Version Description
- Fix SSRF security vulnerability
- Remove googletagmanager.com/gtm.js from basic interaction
Download this release
Release Info
Developer | iubenda |
Plugin | iubenda Cookie Solution for GDPR |
Version | 3.0.8 |
Comparing to | |
See all releases |
Code changes from version 3.0.7 to 3.0.8
- iubenda-cookie-class/README.md +5 -1
- iubenda-cookie-class/iubenda.class.php +1 -2
- iubenda-cookie-class/test.php +0 -116
- iubenda-cookie-class/usage.php +0 -46
- iubenda_cookie_solution.php +3 -3
- readme.txt +8 -4
iubenda-cookie-class/README.md
CHANGED
@@ -98,7 +98,11 @@ These operations take place in accordance with the rules explained in [this guid
|
|
98 |
|
99 |
## Changelog
|
100 |
|
101 |
-
##### 4.1.
|
|
|
|
|
|
|
|
|
102 |
* Fix: Avoid overriding the purposes attr if it was set
|
103 |
|
104 |
##### 4.1.7
|
98 |
|
99 |
## Changelog
|
100 |
|
101 |
+
##### 4.1.9
|
102 |
+
* Fix SSRF security vulnerability
|
103 |
+
* Remove googletagmanager.com/gtm.js from basic internaction
|
104 |
+
|
105 |
+
##### ``4.1.8
|
106 |
* Fix: Avoid overriding the purposes attr if it was set
|
107 |
|
108 |
##### 4.1.7
|
iubenda-cookie-class/iubenda.class.php
CHANGED
@@ -5,7 +5,7 @@
|
|
5 |
* @author iubenda s.r.l
|
6 |
* @copyright 2018-2020, iubenda s.r.l
|
7 |
* @license GNU/GPL
|
8 |
-
* @version 4.1.
|
9 |
* @deprecated
|
10 |
*
|
11 |
* This program is free software: you can redistribute it and/or modify
|
@@ -57,7 +57,6 @@ class iubendaParser {
|
|
57 |
2 => array(
|
58 |
'apis.google.com/js/api.js',
|
59 |
'cse.google.com/cse.js',
|
60 |
-
'googletagmanager.com/gtm.js',
|
61 |
'loader.engage.gsfn.us/loader.js',
|
62 |
'headwayapp.co/widget.js',
|
63 |
'wchat.freshchat.com',
|
5 |
* @author iubenda s.r.l
|
6 |
* @copyright 2018-2020, iubenda s.r.l
|
7 |
* @license GNU/GPL
|
8 |
+
* @version 4.1.9
|
9 |
* @deprecated
|
10 |
*
|
11 |
* This program is free software: you can redistribute it and/or modify
|
57 |
2 => array(
|
58 |
'apis.google.com/js/api.js',
|
59 |
'cse.google.com/cse.js',
|
|
|
60 |
'loader.engage.gsfn.us/loader.js',
|
61 |
'headwayapp.co/widget.js',
|
62 |
'wchat.freshchat.com',
|
iubenda-cookie-class/test.php
DELETED
@@ -1,116 +0,0 @@
|
|
1 |
-
<?php
|
2 |
-
/**
|
3 |
-
* test.php
|
4 |
-
*
|
5 |
-
* @author iubenda s.r.l
|
6 |
-
* @copyright 2018-2020, iubenda s.r.l
|
7 |
-
* @license GNU/GPL
|
8 |
-
*
|
9 |
-
* This program is free software: you can redistribute it and/or modify
|
10 |
-
* it under the terms of the GNU General Public License as published by
|
11 |
-
* the Free Software Foundation, either version 3 of the License, or
|
12 |
-
* (at your option) any later version.
|
13 |
-
*
|
14 |
-
* This program is distributed in the hope that it will be useful,
|
15 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
16 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
17 |
-
* GNU General Public License for more details.
|
18 |
-
*
|
19 |
-
* You should have received a copy of the GNU General Public License
|
20 |
-
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
21 |
-
*/
|
22 |
-
|
23 |
-
ini_set( 'max_execution_time', 300 );
|
24 |
-
?>
|
25 |
-
|
26 |
-
<html>
|
27 |
-
<head>
|
28 |
-
<!-- Latest compiled and minified CSS -->
|
29 |
-
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css">
|
30 |
-
|
31 |
-
<!-- Optional theme -->
|
32 |
-
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap-theme.min.css">
|
33 |
-
<style>
|
34 |
-
ul { margin: 0; padding: 0;}
|
35 |
-
ul li { list-style-type: none; }
|
36 |
-
</style>
|
37 |
-
</head>
|
38 |
-
<body>
|
39 |
-
<div class="container">
|
40 |
-
<div class="row">
|
41 |
-
<div class="col-md-12">
|
42 |
-
<h1>iubenda class test</h1>
|
43 |
-
<form action="" method="POST">
|
44 |
-
<strong>URL WEBSITE</strong><BR>
|
45 |
-
<input type="text" name="url">
|
46 |
-
<input type="submit" class="btn" value="Analyze">
|
47 |
-
</form>
|
48 |
-
</div>
|
49 |
-
|
50 |
-
<?php
|
51 |
-
if ( ! empty( $_POST['url'] ) )
|
52 |
-
if (substr($_POST['url'], 0, 4) == "http") {
|
53 |
-
$url = filter_var( $_POST['url'], FILTER_SANITIZE_URL );
|
54 |
-
}
|
55 |
-
else
|
56 |
-
$url = '';
|
57 |
-
|
58 |
-
if ( $url ) {
|
59 |
-
|
60 |
-
function print_stuff( $array ) {
|
61 |
-
if ( count( $array ) ) {
|
62 |
-
echo "<ul>";
|
63 |
-
foreach ( $array as $r ) {
|
64 |
-
echo "<li><pre><code>" . htmlspecialchars( $r ) . "</code></pre></li>";
|
65 |
-
}
|
66 |
-
echo "</ul>";
|
67 |
-
} else {
|
68 |
-
echo "<p>Nothing</p>";
|
69 |
-
}
|
70 |
-
}
|
71 |
-
|
72 |
-
echo '<div class="col-md-12" style="padding-bottom:150px;"><h2>RESULTS</H2>';
|
73 |
-
|
74 |
-
include_once( 'iubenda.class.php' );
|
75 |
-
|
76 |
-
$content = file_get_contents( $url );
|
77 |
-
|
78 |
-
$type = isset( $_GET['type'] ) && in_array( $_GET['type'], array( 'page', 'faster' ), true ) ? $_GET['type'] : 'page';
|
79 |
-
$iubenda = new iubendaParser( $content, array( 'type' => $type ) );
|
80 |
-
$iubenda->parse();
|
81 |
-
|
82 |
-
$iub_comments_detected = count( $iubenda->iub_comments_detected );
|
83 |
-
$scripts_detected = count( $iubenda->scripts_detected );
|
84 |
-
$iframes_detected = count( $iubenda->iframes_detected );
|
85 |
-
$iframes_converted = count( $iubenda->iframes_converted );
|
86 |
-
$script_inline_detected = count( $iubenda->scripts_inline_detected );
|
87 |
-
$script_inline_converted = count( $iubenda->scripts_inline_converted );
|
88 |
-
$script_converted = count( $iubenda->scripts_converted );
|
89 |
-
|
90 |
-
echo "<p>Iubenda comments detected: $iub_comments_detected<br>Iubenda automatic stuff<br>Iframe detected: $iframes_detected<br>Iframe autoconverted: $iframes_converted<br>Scripts detected: $scripts_detected<br>Scripts autoconverted: $script_converted<br>Inline scripts detected: $script_inline_detected<br>Inline scripts autoconverted: $script_inline_converted</p>";
|
91 |
-
|
92 |
-
echo "<H3>DETAILS</H3>";
|
93 |
-
|
94 |
-
echo "<H4>iubenda comments stuff</h4>";
|
95 |
-
print_stuff( $iubenda->iub_comments_detected );
|
96 |
-
echo "<H4>Script detected</h4>";
|
97 |
-
print_stuff( $iubenda->scripts_detected );
|
98 |
-
echo "<H4>Script converted</h4>";
|
99 |
-
print_stuff( $iubenda->scripts_converted );
|
100 |
-
echo "<H4>Script inline detected</h4>";
|
101 |
-
print_stuff( $iubenda->scripts_inline_detected );
|
102 |
-
echo "<H4>Script inline converted</h4>";
|
103 |
-
print_stuff( $iubenda->scripts_inline_converted );
|
104 |
-
echo "<H4>Iframe detected</h4>";
|
105 |
-
print_stuff( $iubenda->iframes_detected );
|
106 |
-
echo "<H4>Iframe converted</h4>";
|
107 |
-
print_stuff( $iubenda->iframes_converted );
|
108 |
-
|
109 |
-
echo "</div>";
|
110 |
-
}
|
111 |
-
?>
|
112 |
-
</div>
|
113 |
-
</div>
|
114 |
-
|
115 |
-
</body>
|
116 |
-
</html>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
iubenda-cookie-class/usage.php
DELETED
@@ -1,46 +0,0 @@
|
|
1 |
-
<?php
|
2 |
-
/**
|
3 |
-
* usage.php
|
4 |
-
*
|
5 |
-
* @author iubenda s.r.l
|
6 |
-
* @copyright 2018-2020, iubenda s.r.l
|
7 |
-
* @license GNU/GPL
|
8 |
-
*
|
9 |
-
* This program is free software: you can redistribute it and/or modify
|
10 |
-
* it under the terms of the GNU General Public License as published by
|
11 |
-
* the Free Software Foundation, either version 3 of the License, or
|
12 |
-
* (at your option) any later version.
|
13 |
-
*
|
14 |
-
* This program is distributed in the hope that it will be useful,
|
15 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
16 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
17 |
-
* GNU General Public License for more details.
|
18 |
-
*
|
19 |
-
* You should have received a copy of the GNU General Public License
|
20 |
-
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
21 |
-
*/
|
22 |
-
|
23 |
-
// the "$html" parameter must contain the content of the web page with the iubenda JavaScript banner/policy included
|
24 |
-
|
25 |
-
function iubenda_system( $html, $type = 'page' ) {
|
26 |
-
if ( empty( $html ) )
|
27 |
-
return;
|
28 |
-
|
29 |
-
require_once( 'iubenda.class.php' );
|
30 |
-
|
31 |
-
// separator
|
32 |
-
if ( ! iubendaParser::consent_given() && ! iubendaParser::bot_detected() ) {
|
33 |
-
$iubenda = new iubendaParser( $html, array( 'type' => in_array( $type, array( 'page', 'faster' ), true ) ? $type : 'page' ) );
|
34 |
-
$html = $iubenda->parse();
|
35 |
-
}
|
36 |
-
|
37 |
-
// finished
|
38 |
-
return $html;
|
39 |
-
}
|
40 |
-
|
41 |
-
/**
|
42 |
-
* Example:
|
43 |
-
*
|
44 |
-
* echo iubenda_system( "<html> ...content... </html>", 'faster' );
|
45 |
-
*
|
46 |
-
*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
iubenda_cookie_solution.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
Plugin Name: Cookie and Consent Solution for the GDPR & ePrivacy
|
4 |
Plugin URI: https://www.iubenda.com
|
5 |
Description: An All-in-One approach developed by iubenda, which includes functionalities of two powerful solutions that help to make your website GDPR and ePrivacy compliant.
|
6 |
-
Version: 3.0.
|
7 |
Author: iubenda
|
8 |
Author URI: https://www.iubenda.com
|
9 |
License: MIT License
|
@@ -34,7 +34,7 @@ define( 'IUB_DEBUG', false );
|
|
34 |
* @property-read iubenda_Settings $settings
|
35 |
*
|
36 |
* @class iubenda
|
37 |
-
* @version 3.0.
|
38 |
*/
|
39 |
class iubenda {
|
40 |
|
@@ -92,7 +92,7 @@ class iubenda {
|
|
92 |
)
|
93 |
);
|
94 |
public $base_url;
|
95 |
-
public $version = '3.0.
|
96 |
public $activation = array(
|
97 |
'update_version' => 0,
|
98 |
'update_notice' => true,
|
3 |
Plugin Name: Cookie and Consent Solution for the GDPR & ePrivacy
|
4 |
Plugin URI: https://www.iubenda.com
|
5 |
Description: An All-in-One approach developed by iubenda, which includes functionalities of two powerful solutions that help to make your website GDPR and ePrivacy compliant.
|
6 |
+
Version: 3.0.8
|
7 |
Author: iubenda
|
8 |
Author URI: https://www.iubenda.com
|
9 |
License: MIT License
|
34 |
* @property-read iubenda_Settings $settings
|
35 |
*
|
36 |
* @class iubenda
|
37 |
+
* @version 3.0.8
|
38 |
*/
|
39 |
class iubenda {
|
40 |
|
92 |
)
|
93 |
);
|
94 |
public $base_url;
|
95 |
+
public $version = '3.0.8';
|
96 |
public $activation = array(
|
97 |
'update_version' => 0,
|
98 |
'update_notice' => true,
|
readme.txt
CHANGED
@@ -5,7 +5,7 @@ Tags: cookie banner, cookie law, eprivacy, gdpr, ukgdpr, ccpa, caloppa, lgpd, ds
|
|
5 |
Requires at least: 5.0
|
6 |
Requires PHP: 7.0.0
|
7 |
Tested up to: 6.0
|
8 |
-
Stable tag: 3.0.
|
9 |
License: MIT License
|
10 |
License URI: http://opensource.org/licenses/MIT
|
11 |
|
@@ -242,6 +242,10 @@ The Brazilian General Data Protection Law, the ***Lei Geral de Proteção de Dad
|
|
242 |
|
243 |
== Changelog ==
|
244 |
|
|
|
|
|
|
|
|
|
245 |
= 3.0.7 =
|
246 |
* Support WP 6.0
|
247 |
* Stop forcing purposes from Quick Generator widget
|
@@ -671,6 +675,6 @@ The Brazilian General Data Protection Law, the ***Lei Geral de Proteção de Dad
|
|
671 |
|
672 |
== Upgrade Notice ==
|
673 |
|
674 |
-
= 3.0.
|
675 |
-
*
|
676 |
-
*
|
5 |
Requires at least: 5.0
|
6 |
Requires PHP: 7.0.0
|
7 |
Tested up to: 6.0
|
8 |
+
Stable tag: 3.0.8
|
9 |
License: MIT License
|
10 |
License URI: http://opensource.org/licenses/MIT
|
11 |
|
242 |
|
243 |
== Changelog ==
|
244 |
|
245 |
+
= 3.0.8 =
|
246 |
+
* Fix SSRF security vulnerability
|
247 |
+
* Remove googletagmanager.com/gtm.js from basic interaction
|
248 |
+
|
249 |
= 3.0.7 =
|
250 |
* Support WP 6.0
|
251 |
* Stop forcing purposes from Quick Generator widget
|
675 |
|
676 |
== Upgrade Notice ==
|
677 |
|
678 |
+
= 3.0.8 =
|
679 |
+
* Fix SSRF security vulnerability
|
680 |
+
* Remove googletagmanager.com/gtm.js from basic interaction
|