GitLab

Security update: correct misuse of `add_query_arg()` as identified by Sucuri: https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html.

Allow default options to be translated. The balance of the plugin is translation-ready, but this was overlooked.

Introduce magic getter and make class properties private. Allows for properties to be protected in the future. Since they've been public up to now, all are available through the getter.

Convert plugin to a singleton pattern, aliasing former global variable `$wpf` in case users are referencing it.

Before making any changes to post content or outputting any information gleaned from the post content, check if a password is required and has been provided if needed.

See https://github.com/ethitter/WP-Print-Friendly/pull/4.

If WordPress determines the request is a 404, such as when a user who can't read a specific privately-published posts attempts to do so, prevent plugin from acting by setting `is_print()` to false.

See https://github.com/ethitter/WP-Print-Friendly/pull/4.

See https://github.com/ethitter/WP-Print-Friendly/pull/4.

Version 0.5.3 - Security Update

Temporary and merged to keep Git in sync with the WordPress.org plugins repository. Proper fixes to these issues are forthcoming.

Security Update
* Correct security vulnerability allowing both private and password protected posts from being accessed through the print page
* Creates is_protected() method to determine if the print page should be visible to the current user
* Remove print_url links from the content when the current user does not have the necessary capabilities to view the print page
ssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss

* Add additional rewrite rules for situations where verbose page rules are required. Fixes #1.
* Disable canonical redirect when print template is requested. Also fixes #1.
* Update is_print() method to use WordPress API.
* Correct translation string implementation.
* Update code to better conform to WordPress Coding Standards.

Commit trunk version from WP.org repository. Contains in-development modifications to address problems with add_rewrite_endpoint() when WP_Rewrite::use_verbose_page_rules is true.