LiteSpeed Cache - Version 2.9.6

Version Description

  • Mar 27 2019 =
  • IAPI: Appended XMP to Preserve EXIF data setting. WebP will now honor this setting. (#902219)
  • Object Fixed SASL connection with LSMCD.
  • ESI: Converted ESI URI parameters to JSON; Added ESI validation.
  • Import: Import/Export will now use JSON format. Please re-export any backed up settings. Previous backup format is no longer recognized.
  • Media: WebP replacement will honor Role Excludes setting now. (@mfazio26)
  • Data: Forbid direct visit to const.default.ini.
  • Utility: Can handle WHM passed in LITESPEED_ERR constant now.
  • IAPI: Communicate via JSON encoding.
  • IAPI: IAPI v2.9.6.
Download this release

Release Info

Developer hailite
Plugin Icon 128x128 LiteSpeed Cache
Version 2.9.6
Comparing to
See all releases

Code changes from version 2.9.5 to 2.9.6

admin/tpl/setting/settings_media.php CHANGED
@@ -221,7 +221,7 @@ $last_responsive_placeholder_generated = LiteSpeed_Cache_Media::get_summary() ;
221
</tr>
222
223
<tr>
224
- <th class="litespeed-padding-left"><?php echo __( 'Preserve EXIF data', 'litespeed-cache' ) ; ?></th>
225
<td>
226
<?php $this->build_switch( LiteSpeed_Cache_Config::OPT_MEDIA_OPTM_EXIF ) ; ?>
227
<div class="litespeed-desc">
221
</tr>
222
223
<tr>
224
+ <th class="litespeed-padding-left"><?php echo __( 'Preserve EXIF/XMP data', 'litespeed-cache' ) ; ?></th>
225
<td>
226
<?php $this->build_switch( LiteSpeed_Cache_Config::OPT_MEDIA_OPTM_EXIF ) ; ?>
227
<div class="litespeed-desc">
data/.htaccess ADDED
@@ -0,0 +1,3 @@
1
+ Order Deny,Allow
2
+
3
+ Deny from All
inc/data.class.php CHANGED
@@ -176,7 +176,7 @@ class LiteSpeed_Cache_Data
176
if ( $meta_value_list ) {
177
$max_k = count( $meta_value_list ) - 1 ;
178
foreach ( $meta_value_list as $k => $v ) {
179
- $md52src_list = unserialize( $v->meta_value ) ;
180
foreach ( $md52src_list as $md5 => $v2 ) {
181
$f = array(
182
'post_id' => $v->post_id,
@@ -273,7 +273,7 @@ class LiteSpeed_Cache_Data
273
foreach ( $hashes as $k => $v ) {
274
$f = array(
275
'hash_name' => $k,
276
- 'src' => serialize( $v ),
277
'dateline' => time(),
278
'refer' => '',
279
) ;
@@ -302,7 +302,7 @@ class LiteSpeed_Cache_Data
302
{
303
global $wpdb ;
304
305
- $src = serialize( $src ) ;
306
$f = array(
307
'hash_name' => $filename,
308
'src' => $src,
@@ -335,7 +335,7 @@ class LiteSpeed_Cache_Data
335
336
LiteSpeed_Cache_Log::debug2( '[Data] Loaded hash2src ' . $res ) ;
337
338
- $res = unserialize( $res ) ;
339
340
return $res ;
341
}
176
if ( $meta_value_list ) {
177
$max_k = count( $meta_value_list ) - 1 ;
178
foreach ( $meta_value_list as $k => $v ) {
179
+ $md52src_list = maybe_unserialize( $v->meta_value ) ;
180
foreach ( $md52src_list as $md5 => $v2 ) {
181
$f = array(
182
'post_id' => $v->post_id,
273
foreach ( $hashes as $k => $v ) {
274
$f = array(
275
'hash_name' => $k,
276
+ 'src' => json_encode( $v ),
277
'dateline' => time(),
278
'refer' => '',
279
) ;
302
{
303
global $wpdb ;
304
305
+ $src = json_encode( $src ) ;
306
$f = array(
307
'hash_name' => $filename,
308
'src' => $src,
335
336
LiteSpeed_Cache_Log::debug2( '[Data] Loaded hash2src ' . $res ) ;
337
338
+ $res = json_decode( $res, true ) ;
339
340
return $res ;
341
}
inc/esi.class.php CHANGED
@@ -345,9 +345,12 @@ class LiteSpeed_Cache_ESI
345
$appended_params[ '_control' ] = $control ;
346
}
347
if ( $params ) {
348
- $appended_params[ self::QS_PARAMS ] = base64_encode( serialize( $params ) ) ;
349
}
350
351
/**
352
* Escape potential chars
353
* @since 2.9.4
@@ -388,6 +391,31 @@ class LiteSpeed_Cache_ESI
388
return $output ;
389
}
390
391
/**
392
* Parses the request parameters on an ESI request
393
*
@@ -407,10 +435,7 @@ class LiteSpeed_Cache_ESI
407
408
LiteSpeed_Cache_Log::debug2( '[ESI] parms', $unencrypted ) ;
409
// $unencoded = urldecode($unencrypted) ; no need to do this as $_GET is already parsed
410
- $params = unserialize( $unencrypted ) ;
411
- if ( $params === false ) {
412
- return false ;
413
- }
414
415
return $params ;
416
}
@@ -423,6 +448,15 @@ class LiteSpeed_Cache_ESI
423
*/
424
public function load_esi_block()
425
{
426
$params = $this->_parse_esi_param() ;
427
428
if ( defined( 'LSCWP_LOG' ) ) {
345
$appended_params[ '_control' ] = $control ;
346
}
347
if ( $params ) {
348
+ $appended_params[ self::QS_PARAMS ] = base64_encode( json_encode( $params ) ) ;
349
}
350
351
+ // Append hash
352
+ $appended_params[ '_hash' ] = self::_gen_esi_md5( $appended_params ) ;
353
+
354
/**
355
* Escape potential chars
356
* @since 2.9.4
391
return $output ;
392
}
393
394
+ /**
395
+ * Generate ESI hash md5
396
+ *
397
+ * @since 2.9.6
398
+ * @access private
399
+ */
400
+ private static function _gen_esi_md5( $params )
401
+ {
402
+ $keys = array(
403
+ self::QS_ACTION,
404
+ '_control',
405
+ self::QS_PARAMS,
406
+ ) ;
407
+
408
+ $str = '' ;
409
+ foreach ( $keys as $v ) {
410
+ if ( isset( $params[ $v ] ) && is_string( $params[ $v ] ) ) {
411
+ $str .= $params[ $v ] ;
412
+ }
413
+ }
414
+ LiteSpeed_Cache_Log::debug2( '[ESI] md5_string=' . $str ) ;
415
+
416
+ return md5( LiteSpeed_Cache::config( LiteSpeed_Cache_Config::HASH ) . $str ) ;
417
+ }
418
+
419
/**
420
* Parses the request parameters on an ESI request
421
*
435
436
LiteSpeed_Cache_Log::debug2( '[ESI] parms', $unencrypted ) ;
437
// $unencoded = urldecode($unencrypted) ; no need to do this as $_GET is already parsed
438
+ $params = json_decode( $unencrypted, true ) ;
439
440
return $params ;
441
}
448
*/
449
public function load_esi_block()
450
{
451
+ /**
452
+ * Validate if is a legal ESI req
453
+ * @since 2.9.6
454
+ */
455
+ if ( empty( $_GET[ '_hash' ] ) || self::_gen_esi_md5( $_GET ) != $_GET[ '_hash' ] ) {
456
+ LiteSpeed_Cache_Log::debug( '[ESI] ❌ Failed to validate _hash' ) ;
457
+ return ;
458
+ }
459
+
460
$params = $this->_parse_esi_param() ;
461
462
if ( defined( 'LSCWP_LOG' ) ) {
inc/img_optm.class.php CHANGED
@@ -751,7 +751,7 @@ class LiteSpeed_Cache_Img_Optm
751
) ;
752
// Init optm_info for the first one
753
if ( ! empty( $v->b_meta_id ) ) {
754
- foreach ( unserialize( $v->b_optm_info ) as $k2 => $v2 ) {
755
$postmeta_info[ $v->post_id ][ 'meta_info' ][ $k2 ] += $v2 ;
756
}
757
}
@@ -786,7 +786,7 @@ class LiteSpeed_Cache_Img_Optm
786
787
// Update status and data
788
$q = "UPDATE $this->_table_img_optm SET optm_status = %s, target_saved = %d, webp_saved = %d, server_info = %s WHERE id = %d " ;
789
- $wpdb->query( $wpdb->prepare( $q, array( $status, $target_saved, $webp_saved, serialize( $server_info ), $v->id ) ) ) ;
790
791
// Update child images ( same md5 files )
792
$q = "UPDATE $this->_table_img_optm SET optm_status = %s, target_saved = %d, webp_saved = %d WHERE root_id = %d " ;
@@ -900,7 +900,7 @@ class LiteSpeed_Cache_Img_Optm
900
*/
901
private function _parse_notify_data()
902
{
903
- $notified_data = unserialize( base64_decode( $_POST[ 'data' ] ) ) ;
904
if ( empty( $notified_data ) || ! is_array( $notified_data ) ) {
905
LiteSpeed_Cache_Log::debug( '[Img_Optm] ❌ notify exit: no notified data' ) ;
906
exit( json_encode( 'no notified data' ) ) ;
@@ -1013,20 +1013,13 @@ class LiteSpeed_Cache_Img_Optm
1013
* This is only for v2.4.2- data
1014
* @see https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:cache:lscwp:image-optimization:2-4-2-upgrade
1015
*/
1016
- try{
1017
- if ( ! $row_img->server_info ) {
1018
- throw new Exception( 'No server info in this notification' ) ;
1019
- }
1020
-
1021
- $server_info = unserialize( $row_img->server_info ) ;
1022
- $server = $server_info[ 'server' ] ;
1023
-
1024
- } catch( \Exception $ex ) {
1025
- LiteSpeed_Cache_Log::debug( '[Img_Optm] Failed to unserialize server_info.' ) ;
1026
1027
$msg = sprintf(
1028
__( 'LSCWP %1$s has simplified the image pulling process. Please %2$s, or resend the pull notification this one time only. After that, the process will be automated.', 'litespeed-cache' ),
1029
- 'v2.4.2',
1030
LiteSpeed_Cache_GUI::img_optm_clean_up_unfinished()
1031
) ;
1032
@@ -1036,6 +1029,7 @@ class LiteSpeed_Cache_Img_Optm
1036
1037
return ;
1038
}
1039
1040
$local_file = $this->wp_upload_dir[ 'basedir' ] . '/' . $row_img->src ;
1041
@@ -1269,15 +1263,8 @@ class LiteSpeed_Cache_Img_Optm
1269
return false ;
1270
}
1271
1272
- if ( function_exists( 'is_serialized' ) && ! is_serialized( $v->meta_value ) ) {
1273
- LiteSpeed_Cache_Log::debug( '[Img_Optm] bypassed parsing meta due to wrong meta_value: pid ' . $v->post_id ) ;
1274
- return false ;
1275
- }
1276
-
1277
- try {
1278
- $meta_value = @unserialize( $v->meta_value ) ;
1279
- }
1280
- catch ( \Exception $e ) {
1281
LiteSpeed_Cache_Log::debug( '[Img_Optm] bypassed parsing meta due to meta_value not json: pid ' . $v->post_id ) ;
1282
return false ;
1283
}
@@ -1487,7 +1474,7 @@ class LiteSpeed_Cache_Img_Optm
1487
$this->tmp_path = pathinfo( $meta_value[ 'file' ], PATHINFO_DIRNAME ) . '/' ;
1488
1489
// ls optimized meta
1490
- $optm_meta = $optm_data_list[ $v->post_id ] = unserialize( $v->cmeta_value ) ;
1491
$optm_list = array() ;
1492
foreach ( $optm_meta as $md5 => $optm_row ) {
1493
$optm_list[] = $optm_row[ 0 ] ;
751
) ;
752
// Init optm_info for the first one
753
if ( ! empty( $v->b_meta_id ) ) {
754
+ foreach ( maybe_unserialize( $v->b_optm_info ) as $k2 => $v2 ) {
755
$postmeta_info[ $v->post_id ][ 'meta_info' ][ $k2 ] += $v2 ;
756
}
757
}
786
787
// Update status and data
788
$q = "UPDATE $this->_table_img_optm SET optm_status = %s, target_saved = %d, webp_saved = %d, server_info = %s WHERE id = %d " ;
789
+ $wpdb->query( $wpdb->prepare( $q, array( $status, $target_saved, $webp_saved, json_encode( $server_info ), $v->id ) ) ) ;
790
791
// Update child images ( same md5 files )
792
$q = "UPDATE $this->_table_img_optm SET optm_status = %s, target_saved = %d, webp_saved = %d WHERE root_id = %d " ;
900
*/
901
private function _parse_notify_data()
902
{
903
+ $notified_data = json_decode( base64_decode( $_POST[ 'data' ] ), true ) ;
904
if ( empty( $notified_data ) || ! is_array( $notified_data ) ) {
905
LiteSpeed_Cache_Log::debug( '[Img_Optm] ❌ notify exit: no notified data' ) ;
906
exit( json_encode( 'no notified data' ) ) ;
1013
* This is only for v2.4.2- data
1014
* @see https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:cache:lscwp:image-optimization:2-4-2-upgrade
1015
*/
1016
+ $server_info = json_decode( $row_img->server_info, true ) ;
1017
+ if ( empty( $server_info[ 'server' ] ) ) {
1018
+ LiteSpeed_Cache_Log::debug( '[Img_Optm] Failed to decode server_info.' ) ;
1019
1020
$msg = sprintf(
1021
__( 'LSCWP %1$s has simplified the image pulling process. Please %2$s, or resend the pull notification this one time only. After that, the process will be automated.', 'litespeed-cache' ),
1022
+ 'v2.9.6',
1023
LiteSpeed_Cache_GUI::img_optm_clean_up_unfinished()
1024
) ;
1025
1029
1030
return ;
1031
}
1032
+ $server = $server_info[ 'server' ] ;
1033
1034
$local_file = $this->wp_upload_dir[ 'basedir' ] . '/' . $row_img->src ;
1035
1263
return false ;
1264
}
1265
1266
+ $meta_value = @maybe_unserialize( $v->meta_value ) ;
1267
+ if ( ! is_array( $meta_value ) ) {
1268
LiteSpeed_Cache_Log::debug( '[Img_Optm] bypassed parsing meta due to meta_value not json: pid ' . $v->post_id ) ;
1269
return false ;
1270
}
1474
$this->tmp_path = pathinfo( $meta_value[ 'file' ], PATHINFO_DIRNAME ) . '/' ;
1475
1476
// ls optimized meta
1477
+ $optm_meta = $optm_data_list[ $v->post_id ] = maybe_unserialize( $v->cmeta_value ) ;
1478
$optm_list = array() ;
1479
foreach ( $optm_meta as $md5 => $optm_row ) {
1480
$optm_list[] = $optm_row[ 0 ] ;
inc/import.class.php CHANGED
@@ -97,7 +97,7 @@ class LiteSpeed_Cache_Import
97
$data[ $v ] = get_option( $v ) ;// Here doesn't need the default_item value so no need to call `LiteSpeed_Cache_Config::get_instance()->get_item()`
98
}
99
100
- $data = base64_encode( serialize( $data ) ) ;
101
102
if ( $only_data_return ) {
103
return $data ;
@@ -168,8 +168,8 @@ class LiteSpeed_Cache_Import
168
}
169
170
try {
171
- $data = unserialize( base64_decode( $data ) ) ;
172
- } catch ( Exception $ex ) {
173
LiteSpeed_Cache_Log::debug( 'Import: Failed to parse serialized data' ) ;
174
return false ;
175
}
97
$data[ $v ] = get_option( $v ) ;// Here doesn't need the default_item value so no need to call `LiteSpeed_Cache_Config::get_instance()->get_item()`
98
}
99
100
+ $data = base64_encode( json_encode( $data ) ) ;
101
102
if ( $only_data_return ) {
103
return $data ;
168
}
169
170
try {
171
+ $data = json_decode( base64_decode( $data ), true ) ;
172
+ } catch ( \Exception $ex ) {
173
LiteSpeed_Cache_Log::debug( 'Import: Failed to parse serialized data' ) ;
174
return false ;
175
}
inc/litespeed-cache.class.php CHANGED
@@ -26,7 +26,7 @@ class LiteSpeed_Cache
26
const NAME = 'LiteSpeed Cache' ;
27
const PLUGIN_NAME = 'litespeed-cache' ;
28
const PLUGIN_FILE = 'litespeed-cache/litespeed-cache.php' ;
29
- const PLUGIN_VERSION = '2.9.5' ;
30
31
const PAGE_EDIT_HTACCESS = 'lscache-edit-htaccess' ;
32
26
const NAME = 'LiteSpeed Cache' ;
27
const PLUGIN_NAME = 'litespeed-cache' ;
28
const PLUGIN_FILE = 'litespeed-cache/litespeed-cache.php' ;
29
+ const PLUGIN_VERSION = '2.9.6' ;
30
31
const PAGE_EDIT_HTACCESS = 'lscache-edit-htaccess' ;
32
inc/media.class.php CHANGED
@@ -93,6 +93,11 @@ class LiteSpeed_Cache_Media
93
return false ;
94
}
95
96
return true ;
97
}
98
93
return false ;
94
}
95
96
+ if ( $result = LiteSpeed_Cache_Config::get_instance()->in_exclude_optimization_roles() ) {
97
+ LiteSpeed_Cache_Log::debug( '[Media] ⛑️ bypass: hit Role Excludes setting: ' . $result ) ;
98
+ return false ;
99
+ }
100
+
101
return true ;
102
}
103
inc/object.class.php CHANGED
@@ -342,9 +342,12 @@ class LiteSpeed_Cache_Object
342
/**
343
* Add SASL auth
344
* @since 1.8.1
345
*/
346
if ( $this->_cfg_user && $this->_cfg_pswd && method_exists( $this->_conn, 'setSaslAuthData' ) && ini_get( 'memcached.use_sasl' ) ) {
347
$this->_conn->setSaslAuthData( $this->_cfg_user, $this->_cfg_pswd ) ;
348
}
349
350
// Check connection
342
/**
343
* Add SASL auth
344
* @since 1.8.1
345
+ * @since 2.9.6 Fixed SASL connection @see https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:lsmcd:new_sasl
346
*/
347
if ( $this->_cfg_user && $this->_cfg_pswd && method_exists( $this->_conn, 'setSaslAuthData' ) && ini_get( 'memcached.use_sasl' ) ) {
348
$this->_conn->setSaslAuthData( $this->_cfg_user, $this->_cfg_pswd ) ;
349
+ $this->_conn->setOption( Memcached::OPT_BINARY_PROTOCOL, true ) ;
350
+ $this->_conn->setOption( Memcached::OPT_COMPRESSION, false ) ;
351
}
352
353
// Check connection
inc/object.lib.php CHANGED
@@ -250,7 +250,7 @@ class WP_Object_Cache
250
$v = $this->_object_cache->get( $final_key ) ;
251
252
if ( $v !== null ) {
253
- $v = @unserialize( $v ) ;
254
}
255
256
// To be compatible with false val
250
$v = $this->_object_cache->get( $final_key ) ;
251
252
if ( $v !== null ) {
253
+ $v = @maybe_unserialize( $v ) ;
254
}
255
256
// To be compatible with false val
inc/optimize.class.php CHANGED
@@ -889,7 +889,7 @@ class LiteSpeed_Cache_Optimize
889
890
$purge_timestamp = get_option( LiteSpeed_Cache_Config::ITEM_TIMESTAMP_PURGE_CSS ) ?: '' ;
891
892
- $hash = md5( serialize( $src ) . $purge_timestamp ) ;
893
894
$short = substr( $hash, -5 ) ;
895
889
890
$purge_timestamp = get_option( LiteSpeed_Cache_Config::ITEM_TIMESTAMP_PURGE_CSS ) ?: '' ;
891
892
+ $hash = md5( json_encode( $src ) . $purge_timestamp ) ;
893
894
$short = substr( $hash, -5 ) ;
895
inc/utility.class.php CHANGED
@@ -64,6 +64,10 @@ class LiteSpeed_Cache_Utility
64
// Check latest stable version allowed to upgrade
65
$url = 'https://wp.api.litespeedtech.com/auto_upgrade_v?v=' . LiteSpeed_Cache::PLUGIN_VERSION . '&src=' . $src ;
66
67
$response = wp_remote_get( $url, array( 'timeout' => 15 ) ) ;
68
if ( ! is_array( $response ) || empty( $response[ 'body' ] ) ) {
69
return false ;
@@ -254,7 +258,7 @@ class LiteSpeed_Cache_Utility
254
return $arr ;
255
}
256
257
- return base64_encode( serialize( $arr ) ) ;
258
}
259
260
/**
64
// Check latest stable version allowed to upgrade
65
$url = 'https://wp.api.litespeedtech.com/auto_upgrade_v?v=' . LiteSpeed_Cache::PLUGIN_VERSION . '&src=' . $src ;
66
67
+ if ( defined( 'LITESPEED_ERR' ) ) {
68
+ $url .= '&err=' . base64_encode( ! is_string( LITESPEED_ERR ) ? json_encode( LITESPEED_ERR ) : LITESPEED_ERR ) ;
69
+ }
70
+
71
$response = wp_remote_get( $url, array( 'timeout' => 15 ) ) ;
72
if ( ! is_array( $response ) || empty( $response[ 'body' ] ) ) {
73
return false ;
258
return $arr ;
259
}
260
261
+ return base64_encode( json_encode( $arr ) ) ;
262
}
263
264
/**
includes/litespeed-cache-esi.class.php CHANGED
@@ -345,9 +345,12 @@ class LiteSpeed_Cache_ESI
345
$appended_params[ '_control' ] = $control ;
346
}
347
if ( $params ) {
348
- $appended_params[ self::QS_PARAMS ] = base64_encode( serialize( $params ) ) ;
349
}
350
351
/**
352
* Escape potential chars
353
* @since 2.9.4
@@ -388,6 +391,31 @@ class LiteSpeed_Cache_ESI
388
return $output ;
389
}
390
391
/**
392
* Parses the request parameters on an ESI request
393
*
@@ -407,10 +435,7 @@ class LiteSpeed_Cache_ESI
407
408
LiteSpeed_Cache_Log::debug2( '[ESI] parms', $unencrypted ) ;
409
// $unencoded = urldecode($unencrypted) ; no need to do this as $_GET is already parsed
410
- $params = unserialize( $unencrypted ) ;
411
- if ( $params === false ) {
412
- return false ;
413
- }
414
415
return $params ;
416
}
@@ -423,6 +448,15 @@ class LiteSpeed_Cache_ESI
423
*/
424
public function load_esi_block()
425
{
426
$params = $this->_parse_esi_param() ;
427
428
if ( defined( 'LSCWP_LOG' ) ) {
345
$appended_params[ '_control' ] = $control ;
346
}
347
if ( $params ) {
348
+ $appended_params[ self::QS_PARAMS ] = base64_encode( json_encode( $params ) ) ;
349
}
350
351
+ // Append hash
352
+ $appended_params[ '_hash' ] = self::_gen_esi_md5( $appended_params ) ;
353
+
354
/**
355
* Escape potential chars
356
* @since 2.9.4
391
return $output ;
392
}
393
394
+ /**
395
+ * Generate ESI hash md5
396
+ *
397
+ * @since 2.9.6
398
+ * @access private
399
+ */
400
+ private static function _gen_esi_md5( $params )
401
+ {
402
+ $keys = array(
403
+ self::QS_ACTION,
404
+ '_control',
405
+ self::QS_PARAMS,
406
+ ) ;
407
+
408
+ $str = '' ;
409
+ foreach ( $keys as $v ) {
410
+ if ( isset( $params[ $v ] ) && is_string( $params[ $v ] ) ) {
411
+ $str .= $params[ $v ] ;
412
+ }
413
+ }
414
+ LiteSpeed_Cache_Log::debug2( '[ESI] md5_string=' . $str ) ;
415
+
416
+ return md5( LiteSpeed_Cache::config( LiteSpeed_Cache_Config::HASH ) . $str ) ;
417
+ }
418
+
419
/**
420
* Parses the request parameters on an ESI request
421
*
435
436
LiteSpeed_Cache_Log::debug2( '[ESI] parms', $unencrypted ) ;
437
// $unencoded = urldecode($unencrypted) ; no need to do this as $_GET is already parsed
438
+ $params = json_decode( $unencrypted, true ) ;
439
440
return $params ;
441
}
448
*/
449
public function load_esi_block()
450
{
451
+ /**
452
+ * Validate if is a legal ESI req
453
+ * @since 2.9.6
454
+ */
455
+ if ( empty( $_GET[ '_hash' ] ) || self::_gen_esi_md5( $_GET ) != $_GET[ '_hash' ] ) {
456
+ LiteSpeed_Cache_Log::debug( '[ESI] ❌ Failed to validate _hash' ) ;
457
+ return ;
458
+ }
459
+
460
$params = $this->_parse_esi_param() ;
461
462
if ( defined( 'LSCWP_LOG' ) ) {
includes/litespeed-cache-optimize.class.php CHANGED
@@ -889,7 +889,7 @@ class LiteSpeed_Cache_Optimize
889
890
$purge_timestamp = get_option( LiteSpeed_Cache_Config::ITEM_TIMESTAMP_PURGE_CSS ) ?: '' ;
891
892
- $hash = md5( serialize( $src ) . $purge_timestamp ) ;
893
894
$short = substr( $hash, -5 ) ;
895
889
890
$purge_timestamp = get_option( LiteSpeed_Cache_Config::ITEM_TIMESTAMP_PURGE_CSS ) ?: '' ;
891
892
+ $hash = md5( json_encode( $src ) . $purge_timestamp ) ;
893
894
$short = substr( $hash, -5 ) ;
895
includes/litespeed-cache-utility.class.php CHANGED
@@ -64,6 +64,10 @@ class LiteSpeed_Cache_Utility
64
// Check latest stable version allowed to upgrade
65
$url = 'https://wp.api.litespeedtech.com/auto_upgrade_v?v=' . LiteSpeed_Cache::PLUGIN_VERSION . '&src=' . $src ;
66
67
$response = wp_remote_get( $url, array( 'timeout' => 15 ) ) ;
68
if ( ! is_array( $response ) || empty( $response[ 'body' ] ) ) {
69
return false ;
@@ -254,7 +258,7 @@ class LiteSpeed_Cache_Utility
254
return $arr ;
255
}
256
257
- return base64_encode( serialize( $arr ) ) ;
258
}
259
260
/**
64
// Check latest stable version allowed to upgrade
65
$url = 'https://wp.api.litespeedtech.com/auto_upgrade_v?v=' . LiteSpeed_Cache::PLUGIN_VERSION . '&src=' . $src ;
66
67
+ if ( defined( 'LITESPEED_ERR' ) ) {
68
+ $url .= '&err=' . base64_encode( ! is_string( LITESPEED_ERR ) ? json_encode( LITESPEED_ERR ) : LITESPEED_ERR ) ;
69
+ }
70
+
71
$response = wp_remote_get( $url, array( 'timeout' => 15 ) ) ;
72
if ( ! is_array( $response ) || empty( $response[ 'body' ] ) ) {
73
return false ;
258
return $arr ;
259
}
260
261
+ return base64_encode( json_encode( $arr ) ) ;
262
}
263
264
/**
includes/litespeed-cache.class.php CHANGED
@@ -26,7 +26,7 @@ class LiteSpeed_Cache
26
const NAME = 'LiteSpeed Cache' ;
27
const PLUGIN_NAME = 'litespeed-cache' ;
28
const PLUGIN_FILE = 'litespeed-cache/litespeed-cache.php' ;
29
- const PLUGIN_VERSION = '2.9.5' ;
30
31
const PAGE_EDIT_HTACCESS = 'lscache-edit-htaccess' ;
32
26
const NAME = 'LiteSpeed Cache' ;
27
const PLUGIN_NAME = 'litespeed-cache' ;
28
const PLUGIN_FILE = 'litespeed-cache/litespeed-cache.php' ;
29
+ const PLUGIN_VERSION = '2.9.6' ;
30
31
const PAGE_EDIT_HTACCESS = 'lscache-edit-htaccess' ;
32
languages/litespeed-cache.pot CHANGED
@@ -2,9 +2,9 @@
2
# This file is distributed under the same license as the LiteSpeed Cache package.
3
msgid ""
4
msgstr ""
5
- "Project-Id-Version: LiteSpeed Cache 2.9.5\n"
6
"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/litespeed-cache\n"
7
- "POT-Creation-Date: 2019-03-14 17:35:45+00:00\n"
8
"MIME-Version: 1.0\n"
9
"Content-Type: text/plain; charset=UTF-8\n"
10
"Content-Transfer-Encoding: 8bit\n"
@@ -848,7 +848,7 @@ msgstr ""
848
msgid "Are you sure to reset all settings to default settings?"
849
msgstr ""
850
851
- #: admin/tpl/import_export.php:61 inc/media.class.php:241
852
msgid "Reset"
853
msgstr ""
854
@@ -860,7 +860,7 @@ msgstr ""
860
msgid "Rate %s on %s"
861
msgstr ""
862
863
- #. #-#-#-#-# litespeed-cache.pot (LiteSpeed Cache 2.9.5) #-#-#-#-#
864
#. Plugin Name of the plugin/theme
865
#: admin/tpl/inc/admin_footer.php:6
866
#: admin/tpl/inc/banner_promo.new_version.php:56 inc/gui.class.php:477
@@ -3402,7 +3402,7 @@ msgid ""
3402
msgstr ""
3403
3404
#: admin/tpl/setting/settings_media.php:224
3405
- msgid "Preserve EXIF data"
3406
msgstr ""
3407
3408
#: admin/tpl/setting/settings_media.php:228
@@ -4153,8 +4153,8 @@ msgstr ""
4153
msgid "Communicated with LiteSpeed Image Optimization Server successfully."
4154
msgstr ""
4155
4156
- #: inc/img_optm.class.php:167 inc/img_optm.class.php:1464
4157
- #: inc/img_optm.class.php:1529
4158
msgid "No image found."
4159
msgstr ""
4160
@@ -4178,48 +4178,48 @@ msgstr ""
4178
msgid "Failed to parse data from LiteSpeed IAPI server: %s"
4179
msgstr ""
4180
4181
- #: inc/img_optm.class.php:1028
4182
msgid ""
4183
"LSCWP %1$s has simplified the image pulling process. Please %2$s, or resend "
4184
"the pull notification this one time only. After that, the process will be "
4185
"automated."
4186
msgstr ""
4187
4188
- #: inc/img_optm.class.php:1353
4189
msgid "Destroy unfinished data successfully."
4190
msgstr ""
4191
4192
- #: inc/img_optm.class.php:1567
4193
msgid ""
4194
"Pushed %1$s groups with %2$s images to LiteSpeed optimization server, "
4195
"accepted %3$s groups with %4$s images."
4196
msgstr ""
4197
4198
- #: inc/img_optm.class.php:1743
4199
msgid "Removed %1$s images and saved %2$s successfully."
4200
msgstr ""
4201
4202
- #: inc/img_optm.class.php:1938
4203
msgid "Switched images successfully."
4204
msgstr ""
4205
4206
- #: inc/img_optm.class.php:1969
4207
msgid "Disabled WebP file successfully."
4208
msgstr ""
4209
4210
- #: inc/img_optm.class.php:1975
4211
msgid "Enabled WebP file successfully."
4212
msgstr ""
4213
4214
- #: inc/img_optm.class.php:1991
4215
msgid "Restored original file successfully."
4216
msgstr ""
4217
4218
- #: inc/img_optm.class.php:1998
4219
msgid "Switched to optimized file successfully."
4220
msgstr ""
4221
4222
- #: inc/img_optm.class.php:2058
4223
msgid "Reset the optimized data successfully."
4224
msgstr ""
4225
@@ -4247,31 +4247,31 @@ msgstr ""
4247
msgid "Notified LiteSpeed Web Server to purge the list."
4248
msgstr ""
4249
4250
- #: inc/media.class.php:147
4251
msgid "LiteSpeed Optimization"
4252
msgstr ""
4253
4254
- #: inc/media.class.php:173
4255
msgid "WebP saved %s"
4256
msgstr ""
4257
4258
- #: inc/media.class.php:180
4259
msgid "Click to Disable WebP"
4260
msgstr ""
4261
4262
- #: inc/media.class.php:185
4263
msgid "Click to Enable WebP"
4264
msgstr ""
4265
4266
- #: inc/media.class.php:206
4267
msgid "Original saved %s"
4268
msgstr ""
4269
4270
- #: inc/media.class.php:217
4271
msgid "Click to Restore Original File"
4272
msgstr ""
4273
4274
- #: inc/media.class.php:222
4275
msgid "Click to Switch To Optimized File"
4276
msgstr ""
4277
@@ -4347,15 +4347,15 @@ msgstr ""
4347
msgid "LiteSpeed Cache Custom Cron Crawler"
4348
msgstr ""
4349
4350
- #: inc/utility.class.php:235 includes/litespeed-cache-utility.class.php:235
4351
msgid "just now"
4352
msgstr ""
4353
4354
- #: inc/utility.class.php:235 includes/litespeed-cache-utility.class.php:235
4355
msgid "right now"
4356
msgstr ""
4357
4358
- #: inc/utility.class.php:238 includes/litespeed-cache-utility.class.php:238
4359
msgid " %s ago"
4360
msgstr ""
4361
2
# This file is distributed under the same license as the LiteSpeed Cache package.
3
msgid ""
4
msgstr ""
5
+ "Project-Id-Version: LiteSpeed Cache 2.9.6\n"
6
"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/litespeed-cache\n"
7
+ "POT-Creation-Date: 2019-03-27 17:42:04+00:00\n"
8
"MIME-Version: 1.0\n"
9
"Content-Type: text/plain; charset=UTF-8\n"
10
"Content-Transfer-Encoding: 8bit\n"
848
msgid "Are you sure to reset all settings to default settings?"
849
msgstr ""
850
851
+ #: admin/tpl/import_export.php:61 inc/media.class.php:246
852
msgid "Reset"
853
msgstr ""
854
860
msgid "Rate %s on %s"
861
msgstr ""
862
863
+ #. #-#-#-#-# litespeed-cache.pot (LiteSpeed Cache 2.9.6) #-#-#-#-#
864
#. Plugin Name of the plugin/theme
865
#: admin/tpl/inc/admin_footer.php:6
866
#: admin/tpl/inc/banner_promo.new_version.php:56 inc/gui.class.php:477
3402
msgstr ""
3403
3404
#: admin/tpl/setting/settings_media.php:224
3405
+ msgid "Preserve EXIF/XMP data"
3406
msgstr ""
3407
3408
#: admin/tpl/setting/settings_media.php:228
4153
msgid "Communicated with LiteSpeed Image Optimization Server successfully."
4154
msgstr ""
4155
4156
+ #: inc/img_optm.class.php:167 inc/img_optm.class.php:1451
4157
+ #: inc/img_optm.class.php:1516
4158
msgid "No image found."
4159
msgstr ""
4160
4178
msgid "Failed to parse data from LiteSpeed IAPI server: %s"
4179
msgstr ""
4180
4181
+ #: inc/img_optm.class.php:1021
4182
msgid ""
4183
"LSCWP %1$s has simplified the image pulling process. Please %2$s, or resend "
4184
"the pull notification this one time only. After that, the process will be "
4185
"automated."
4186
msgstr ""
4187
4188
+ #: inc/img_optm.class.php:1340
4189
msgid "Destroy unfinished data successfully."
4190
msgstr ""
4191
4192
+ #: inc/img_optm.class.php:1554
4193
msgid ""
4194
"Pushed %1$s groups with %2$s images to LiteSpeed optimization server, "
4195
"accepted %3$s groups with %4$s images."
4196
msgstr ""
4197
4198
+ #: inc/img_optm.class.php:1730
4199
msgid "Removed %1$s images and saved %2$s successfully."
4200
msgstr ""
4201
4202
+ #: inc/img_optm.class.php:1925
4203
msgid "Switched images successfully."
4204
msgstr ""
4205
4206
+ #: inc/img_optm.class.php:1956
4207
msgid "Disabled WebP file successfully."
4208
msgstr ""
4209
4210
+ #: inc/img_optm.class.php:1962
4211
msgid "Enabled WebP file successfully."
4212
msgstr ""
4213
4214
+ #: inc/img_optm.class.php:1978
4215
msgid "Restored original file successfully."
4216
msgstr ""
4217
4218
+ #: inc/img_optm.class.php:1985
4219
msgid "Switched to optimized file successfully."
4220
msgstr ""
4221
4222
+ #: inc/img_optm.class.php:2045
4223
msgid "Reset the optimized data successfully."
4224
msgstr ""
4225
4247
msgid "Notified LiteSpeed Web Server to purge the list."
4248
msgstr ""
4249
4250
+ #: inc/media.class.php:152
4251
msgid "LiteSpeed Optimization"
4252
msgstr ""
4253
4254
+ #: inc/media.class.php:178
4255
msgid "WebP saved %s"
4256
msgstr ""
4257
4258
+ #: inc/media.class.php:185
4259
msgid "Click to Disable WebP"
4260
msgstr ""
4261
4262
+ #: inc/media.class.php:190
4263
msgid "Click to Enable WebP"
4264
msgstr ""
4265
4266
+ #: inc/media.class.php:211
4267
msgid "Original saved %s"
4268
msgstr ""
4269
4270
+ #: inc/media.class.php:222
4271
msgid "Click to Restore Original File"
4272
msgstr ""
4273
4274
+ #: inc/media.class.php:227
4275
msgid "Click to Switch To Optimized File"
4276
msgstr ""
4277
4347
msgid "LiteSpeed Cache Custom Cron Crawler"
4348
msgstr ""
4349
4350
+ #: inc/utility.class.php:239 includes/litespeed-cache-utility.class.php:239
4351
msgid "just now"
4352
msgstr ""
4353
4354
+ #: inc/utility.class.php:239 includes/litespeed-cache-utility.class.php:239
4355
msgid "right now"
4356
msgstr ""
4357
4358
+ #: inc/utility.class.php:242 includes/litespeed-cache-utility.class.php:242
4359
msgid " %s ago"
4360
msgstr ""
4361
litespeed-cache.php CHANGED
@@ -15,7 +15,7 @@
15
* Plugin Name: LiteSpeed Cache
16
* Plugin URI: https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration
17
* Description: High-performance page caching and site optimization from LiteSpeed
18
- * Version: 2.9.5
19
* Author: LiteSpeed Technologies
20
* Author URI: https://www.litespeedtech.com
21
* License: GPLv3
15
* Plugin Name: LiteSpeed Cache
16
* Plugin URI: https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration
17
* Description: High-performance page caching and site optimization from LiteSpeed
18
+ * Version: 2.9.6
19
* Author: LiteSpeed Technologies
20
* Author URI: https://www.litespeedtech.com
21
* License: GPLv3
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: LiteSpeedTech
3
Tags: caching, optimize, performance, pagespeed, seo, speed, image optimize, compress, object cache, redis, memcached, database cleaner
4
Requires at least: 4.0
5
Tested up to: 5.1.1
6
- Stable tag: 2.9.5
7
License: GPLv3
8
License URI: http://www.gnu.org/licenses/gpl.html
9
@@ -284,6 +284,17 @@ Click on the `Advanced View` link at the top of the page, and several more tabs
284
285
== Changelog ==
286
287
= 2.9.5 - Mar 14 2019 =
288
* 🌱 Auto convert default WordPress nonce to ESI to avoid expiration.
289
* 🌱 <strong>API</strong>: Ability to easily convert custom nonce to ESI by registering `LiteSpeed_Cache_API::nonce_action`.
3
Tags: caching, optimize, performance, pagespeed, seo, speed, image optimize, compress, object cache, redis, memcached, database cleaner
4
Requires at least: 4.0
5
Tested up to: 5.1.1
6
+ Stable tag: 2.9.6
7
License: GPLv3
8
License URI: http://www.gnu.org/licenses/gpl.html
9
284
285
== Changelog ==
286
287
+ = 2.9.6 - Mar 27 2019 =
288
+ * 🌱<strong>IAPI</strong>: Appended XMP to `Preserve EXIF data` setting. WebP will now honor this setting. (#902219)
289
+ * <strong>Object</script> Fixed SASL connection with LSMCD.
290
+ * <strong>ESI</strong>: Converted ESI URI parameters to JSON; Added ESI validation.
291
+ * <strong>Import</strong>: Import/Export will now use JSON format. <strong>Please re-export any backed up settings. Previous backup format is no longer recognized.</strong>
292
+ * <strong>Media</strong>: WebP replacement will honor `Role Excludes` setting now. (@mfazio26)
293
+ * <strong>Data</strong>: Forbid direct visit to const.default.ini.
294
+ * <strong>Utility</strong>: Can handle WHM passed in `LITESPEED_ERR` constant now.
295
+ * <strong>IAPI</strong>: Communicate via JSON encoding.
296
+ * <strong>IAPI</strong>: IAPI v2.9.6.
297
+
298
= 2.9.5 - Mar 14 2019 =
299
* 🌱 Auto convert default WordPress nonce to ESI to avoid expiration.
300
* 🌱 <strong>API</strong>: Ability to easily convert custom nonce to ESI by registering `LiteSpeed_Cache_API::nonce_action`.