php +1 -1
composer.json +1 -1
composer.lock +1 -1
config.json +1 -1
docker_tag +0 -1
output.log +11 -10
readme.txt +8 -1
src/WordPress/Hooks.php +9 -3
vendor/autoload.php +1 -1
vendor/composer/autoload_real.php +7 -7
vendor/composer/autoload_static.php +5 -5
xdebug/.gitkeep +0 -0

.htaccess ADDED Viewed

	@@ -0,0 +1,54 @@


1	+ # Restricts direct access to files that are not intended to be publicly available
2	+
3	+ # Apache 2.2
4	+ <IfModule !mod_authz_core.c>
5	+ Order Deny,Allow
6	+ Deny from all
7	+ </IfModule>
8	+
9	+ # Apache 2.4
10	+ <IfModule mod_authz_core.c>
11	+ Require all denied
12	+ </IfModule>
13	+
14	+
15	+ # Allows direct access to specific files only
16	+
17	+ # Cloudflare JS and CSS
18	+ <FilesMatch "^.+(js\|css)$">
19	+ # Apache 2.2
20	+ <IfModule !mod_authz_core.c>
21	+ Allow from all
22	+ </IfModule>
23	+
24	+ # Apache 2.4
25	+ <IfModule mod_authz_core.c>
26	+ Require all granted
27	+ </IfModule>
28	+ </FilesMatch>
29	+
30	+ # Cloudflare images
31	+ <FilesMatch "^.+(png\|svg\|gif\|jpg\|webp)$">
32	+ # Apache 2.2
33	+ <IfModule !mod_authz_core.c>
34	+ Allow from all
35	+ </IfModule>
36	+
37	+ # Apache 2.4
38	+ <IfModule mod_authz_core.c>
39	+ Require all granted
40	+ </IfModule>
41	+ </FilesMatch>
42	+
43	+ # Cloudflare fonts
44	+ <FilesMatch "^.+(eot\|ttf\|\|otf\|woff\|woff2)$">
45	+ # Apache 2.2
46	+ <IfModule !mod_authz_core.c>
47	+ Allow from all
48	+ </IfModule>
49	+
50	+ # Apache 2.4
51	+ <IfModule mod_authz_core.c>
52	+ Require all granted
53	+ </IfModule>
54	+ </FilesMatch>

.vscode/launch.json DELETED Viewed

@@ -1,21 +0,0 @@
-            -
            {
-            -
                "version": "0.2.0",
-            -
                "configurations": [
-            -
                    {
-            -
                        "name": "xdebug",
-            -
                        "type": "php",
-            -
                        "request": "launch",
-            -
                        "port": 9003,
-            -
                        "hostname": "localhost",
-            -
                        "pathMappings": {
-            -
                            "/var/www/html/wp-content/plugins/cloudflare": "${workspaceFolder}",
-            -
                        },
-            -
                        "xdebugSettings": {
-            -
                            "max_data": 65535,
-            -
                            "show_hidden": 1,
-            -
                            "max_children": 100,
-            -
                            "max_depth": 5
-            -
                        }
-            -
                    }
-            -
                ]
-            -
            }

cloudflare.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: Cloudflare
4	Plugin URI: https://blog.cloudflare.com/new-wordpress-plugin/
5	Description: Cloudflare speeds up and protects your WordPress site.
6	- Version: 4.10.1
7	Requires PHP: 7.2
8	Author: Cloudflare, Inc.
9	License: BSD-3-Clause


3	Plugin Name: Cloudflare
4	Plugin URI: https://blog.cloudflare.com/new-wordpress-plugin/
5	Description: Cloudflare speeds up and protects your WordPress site.
6	+ Version: 4.11.0
7	Requires PHP: 7.2
8	Author: Cloudflare, Inc.
9	License: BSD-3-Clause

composer.json CHANGED Viewed

	@@ -32,7 +32,7 @@
32	"_comment": [
33	"php-compatibility-install comes from https://github.com/wimg/PHPCompatibility/issues/102#issuecomment-255778195"
34	],
35	- "version": "4.10.1",
36	"config": {
37	"platform": {
38	"php": "7.2"


32	"_comment": [
33	"php-compatibility-install comes from https://github.com/wimg/PHPCompatibility/issues/102#issuecomment-255778195"
34	],
35	+ "version": "4.11.0",
36	"config": {
37	"platform": {
38	"php": "7.2"

composer.lock CHANGED Viewed

	@@ -4,7 +4,7 @@
4	"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
5	"This file is @generated automatically"
6	],
7	- "content-hash": "~~add31bec11920c881da38b966a45b27b~~",
8	"packages": [
9	{
10	"name": "cloudflare/cf-ip-rewrite",


4	"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
5	"This file is @generated automatically"
6	],
7	+ "content-hash": "656de6cb0aef14bfa89eac55f84375ed",
8	"packages": [
9	{
10	"name": "cloudflare/cf-ip-rewrite",

config.json CHANGED Viewed

	@@ -25,5 +25,5 @@
25	},
26	"locale": "en",
27	"integrationName": "wordpress",
28	- "version": "4.10.1"
29	}


25	},
26	"locale": "en",
27	"integrationName": "wordpress",
28	+ "version": "4.11.0"
29	}

docker_tag DELETED Viewed

	@@ -1 +0,0 @@
1	- docker.pkg.github.com/cloudflare/cloudflare-wordpress/php-actions_composer_cloudflare-wordpress:php-7.4-build2

output.log CHANGED Viewed

	@@ -23,29 +23,30 @@ php-7.4-build2: Pulling from cloudflare/cloudflare-wordpress/php-actions_compose
23	5571c1cd7f43: Waiting
24	65564f077fec: Waiting
25	4d1e94121e00: Waiting
26	- 30e209609427: Verifying Checksum
27	- 30e209609427: Download complete
28	- 801bfaa63ef2: Verifying Checksum
29	320f26ee9b1c: Verifying Checksum
30	320f26ee9b1c: Download complete




31	801bfaa63ef2: Pull complete


32	79c03e12047a: Verifying Checksum
33	79c03e12047a: Download complete
34	30e209609427: Pull complete

35	9b2beae78beb: Verifying Checksum
36	9b2beae78beb: Download complete
37	- 4612e05a72cf: Verifying Checksum
38	- 4612e05a72cf: Download complete
39	- 320f26ee9b1c: Pull complete
40	4612e05a72cf: Pull complete
41	- 65564f077fec: Verifying Checksum
42	- 65564f077fec: Download complete
43	- 9b2beae78beb: Pull complete
44	5571c1cd7f43: Verifying Checksum
45	5571c1cd7f43: Download complete
46	- 79c03e12047a: Pull complete
47	51393fef6543: Verifying Checksum
48	51393fef6543: Download complete




49	4d1e94121e00: Verifying Checksum
50	4d1e94121e00: Download complete
51	51393fef6543: Pull complete


23	5571c1cd7f43: Waiting
24	65564f077fec: Waiting
25	4d1e94121e00: Waiting



26	320f26ee9b1c: Verifying Checksum
27	320f26ee9b1c: Download complete
28	+ 801bfaa63ef2: Verifying Checksum
29	+ 801bfaa63ef2: Download complete
30	+ 30e209609427: Verifying Checksum
31	+ 30e209609427: Download complete
32	801bfaa63ef2: Pull complete
33	+ 4612e05a72cf: Verifying Checksum
34	+ 4612e05a72cf: Download complete
35	79c03e12047a: Verifying Checksum
36	79c03e12047a: Download complete
37	30e209609427: Pull complete
38	+ 320f26ee9b1c: Pull complete
39	9b2beae78beb: Verifying Checksum
40	9b2beae78beb: Download complete



41	4612e05a72cf: Pull complete



42	5571c1cd7f43: Verifying Checksum
43	5571c1cd7f43: Download complete

44	51393fef6543: Verifying Checksum
45	51393fef6543: Download complete
46	+ 9b2beae78beb: Pull complete
47	+ 65564f077fec: Verifying Checksum
48	+ 65564f077fec: Download complete
49	+ 79c03e12047a: Pull complete
50	4d1e94121e00: Verifying Checksum
51	4d1e94121e00: Download complete
52	51393fef6543: Pull complete

readme.txt CHANGED Viewed

	@@ -3,7 +3,7 @@ Contributors: icyapril, manatarms, thillcf, deuill, epatryk, jacobbednarz
3	Tags: cloudflare, seo, ssl, ddos, speed, security, cdn, performance, free
4	Requires at least: 3.4
5	Tested up to: 5.9
6	- Stable tag: 4.10.1
7	Requires PHP: 7.2
8	License: BSD-3-Clause
9
	@@ -99,6 +99,13 @@ Yes, Cloudflare works with, and helps speed up your site even more, if you have
99
100	== Changelog ==
101







102	= 4.10.1 - 2022-06-06 =
103
104	* Fix logic for ignoring cache purge operations.


3	Tags: cloudflare, seo, ssl, ddos, speed, security, cdn, performance, free
4	Requires at least: 3.4
5	Tested up to: 5.9
6	+ Stable tag: 4.11.0
7	Requires PHP: 7.2
8	License: BSD-3-Clause
9

99
100	== Changelog ==
101
102	+ = 4.11.0 - 2022-07-27 =
103	+
104	+ * Restrict access to sensitive files using `.htaccess` configuration.
105	+ * Added `cloudflare_use_cache` hook to determine when to cache.
106	+ * Allow arrays with `url` keys to be passed into cache purge requests.
107	+ * Handle `getZoneSettings` not returning a key and throwing an unset array key error.
108	+
109	= 4.10.1 - 2022-06-06 =
110
111	* Fix logic for ignoring cache purge operations.

src/WordPress/Hooks.php CHANGED Viewed

	@@ -174,7 +174,12 @@ class Hooks
174
175	// Don't attempt to purge anything outside of the provided zone.
176	foreach ($urls as $key => $url) {
177	- ~~if (!Utils::strEndsWith(parse_url(~~$~~url,~~ ~~PHP_URL_HOST),~~ $~~wpDomain)) {~~





178	unset($urls[$key]);
179	}
180	}
	@@ -429,7 +434,8 @@ class Hooks
429	}
430
431	// add header unconditionally so we can detect plugin is activated
432	- if (!is_user_logged_in()) {

433	header('cf-edge-cache: cache,platform=wordpress');
434	} else {
435	header('cf-edge-cache: no-cache');
	@@ -513,7 +519,7 @@ class Hooks
513	private function zoneSettingAlwaysUseHTTPSEnabled($zoneTag)
514	{
515	$settings = $this->api->getZoneSetting($zoneTag, "always_use_https");
516	- return $settings["value"] == "on";
517	}
518
519


174
175	// Don't attempt to purge anything outside of the provided zone.
176	foreach ($urls as $key => $url) {
177	+ $url_to_test = $url;
178	+ if (is_array($url) && !!$url['url']) {
179	+ $url_to_test = $url['url'];
180	+ }
181	+
182	+ if (!Utils::strEndsWith(parse_url($url_to_test, PHP_URL_HOST), $wpDomain)) {
183	unset($urls[$key]);
184	}
185	}

434	}
435
436	// add header unconditionally so we can detect plugin is activated
437	+ $cache = apply_filters('cloudflare_use_cache', !is_user_logged_in());
438	+ if ($cache) {
439	header('cf-edge-cache: cache,platform=wordpress');
440	} else {
441	header('cf-edge-cache: no-cache');

519	private function zoneSettingAlwaysUseHTTPSEnabled($zoneTag)
520	{
521	$settings = $this->api->getZoneSetting($zoneTag, "always_use_https");
522	+ return !empty($settings["value"]) && $settings["value"] == "on";
523	}
524
525

vendor/autoload.php CHANGED Viewed

	@@ -4,4 +4,4 @@
4
5	require_once __DIR__ . '/composer/autoload_real.php';
6
7	- return ~~ComposerAutoloaderInita417a38e081dddc69cfab1b745a899ae~~::getLoader();


4
5	require_once __DIR__ . '/composer/autoload_real.php';
6
7	+ return ComposerAutoloaderInit4da75b58d48b2aa01c88de0a5435fbdd::getLoader();

vendor/composer/autoload_real.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2
3	// autoload_real.php @generated by Composer
4
5	- class ~~ComposerAutoloaderInita417a38e081dddc69cfab1b745a899ae~~
6	{
7	private static $loader;
8
	@@ -22,15 +22,15 @@ class ComposerAutoloaderInita417a38e081dddc69cfab1b745a899ae
22	return self::$loader;
23	}
24
25	- spl_autoload_register(array('~~ComposerAutoloaderInita417a38e081dddc69cfab1b745a899ae~~', 'loadClassLoader'), true, true);
26	self::$loader = $loader = new \Composer\Autoload\ClassLoader();
27	- spl_autoload_unregister(array('~~ComposerAutoloaderInita417a38e081dddc69cfab1b745a899ae~~', 'loadClassLoader'));
28
29	$useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') \|\| !zend_loader_file_encoded());
30	if ($useStaticLoader) {
31	require_once __DIR__ . '/autoload_static.php';
32
33	- call_user_func(\Composer\Autoload\~~ComposerStaticInita417a38e081dddc69cfab1b745a899ae~~::getInitializer($loader));
34	} else {
35	$map = require __DIR__ . '/autoload_namespaces.php';
36	foreach ($map as $namespace => $path) {
	@@ -51,19 +51,19 @@ class ComposerAutoloaderInita417a38e081dddc69cfab1b745a899ae
51	$loader->register(true);
52
53	if ($useStaticLoader) {
54	- $includeFiles = Composer\Autoload\~~ComposerStaticInita417a38e081dddc69cfab1b745a899ae~~::$files;
55	} else {
56	$includeFiles = require __DIR__ . '/autoload_files.php';
57	}
58	foreach ($includeFiles as $fileIdentifier => $file) {
59	- ~~composerRequirea417a38e081dddc69cfab1b745a899ae~~($fileIdentifier, $file);
60	}
61
62	return $loader;
63	}
64	}
65
66	- function ~~composerRequirea417a38e081dddc69cfab1b745a899ae~~($fileIdentifier, $file)
67	{
68	if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
69	require $file;


2
3	// autoload_real.php @generated by Composer
4
5	+ class ComposerAutoloaderInit4da75b58d48b2aa01c88de0a5435fbdd
6	{
7	private static $loader;
8

22	return self::$loader;
23	}
24
25	+ spl_autoload_register(array('ComposerAutoloaderInit4da75b58d48b2aa01c88de0a5435fbdd', 'loadClassLoader'), true, true);
26	self::$loader = $loader = new \Composer\Autoload\ClassLoader();
27	+ spl_autoload_unregister(array('ComposerAutoloaderInit4da75b58d48b2aa01c88de0a5435fbdd', 'loadClassLoader'));
28
29	$useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') \|\| !zend_loader_file_encoded());
30	if ($useStaticLoader) {
31	require_once __DIR__ . '/autoload_static.php';
32
33	+ call_user_func(\Composer\Autoload\ComposerStaticInit4da75b58d48b2aa01c88de0a5435fbdd::getInitializer($loader));
34	} else {
35	$map = require __DIR__ . '/autoload_namespaces.php';
36	foreach ($map as $namespace => $path) {

51	$loader->register(true);
52
53	if ($useStaticLoader) {
54	+ $includeFiles = Composer\Autoload\ComposerStaticInit4da75b58d48b2aa01c88de0a5435fbdd::$files;
55	} else {
56	$includeFiles = require __DIR__ . '/autoload_files.php';
57	}
58	foreach ($includeFiles as $fileIdentifier => $file) {
59	+ composerRequire4da75b58d48b2aa01c88de0a5435fbdd($fileIdentifier, $file);
60	}
61
62	return $loader;
63	}
64	}
65
66	+ function composerRequire4da75b58d48b2aa01c88de0a5435fbdd($fileIdentifier, $file)
67	{
68	if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
69	require $file;

vendor/composer/autoload_static.php CHANGED Viewed

	@@ -4,7 +4,7 @@
4
5	namespace Composer\Autoload;
6
7	- class ~~ComposerStaticInita417a38e081dddc69cfab1b745a899ae~~
8	{
9	public static $files = array (
10	'25072dd6e2470089de65ae7bf11d3109' => __DIR__ . '/..' . '/symfony/polyfill-php72/bootstrap.php',
	@@ -69,10 +69,10 @@ class ComposerStaticInita417a38e081dddc69cfab1b745a899ae
69	public static function getInitializer(ClassLoader $loader)
70	{
71	return \Closure::bind(function () use ($loader) {
72	- $loader->prefixLengthsPsr4 = ~~ComposerStaticInita417a38e081dddc69cfab1b745a899ae~~::$prefixLengthsPsr4;
73	- $loader->prefixDirsPsr4 = ~~ComposerStaticInita417a38e081dddc69cfab1b745a899ae~~::$prefixDirsPsr4;
74	- $loader->prefixesPsr0 = ~~ComposerStaticInita417a38e081dddc69cfab1b745a899ae~~::$prefixesPsr0;
75	- $loader->classMap = ~~ComposerStaticInita417a38e081dddc69cfab1b745a899ae~~::$classMap;
76
77	}, null, ClassLoader::class);
78	}


4
5	namespace Composer\Autoload;
6
7	+ class ComposerStaticInit4da75b58d48b2aa01c88de0a5435fbdd
8	{
9	public static $files = array (
10	'25072dd6e2470089de65ae7bf11d3109' => __DIR__ . '/..' . '/symfony/polyfill-php72/bootstrap.php',

69	public static function getInitializer(ClassLoader $loader)
70	{
71	return \Closure::bind(function () use ($loader) {
72	+ $loader->prefixLengthsPsr4 = ComposerStaticInit4da75b58d48b2aa01c88de0a5435fbdd::$prefixLengthsPsr4;
73	+ $loader->prefixDirsPsr4 = ComposerStaticInit4da75b58d48b2aa01c88de0a5435fbdd::$prefixDirsPsr4;
74	+ $loader->prefixesPsr0 = ComposerStaticInit4da75b58d48b2aa01c88de0a5435fbdd::$prefixesPsr0;
75	+ $loader->classMap = ComposerStaticInit4da75b58d48b2aa01c88de0a5435fbdd::$classMap;
76
77	}, null, ClassLoader::class);
78	}

xdebug/.gitkeep DELETED Viewed

File without changes