EWWW Image Optimizer - Version 5.8.2

Version Description

security: improper nonce verification for Nextgen bulk optimizer initialization (minor severity)
changed: Easy IO verification performed via API for better reliability
fixed: Easy IO missing https availability for admin-ajax.php requests when home_url is using plain http
fixed: Easy IO silently fails to rewrite URLs when using CNAME with WP Offload Media
fixed: wp_lazy_loading_enabled filter should have 3 parameters
fixed: Easy IO shows alert for domain change when a non-default WPML language is active
fixed: JS WebP does not auto-detect WP Offload Media CNAME

Release Info

Developer	nosilver4u
Plugin	EWWW Image Optimizer
Version	5.8.2
Comparing to
See all releases

Code changes from version 5.8.1 to 5.8.2

Files changed (11) hide show

changelog.txt +9 -0
classes/class-eio-alt-webp.php +8 -1
classes/class-eio-base.php +2 -2
classes/class-eio-lazy-load.php +1 -1
classes/class-eio-picture-webp.php +11 -4
classes/class-ewww-nextgen.php +1 -1
classes/class-exactdn.php +89 -21
common.php +17 -6
ewww-image-optimizer.php +1 -7
readme.txt +11 -2
unique.php +2 -1

changelog.txt CHANGED Viewed

@@ -1,3 +1,12 @@
             = 5.8.1 =
             * fixed: Easy IO parser has typo in $webp_quality variable


1	+ = 5.8.2 =
2	+ * security: improper nonce verification for Nextgen bulk optimizer initialization (minor severity)
3	+ * changed: Easy IO verification performed via API for better reliability
4	+ * fixed: Easy IO missing https availability for admin-ajax.php requests when home_url is using plain http
5	+ * fixed: Easy IO silently fails to rewrite URLs when using CNAME with WP Offload Media
6	+ * fixed: wp_lazy_loading_enabled filter should have 3 parameters
7	+ * fixed: Easy IO shows alert for domain change when a non-default WPML language is active
8	+ * fixed: JS WebP does not auto-detect WP Offload Media CNAME
9	+
10	= 5.8.1 =
11	* fixed: Easy IO parser has typo in $webp_quality variable
12

classes/class-eio-alt-webp.php CHANGED Viewed

	@@ -112,10 +112,17 @@ class EIO_Alt_Webp extends EIO_Page_Parser {
112	if ( ! empty( $s3_domain ) && $as3cf->get_setting( 'serve-from-s3' ) ) {
113	ewwwio_debug_message( "found S3 domain of $s3_domain with bucket $s3_bucket and region $s3_region" );
114	$this->webp_paths[] = $s3_scheme . '://' . $s3_domain . '/';
115	- $~~this~~->~~s3_active =~~ $~~s3_domain;~~





116	if ( $as3cf->get_setting( 'enable-object-prefix' ) ) {
117	$this->s3_object_prefix = $as3cf->get_setting( 'object-prefix' );
118	$this->debug_message( $as3cf->get_setting( 'object-prefix' ) );


119	}
120	if ( $as3cf->get_setting( 'object-versioning' ) ) {
121	$this->s3_object_version = true;


112	if ( ! empty( $s3_domain ) && $as3cf->get_setting( 'serve-from-s3' ) ) {
113	ewwwio_debug_message( "found S3 domain of $s3_domain with bucket $s3_bucket and region $s3_region" );
114	$this->webp_paths[] = $s3_scheme . '://' . $s3_domain . '/';
115	+ if ( $as3cf->get_setting( 'enable-delivery-domain' ) && $as3cf->get_setting( 'delivery-domain' ) ) {
116	+ $delivery_domain = $as3cf->get_setting( 'delivery-domain' );
117	+ $this->webp_paths[] = $s3_scheme . '://' . $delivery_domain . '/';
118	+ $this->debug_message( "found WOM delivery domain of $delivery_domain" );
119	+ }
120	+ $this->s3_active = $s3_domain;
121	if ( $as3cf->get_setting( 'enable-object-prefix' ) ) {
122	$this->s3_object_prefix = $as3cf->get_setting( 'object-prefix' );
123	$this->debug_message( $as3cf->get_setting( 'object-prefix' ) );
124	+ } else {
125	+ $this->debug_message( 'no WOM prefix' );
126	}
127	if ( $as3cf->get_setting( 'object-versioning' ) ) {
128	$this->s3_object_version = true;

classes/class-eio-base.php CHANGED Viewed

	@@ -516,8 +516,8 @@ if ( ! class_exists( 'EIO_Base' ) ) {
516	return $this->site_url;
517	}
518	$this->site_url = get_home_url();
519	- if ~~( class_exists( 'Amazon_S3_And_CloudFront' ) ) {~~
520	- ~~global~~ $as3cf;
521	$s3_scheme = $as3cf->get_url_scheme();
522	$s3_region = $as3cf->get_setting( 'region' );
523	$s3_bucket = $as3cf->get_setting( 'bucket' );


516	return $this->site_url;
517	}
518	$this->site_url = get_home_url();
519	+ global $as3cf;
520	+ if ( class_exists( 'Amazon_S3_And_CloudFront' ) && is_object( $as3cf ) ) {
521	$s3_scheme = $as3cf->get_url_scheme();
522	$s3_region = $as3cf->get_setting( 'region' );
523	$s3_bucket = $as3cf->get_setting( 'bucket' );

classes/class-eio-lazy-load.php CHANGED Viewed

	@@ -108,7 +108,7 @@ if ( ! class_exists( 'EIO_Lazy_Load' ) ) {
108	$this->allow_piip = is_writable( $this->piip_folder ) && $this->gd_support();
109	}
110
111	- if ( ! apply_filters( 'wp_lazy_loading_enabled', true ) ) {
112	define( 'EWWWIO_DISABLE_NATIVE_LAZY', true );
113	}
114	add_filter( 'wp_lazy_loading_enabled', '__return_false' );


108	$this->allow_piip = is_writable( $this->piip_folder ) && $this->gd_support();
109	}
110
111	+ if ( ! apply_filters( 'wp_lazy_loading_enabled', true, 'img', '' ) ) {
112	define( 'EWWWIO_DISABLE_NATIVE_LAZY', true );
113	}
114	add_filter( 'wp_lazy_loading_enabled', '__return_false' );

classes/class-eio-picture-webp.php CHANGED Viewed

	@@ -98,16 +98,23 @@ class EIO_Picture_Webp extends EIO_Page_Parser {
98	$s3_domain = $as3cf->get_storage_provider()->get_url_domain( $s3_bucket, $s3_region );
99	}
100	if ( ! empty( $s3_domain ) && $as3cf->get_setting( 'serve-from-s3' ) ) {
101	- ~~ewwwio_debug_message~~( "found S3 domain of $s3_domain with bucket $s3_bucket and region $s3_region" );
102	$this->webp_paths[] = $s3_scheme . '://' . $s3_domain . '/';
103	- $~~this~~->~~s3_active =~~ $~~s3_domain;~~





104	if ( $as3cf->get_setting( 'enable-object-prefix' ) ) {
105	$this->s3_object_prefix = $as3cf->get_setting( 'object-prefix' );
106	- ~~ewwwio_debug_message~~( $as3cf->get_setting( 'object-prefix' ) );


107	}
108	if ( $as3cf->get_setting( 'object-versioning' ) ) {
109	$this->s3_object_version = true;
110	- ~~ewwwio_debug_message~~( 'object versioning enabled' );
111	}
112	}
113	}


98	$s3_domain = $as3cf->get_storage_provider()->get_url_domain( $s3_bucket, $s3_region );
99	}
100	if ( ! empty( $s3_domain ) && $as3cf->get_setting( 'serve-from-s3' ) ) {
101	+ $this->debug_message( "found S3 domain of $s3_domain with bucket $s3_bucket and region $s3_region" );
102	$this->webp_paths[] = $s3_scheme . '://' . $s3_domain . '/';
103	+ if ( $as3cf->get_setting( 'enable-delivery-domain' ) && $as3cf->get_setting( 'delivery-domain' ) ) {
104	+ $delivery_domain = $as3cf->get_setting( 'delivery-domain' );
105	+ $this->webp_paths[] = $s3_scheme . '://' . $delivery_domain . '/';
106	+ $this->debug_message( "found WOM delivery domain of $delivery_domain" );
107	+ }
108	+ $this->s3_active = $s3_domain;
109	if ( $as3cf->get_setting( 'enable-object-prefix' ) ) {
110	$this->s3_object_prefix = $as3cf->get_setting( 'object-prefix' );
111	+ $this->debug_message( $as3cf->get_setting( 'object-prefix' ) );
112	+ } else {
113	+ $this->debug_message( 'no WOM prefix' );
114	}
115	if ( $as3cf->get_setting( 'object-versioning' ) ) {
116	$this->s3_object_version = true;
117	+ $this->debug_message( 'object versioning enabled' );
118	}
119	}
120	}

classes/class-ewww-nextgen.php CHANGED Viewed

	@@ -855,7 +855,7 @@ if ( ! class_exists( 'EWWW_Nextgen' ) ) {
855	function ewww_ngg_bulk_init() {
856	$permissions = apply_filters( 'ewww_image_optimizer_bulk_permissions', '' );
857	$output = array();
858	- if ( empty( $_REQUEST['ewww_wpnonce'] ) && ! wp_verify_nonce( sanitize_key( $_REQUEST['ewww_wpnonce'] ), 'ewww-image-optimizer-bulk' ) \|\| ! current_user_can( $permissions ) ) {
859	$output['error'] = esc_html__( 'Access denied.', 'ewww-image-optimizer' );
860	ewwwio_ob_clean();
861	wp_die( wp_json_encode( $output ) );


855	function ewww_ngg_bulk_init() {
856	$permissions = apply_filters( 'ewww_image_optimizer_bulk_permissions', '' );
857	$output = array();
858	+ if ( empty( $_REQUEST['ewww_wpnonce'] ) \|\| ! wp_verify_nonce( sanitize_key( $_REQUEST['ewww_wpnonce'] ), 'ewww-image-optimizer-bulk' ) \|\| ! current_user_can( $permissions ) ) {
859	$output['error'] = esc_html__( 'Access denied.', 'ewww-image-optimizer' );
860	ewwwio_ob_clean();
861	wp_die( wp_json_encode( $output ) );

classes/class-exactdn.php CHANGED Viewed

	@@ -129,7 +129,16 @@ if ( ! class_exists( 'ExactDN' ) ) {
129	$site_url = get_home_url();
130	$scheme = 'http';
131	if ( strpos( $site_url, 'https://' ) !== false ) {

132	$scheme = 'https';








133	}
134	$this->scheme = $scheme;
135	}
	@@ -216,6 +225,11 @@ if ( ! class_exists( 'ExactDN' ) ) {
216	// Configure Autoptimize with our CDN domain.
217	add_filter( 'autoptimize_filter_cssjs_multidomain', array( $this, 'add_cdn_domain' ) );
218





219	$upload_url_parts = $this->parse_url( $this->content_url() );
220	if ( empty( $upload_url_parts ) ) {
221	$this->debug_message( "could not break down URL: $this->site_url" );
	@@ -225,9 +239,6 @@ if ( ! class_exists( 'ExactDN' ) ) {
225	if ( ! $this->get_option( $this->prefix . 'exactdn_local_domain' ) ) {
226	$this->set_option( $this->prefix . 'exactdn_local_domain', $this->upload_domain );
227	}
228	- if ( $this->get_option( $this->prefix . 'exactdn_local_domain' ) !== $this->upload_domain && is_admin() ) {
229	- add_action( 'admin_notices', $this->prefix . 'notice_exactdn_domain_mismatch' );
230	- }
231	$this->debug_message( "allowing images from here: $this->upload_domain" );
232	if (
233	( false !== strpos( $this->upload_domain, 'amazonaws.com' ) \|\| false !== strpos( $this->upload_domain, 'storage.googleapis.com' ) ) &&
	@@ -253,6 +264,13 @@ if ( ! class_exists( 'ExactDN' ) ) {
253	$this->allowed_domains[] = $wpml_domain;
254	}
255	}







256	$this->allowed_domains[] = $this->exactdn_domain;
257	$this->allowed_domains = apply_filters( 'exactdn_allowed_domains', $this->allowed_domains );
258	$this->debug_message( 'allowed domains: ' . implode( ',', $this->allowed_domains ) );
	@@ -299,6 +317,10 @@ if ( ! class_exists( 'ExactDN' ) ) {
299	function activate_site() {
300	$this->debug_message( '<b>' . __METHOD__ . '()</b>' );
301




302	$site_url = $this->content_url();
303	$home_url = home_url();
304
	@@ -405,6 +427,12 @@ if ( ! class_exists( 'ExactDN' ) ) {
405	// Set a default error.
406	global $exactdn_activate_error;
407	$exactdn_activate_error = 'zone not verified';






408	if ( ! defined( 'EXACTDN_LOCAL_DOMAIN' ) && $this->get_exactdn_option( 'verify_method' ) > 0 ) {
409	// Test with an image file that should be available on the ExactDN zone.
410	$test_url = plugins_url( '/images/test.png', constant( strtoupper( $this->prefix ) . 'PLUGIN_FILE' ) );
	@@ -412,28 +440,42 @@ if ( ! class_exists( 'ExactDN' ) ) {
412	$test_url = str_replace( $local_domain, $domain, $test_url );
413	$this->debug_message( "test url is $test_url" );
414	add_filter( 'http_headers_useragent', $this->prefix . 'cloud_useragent', PHP_INT_MAX );
415	- $test_result = ~~wp_remote_get~~( ~~$test_url );~~









416	if ( is_wp_error( $test_result ) ) {
417	$error_message = $test_result->get_error_message();
418	- $this->debug_message( "exactdn verification request failed: $error_message" );
419	$exactdn_activate_error = $error_message;
420	add_action( 'admin_notices', $this->prefix . 'notice_exactdn_activation_error' );
421	return false;
422	- } elseif ( ! empty( $test_result['~~response~~']~~['code']~~ ) && ( ~~403~~ === (~~int)~~ $test_result['~~response~~']~~['code']~~ ~~\|\| 404 === (int) $test_result[~~'~~response~~'~~]['code']~~ ) ) {
423	- // If we ~~get a 403 or 404~~, we ~~should use secondary verification.~~
424	- ~~$this->debug_message~~( ~~'received~~ ~~response~~ ~~code: ' .~~ $~~test_result['~~response']['~~code~~'] );
425	- $this->set_exactdn_option( 'verify_method', -1, false );
426	- } elseif ( ! empty( $test_result['body'] ) && strlen( $test_result['body'] ) > 300 ) {
427	- if ( 200 === (int) $test_result['response']['code'] &&
428	- ( '89504e470d0a1a0a' === bin2hex( substr( $test_result['body'], 0, 8 ) ) \|\| '52494646' === bin2hex( substr( $test_result['body'], 0, 4 ) ) ) ) {
429	$this->debug_message( 'exactdn (real-world) verification succeeded' );
430	$this->set_exactdn_option( 'verified', 1, false );
431	- $this->set_exactdn_option( 'verify_method', -1, false ); // After initial activation, use API ~~directly~~.
432	add_action( 'admin_notices', $this->prefix . 'notice_exactdn_activation_success' );
433	return true;
434	}
435	- ~~$this->debug_message(~~ ~~'mime~~ ~~check~~ ~~failed:~~ ~~' . bin2hex~~( ~~substr(~~ $test_result['body'], ~~0, 3~~ ) ) );
436	- $~~exactdn_activate_error~~ = '~~zone~~ ~~setup~~ ~~pending'~~;









437	}
438	if ( ! empty( $test_result['response']['code'] ) && 200 !== (int) $test_result['response']['code'] ) {
439	$this->debug_message( 'received response code: ' . $test_result['response']['code'] );
	@@ -443,14 +485,9 @@ if ( ! class_exists( 'ExactDN' ) ) {
443	}
444
445	// Secondary test against the API db.
446	- $url = 'http://optimize.exactlywww.com/exactdn/verify.php';
447	- $ssl = wp_http_supports( array( 'ssl' ) );
448	- if ( $ssl ) {
449	- $url = set_url_scheme( $url, 'https' );
450	- }
451	add_filter( 'http_headers_useragent', $this->prefix . 'cloud_useragent', PHP_INT_MAX );
452	$result = wp_remote_post(
453	- $~~url~~,
454	array(
455	'timeout' => 10,
456	'body' => array(
	@@ -496,6 +533,9 @@ if ( ! class_exists( 'ExactDN' ) ) {
496	add_action( 'admin_notices', $this->prefix . 'notice_exactdn_activation_error' );
497	return false;
498	}



499	add_action( 'admin_notices', $this->prefix . 'notice_exactdn_activation_error' );
500	return false;
501	}
	@@ -645,6 +685,27 @@ if ( ! class_exists( 'ExactDN' ) ) {
645	return update_option( $this->prefix . 'exactdn_' . $option_name, $option_value, $autoload );
646	}
647





















648	/**
649	* Validate the user-defined exclusions for "all the things" rewriting.
650	*/
	@@ -2752,6 +2813,11 @@ if ( ! class_exists( 'ExactDN' ) ) {
2752	if ( is_null( $scheme ) ) {
2753	$scheme = $this->scheme;
2754	}





2755
2756	/**
2757	* Disables ExactDN URL processing for local development.
	@@ -2825,8 +2891,10 @@ if ( ! class_exists( 'ExactDN' ) ) {
2825
2826	if ( isset( $image_url_parts['scheme'] ) && 'https' === $image_url_parts['scheme'] ) {
2827	if ( is_array( $args ) && false === strpos( $image_url, 'ssl=' ) ) {

2828	$args['ssl'] = 1;
2829	}

2830	$scheme = 'https';
2831	}
2832


129	$site_url = get_home_url();
130	$scheme = 'http';
131	if ( strpos( $site_url, 'https://' ) !== false ) {
132	+ $this->debug_message( "$site_url contains https" );
133	$scheme = 'https';
134	+ } elseif ( strpos( $this->content_url, 'https://' ) !== false ) {
135	+ $this->debug_message( $this->content_url . ' contains https' );
136	+ $scheme = 'https';
137	+ } elseif ( isset( $_SERVER['HTTPS'] ) && 'off' !== $_SERVER['HTTPS'] ) {
138	+ $this->debug_message( 'page requested over https' );
139	+ $scheme = 'https';
140	+ } else {
141	+ $this->debug_message( 'using plain http' );
142	}
143	$this->scheme = $scheme;
144	}

225	// Configure Autoptimize with our CDN domain.
226	add_filter( 'autoptimize_filter_cssjs_multidomain', array( $this, 'add_cdn_domain' ) );
227
228	+ if ( $this->is_as3cf_cname_active() ) {
229	+ add_action( 'admin_notices', $this->prefix . 'notice_exactdn_as3cf_cname_active' );
230	+ return;
231	+ }
232	+
233	$upload_url_parts = $this->parse_url( $this->content_url() );
234	if ( empty( $upload_url_parts ) ) {
235	$this->debug_message( "could not break down URL: $this->site_url" );

239	if ( ! $this->get_option( $this->prefix . 'exactdn_local_domain' ) ) {
240	$this->set_option( $this->prefix . 'exactdn_local_domain', $this->upload_domain );
241	}



242	$this->debug_message( "allowing images from here: $this->upload_domain" );
243	if (
244	( false !== strpos( $this->upload_domain, 'amazonaws.com' ) \|\| false !== strpos( $this->upload_domain, 'storage.googleapis.com' ) ) &&

264	$this->allowed_domains[] = $wpml_domain;
265	}
266	}
267	+ if (
268	+ $this->get_option( $this->prefix . 'exactdn_local_domain' ) !== $this->upload_domain &&
269	+ ! $this->allow_image_domain( $this->get_option( $this->prefix . 'exactdn_local_domain' ) ) &&
270	+ is_admin()
271	+ ) {
272	+ add_action( 'admin_notices', $this->prefix . 'notice_exactdn_domain_mismatch' );
273	+ }
274	$this->allowed_domains[] = $this->exactdn_domain;
275	$this->allowed_domains = apply_filters( 'exactdn_allowed_domains', $this->allowed_domains );
276	$this->debug_message( 'allowed domains: ' . implode( ',', $this->allowed_domains ) );

317	function activate_site() {
318	$this->debug_message( '<b>' . __METHOD__ . '()</b>' );
319
320	+ if ( $this->is_as3cf_cname_active() ) {
321	+ add_action( 'admin_notices', $this->prefix . 'notice_exactdn_as3cf_cname_active' );
322	+ return false;
323	+ }
324	$site_url = $this->content_url();
325	$home_url = home_url();
326

427	// Set a default error.
428	global $exactdn_activate_error;
429	$exactdn_activate_error = 'zone not verified';
430	+ // Primary check sends the test URL to the API for full verification.
431	+ $api_url = 'http://optimize.exactlywww.com/exactdn/verify.php';
432	+ $ssl = wp_http_supports( array( 'ssl' ) );
433	+ if ( $ssl ) {
434	+ $api_url = set_url_scheme( $api_url, 'https' );
435	+ }
436	if ( ! defined( 'EXACTDN_LOCAL_DOMAIN' ) && $this->get_exactdn_option( 'verify_method' ) > 0 ) {
437	// Test with an image file that should be available on the ExactDN zone.
438	$test_url = plugins_url( '/images/test.png', constant( strtoupper( $this->prefix ) . 'PLUGIN_FILE' ) );

440	$test_url = str_replace( $local_domain, $domain, $test_url );
441	$this->debug_message( "test url is $test_url" );
442	add_filter( 'http_headers_useragent', $this->prefix . 'cloud_useragent', PHP_INT_MAX );
443	+ $test_result = wp_remote_post(
444	+ $api_url,
445	+ array(
446	+ 'timeout' => 10,
447	+ 'body' => array(
448	+ 'alias' => $domain,
449	+ 'url' => $test_url,
450	+ ),
451	+ )
452	+ );
453	if ( is_wp_error( $test_result ) ) {
454	$error_message = $test_result->get_error_message();
455	+ $this->debug_message( "exactdn (1) verification request failed: $error_message" );
456	$exactdn_activate_error = $error_message;
457	add_action( 'admin_notices', $this->prefix . 'notice_exactdn_activation_error' );
458	return false;
459	+ } elseif ( ! empty( $test_result['body'] ) && false === strpos( $test_result['body'], 'error' ) ) {
460	+ $response = json_decode( $test_result['body'], true );
461	+ if ( ! empty( $response['success'] ) ) {




462	$this->debug_message( 'exactdn (real-world) verification succeeded' );
463	$this->set_exactdn_option( 'verified', 1, false );
464	+ $this->set_exactdn_option( 'verify_method', -1, false ); // After initial activation, use simpler API verification.
465	add_action( 'admin_notices', $this->prefix . 'notice_exactdn_activation_success' );
466	return true;
467	}
468	+ } elseif ( ! empty( $test_result['body'] ) ) {
469	+ $response = json_decode( $test_result['body'], true );
470	+ $error_message = $response['error'];
471	+ $this->debug_message( "exactdn (1) verification request failed: $error_message" );
472	+ $exactdn_activate_error = $error_message;
473	+ if ( false !== strpos( $error_message, 'not found' ) ) {
474	+ delete_option( $this->prefix . 'exactdn_domain' );
475	+ delete_site_option( $this->prefix . 'exactdn_domain' );
476	+ }
477	+ add_action( 'admin_notices', $this->prefix . 'notice_exactdn_activation_error' );
478	+ return false;
479	}
480	if ( ! empty( $test_result['response']['code'] ) && 200 !== (int) $test_result['response']['code'] ) {
481	$this->debug_message( 'received response code: ' . $test_result['response']['code'] );

485	}
486
487	// Secondary test against the API db.





488	add_filter( 'http_headers_useragent', $this->prefix . 'cloud_useragent', PHP_INT_MAX );
489	$result = wp_remote_post(
490	+ $api_url,
491	array(
492	'timeout' => 10,
493	'body' => array(

533	add_action( 'admin_notices', $this->prefix . 'notice_exactdn_activation_error' );
534	return false;
535	}
536	+ if ( ! empty( $result['response']['code'] ) && 200 !== (int) $result['response']['code'] ) {
537	+ $this->debug_message( 'received response code: ' . $result['response']['code'] );
538	+ }
539	add_action( 'admin_notices', $this->prefix . 'notice_exactdn_activation_error' );
540	return false;
541	}

685	return update_option( $this->prefix . 'exactdn_' . $option_name, $option_value, $autoload );
686	}
687
688	+ /**
689	+ * Check to see if a CNAME is configured in WP Offload Media.
690	+ *
691	+ * @return bool True if a CNAME is active, false otherwise.
692	+ */
693	+ function is_as3cf_cname_active() {
694	+ // Find the WP Offload Media domain/path.
695	+ global $as3cf;
696	+ if ( class_exists( 'Amazon_S3_And_CloudFront' ) && is_object( $as3cf ) ) {
697	+ if ( 'storage' !== $as3cf->get_setting( 'delivery-provider' ) ) {
698	+ $this->debug_message( 'active delivery provider: ' . $as3cf->get_setting( 'delivery-provider' ) );
699	+ if ( $as3cf->get_setting( 'enable-delivery-domain' ) && $as3cf->get_setting( 'delivery-domain' ) ) {
700	+ $delivery_domain = $as3cf->get_setting( 'delivery-domain' );
701	+ $this->debug_message( "found WOM CNAME domain: $delivery_domain" );
702	+ return true;
703	+ }
704	+ }
705	+ }
706	+ return false;
707	+ }
708	+
709	/**
710	* Validate the user-defined exclusions for "all the things" rewriting.
711	*/

2813	if ( is_null( $scheme ) ) {
2814	$scheme = $this->scheme;
2815	}
2816	+ if ( is_string( $scheme ) ) {
2817	+ $this->debug_message( "starting scheme: $scheme" );
2818	+ } else {
2819	+ $this->debug_message( 'no starting scheme' );
2820	+ }
2821
2822	/**
2823	* Disables ExactDN URL processing for local development.

2891
2892	if ( isset( $image_url_parts['scheme'] ) && 'https' === $image_url_parts['scheme'] ) {
2893	if ( is_array( $args ) && false === strpos( $image_url, 'ssl=' ) ) {
2894	+ $this->debug_message( 'adding ssl=1' );
2895	$args['ssl'] = 1;
2896	}
2897	+ $this->debug_message( 'setting scheme to https' );
2898	$scheme = 'https';
2899	}
2900

common.php CHANGED Viewed

	@@ -14,7 +14,7 @@ if ( ! defined( 'ABSPATH' ) ) {
14	exit;
15	}
16
17	- define( 'EWWW_IMAGE_OPTIMIZER_VERSION', '~~581~~.0' );
18
19	// Initialize a couple globals.
20	$eio_debug = '';
	@@ -1717,7 +1717,7 @@ function ewww_image_optimizer_webp_cdn_check_force( $new_value, $old_value ) {
1717	if ( ! empty( $new_value ) && (bool) $new_value !== (bool) $old_value ) {
1718	if ( class_exists( 'Amazon_S3_And_CloudFront' ) ) {
1719	global $as3cf;
1720	- if ( $as3cf->get_setting( 'serve-from-s3' ) && $as3cf->get_setting( 'remove-local-file' ) ) {
1721	update_option( 'ewww_image_optimizer_webp_force', true );
1722	}
1723	}
	@@ -1868,6 +1868,19 @@ function ewww_image_optimizer_notice_exactdn_domain_mismatch() {
1868	<?php
1869	}
1870













1871	/**
1872	* Inform the user that we disabled SP AIO to prevent conflicts with ExactDN.
1873	*/
	@@ -10777,10 +10790,8 @@ function ewww_image_optimizer_options( $network = 'singlesite' ) {
10777	<?php esc_html_e( 'Purchase a subscription for your site.', 'ewww-image-optimizer' ); ?>
10778	</a>
10779	</strong><br>
10780	- <a href="https://ewww.io/manage-sites/" target="_blank">
10781	- <?php ~~esc_html_e(~~ '~~Then,~~ ~~add~~ ~~your~~ ~~Site~~ ~~URL~~ ~~to your account:', 'easy-image-optimizer'~~ ); ?>
10782	- </a>
10783	- <?php echo esc_url( $easyio_site_url ); ?><br>
10784	<?php endif; ?>
10785	<a href="https://docs.ewww.io/article/44-introduction-to-exactdn" target="_blank" data-beacon-article="59bc5ad6042863033a1ce370">
10786	<?php esc_html_e( 'Learn more about Easy IO', 'ewww-image-optimizer' ); ?>


14	exit;
15	}
16
17	+ define( 'EWWW_IMAGE_OPTIMIZER_VERSION', '582.0' );
18
19	// Initialize a couple globals.
20	$eio_debug = '';

1717	if ( ! empty( $new_value ) && (bool) $new_value !== (bool) $old_value ) {
1718	if ( class_exists( 'Amazon_S3_And_CloudFront' ) ) {
1719	global $as3cf;
1720	+ if ( is_object( $as3cf ) && $as3cf->get_setting( 'serve-from-s3' ) && $as3cf->get_setting( 'remove-local-file' ) ) {
1721	update_option( 'ewww_image_optimizer_webp_force', true );
1722	}
1723	}

1868	<?php
1869	}
1870
1871	+ /**
1872	+ * Let the user know they need to disable the WP Offload Media CNAME.
1873	+ */
1874	+ function ewww_image_optimizer_notice_exactdn_as3cf_cname_active() {
1875	+ ?>
1876	+ <div id="ewww-image-optimizer-notice-exactdn-as3cf-cname-active" class="notice notice-error">
1877	+ <p>
1878	+ <?php esc_html_e( 'Easy IO cannot optimize your images while using a custom domain (CNAME) in WP Offload Media. Please disable the custom domain in the WP Offload Media settings.', 'ewww-image-optimizer' ); ?>
1879	+ </p>
1880	+ </div>
1881	+ <?php
1882	+ }
1883	+
1884	/**
1885	* Inform the user that we disabled SP AIO to prevent conflicts with ExactDN.
1886	*/

10790	<?php esc_html_e( 'Purchase a subscription for your site.', 'ewww-image-optimizer' ); ?>
10791	</a>
10792	</strong><br>
10793	+ <a href="https://ewww.io/manage-sites/" target="_blank"><?php esc_html_e( 'Then, add your Site URL to your account:', 'easy-image-optimizer' ); ?></a>
10794	+ <?php echo ' ' . esc_url( $easyio_site_url ); ?><br>


10795	<?php endif; ?>
10796	<a href="https://docs.ewww.io/article/44-introduction-to-exactdn" target="_blank" data-beacon-article="59bc5ad6042863033a1ce370">
10797	<?php esc_html_e( 'Learn more about Easy IO', 'ewww-image-optimizer' ); ?>

ewww-image-optimizer.php CHANGED Viewed

	@@ -13,7 +13,7 @@ Plugin Name: EWWW Image Optimizer
13	Plugin URI: https://wordpress.org/plugins/ewww-image-optimizer/
14	Description: Reduce file sizes for images within WordPress including NextGEN Gallery and GRAND FlAGallery. Uses jpegtran, optipng/pngout, and gifsicle.
15	Author: Exactly WWW
16	- Version: 5.8.1
17	Author URI: https://ewww.io/
18	License: GPLv3
19	*/
	@@ -47,12 +47,6 @@ if ( ! defined( 'PHP_VERSION_ID' ) \|\| PHP_VERSION_ID < 50600 ) {
47	add_action( 'admin_notices', 'ewww_image_optimizer_dual_plugin' );
48	// Loads the plugin translations.
49	add_action( 'plugins_loaded', 'ewww_image_optimizer_false_init' );
50	- } elseif ( defined( 'WPNET_INIT_PLUGIN_VERSION' ) ) {
51	- add_action( 'network_admin_notices', 'ewww_image_optimizer_notice_wpnetnz' );
52	- add_action( 'admin_notices', 'ewww_image_optimizer_notice_wpnetnz' );
53	- require_once( plugin_dir_path( __FILE__ ) . 'classes/class-ewwwio-install-cloud.php' );
54	- // Loads the plugin translations.
55	- add_action( 'plugins_loaded', 'ewww_image_optimizer_false_init' );
56	} elseif ( false === strpos( add_query_arg( null, null ), 'ewwwio_disable=1' ) ) {
57	/**
58	* The full path of the plugin file (this file).


13	Plugin URI: https://wordpress.org/plugins/ewww-image-optimizer/
14	Description: Reduce file sizes for images within WordPress including NextGEN Gallery and GRAND FlAGallery. Uses jpegtran, optipng/pngout, and gifsicle.
15	Author: Exactly WWW
16	+ Version: 5.8.2
17	Author URI: https://ewww.io/
18	License: GPLv3
19	*/

47	add_action( 'admin_notices', 'ewww_image_optimizer_dual_plugin' );
48	// Loads the plugin translations.
49	add_action( 'plugins_loaded', 'ewww_image_optimizer_false_init' );






50	} elseif ( false === strpos( add_query_arg( null, null ), 'ewwwio_disable=1' ) ) {
51	/**
52	* The full path of the plugin file (this file).

readme.txt CHANGED Viewed

	@@ -2,10 +2,10 @@
2	Contributors: nosilver4u
3	Donate link: https://ewww.io/donate/
4	Tags: optimize, image, convert, webp, resize, compress, lazy load, optimization, lossless, lossy, seo, scale
5	- Requires at least: 5.2
6	Tested up to: 5.5
7	Requires PHP: 5.6
8	- Stable tag: 5.8.1
9	License: GPLv3
10
11	Smaller Images, Faster Sites, Happier Visitors. Comprehensive image optimization that doesn't require a degree in rocket science.
	@@ -132,6 +132,15 @@ That's not a question, but since I made it up, I'll answer it. See this resource
132	* Feature requests can be viewed and submitted on our [feedback portal](https://feedback.ewww.io)
133	* If you would like to help translate this plugin in your language, [join the team](https://translate.wordpress.org/projects/wp-plugins/ewww-image-optimizer/)
134









135	= 5.8.1 =
136	* fixed: Easy IO parser has typo in $webp_quality variable
137


2	Contributors: nosilver4u
3	Donate link: https://ewww.io/donate/
4	Tags: optimize, image, convert, webp, resize, compress, lazy load, optimization, lossless, lossy, seo, scale
5	+ Requires at least: 5.3
6	Tested up to: 5.5
7	Requires PHP: 5.6
8	+ Stable tag: 5.8.2
9	License: GPLv3
10
11	Smaller Images, Faster Sites, Happier Visitors. Comprehensive image optimization that doesn't require a degree in rocket science.

132	* Feature requests can be viewed and submitted on our [feedback portal](https://feedback.ewww.io)
133	* If you would like to help translate this plugin in your language, [join the team](https://translate.wordpress.org/projects/wp-plugins/ewww-image-optimizer/)
134
135	+ = 5.8.2 =
136	+ * security: improper nonce verification for Nextgen bulk optimizer initialization (minor severity)
137	+ * changed: Easy IO verification performed via API for better reliability
138	+ * fixed: Easy IO missing https availability for admin-ajax.php requests when home_url is using plain http
139	+ * fixed: Easy IO silently fails to rewrite URLs when using CNAME with WP Offload Media
140	+ * fixed: wp_lazy_loading_enabled filter should have 3 parameters
141	+ * fixed: Easy IO shows alert for domain change when a non-default WPML language is active
142	+ * fixed: JS WebP does not auto-detect WP Offload Media CNAME
143	+
144	= 5.8.1 =
145	* fixed: Easy IO parser has typo in $webp_quality variable
146

unique.php CHANGED Viewed

	@@ -182,7 +182,7 @@ function ewww_image_optimizer_notice_hosting_requires_api() {
182	} elseif ( defined( 'KINSTAMU_VERSION' ) ) {
183	$webhost = 'Kinsta';
184	} elseif ( defined( 'WPNET_INIT_PLUGIN_VERSION' ) ) {
185	- $webhost = '~~WPNET~~';
186	} else {
187	return;
188	}
	@@ -1210,6 +1210,7 @@ function ewww_image_optimizer_md5check( $path ) {
1210	return true;
1211	}
1212	}

1213	ewwwio_memory( __FUNCTION__ );
1214	return false;
1215	}


182	} elseif ( defined( 'KINSTAMU_VERSION' ) ) {
183	$webhost = 'Kinsta';
184	} elseif ( defined( 'WPNET_INIT_PLUGIN_VERSION' ) ) {
185	+ $webhost = 'WP NET';
186	} else {
187	return;
188	}

1210	return true;
1211	}
1212	}
1213	+ ewwwio_debug_message( 'invalid checksum' );
1214	ewwwio_memory( __FUNCTION__ );
1215	return false;
1216	}