-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathno-unsafe-inline.php
executable file
·153 lines (136 loc) · 4.99 KB
/
no-unsafe-inline.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
<?php
/**
* The plugin bootstrap file
*
* This file is read by WordPress to generate the plugin information in the plugin
* admin area. This file also includes all of the dependencies used by the plugin,
* registers the activation and deactivation functions, and defines a function
* that starts the plugin.
*
* @link https://profiles.wordpress.org/mociofiletto/
* @since 1.0.0
* @package No_unsafe-inline
*
* @wordpress-plugin
* Plugin Name: No unsafe-inline
* Plugin URI: https://github.com/MocioF/No-unsafe-inline
* Description: This plugin helps you to build a CSP to avoid using 'unsafe-inline' in your .htaccess
* Version: 1.2.2
* Author: Giuseppe Foti
* Author URI: https://profiles.wordpress.org/mociofiletto/
* License: GPL-2.0-or-later
* License URI: http://www.gnu.org/licenses/gpl-2.0.txt
* Text Domain: no-unsafe-inline
* Domain Path: /languages
* Requires at least: 5.9
* Requires PHP: 7.4
*/
namespace NUNIL;
// If this file is called directly, abort.
if ( ! defined( 'WPINC' ) ) {
die;
}
/**
* Currently plugin version.
* Start at version 1.0.0 and use SemVer - https://semver.org
* Rename this for your plugin and update it as you release new versions.
*/
define( 'NO_UNSAFE_INLINE_VERSION', '1.2.2' );
define( 'NO_UNSAFE_INLINE_DB_VERSION', '1.0' );
define( 'NO_UNSAFE_INLINE_MINIMUM_WP_VERSION', '5.9' );
define( 'NO_UNSAFE_INLINE_MINIMUM_PHP_VERSION', '7.4' );
define( 'NO_UNSAFE_INLINE_PLUGIN', __FILE__ );
define( 'NO_UNSAFE_INLINE_PLUGIN_BASENAME', plugin_basename( NO_UNSAFE_INLINE_PLUGIN ) );
define( 'NO_UNSAFE_INLINE_PLUGIN_NAME', trim( dirname( NO_UNSAFE_INLINE_PLUGIN_BASENAME ), '/' ) );
define( 'NO_UNSAFE_INLINE_PLUGIN_DIR', untrailingslashit( dirname( NO_UNSAFE_INLINE_PLUGIN ) ) );
/**
* The table prefix for db tables used by the plugin
*/
global $wpdb;
$nunil_table_prefix = $wpdb->prefix . 'nunil_';
define( 'NO_UNSAFE_INLINE_TABLE_PREFIX', $nunil_table_prefix );
/**
* The code that runs during plugin activation.
* This action is documented in includes/class-no-unsafe-inline-activator.php
*
* @since 1.0.0
* @param bool $network_wide True if plugin is network-wide activated.
* @return void
*/
function no_unsafe_inline_activate( $network_wide ) {
require_once plugin_dir_path( __FILE__ ) . 'includes/class-no-unsafe-inline-activator.php';
\NUNIL\includes\No_Unsafe_Inline_Activator::activate( $network_wide );
}
/**
* The code that runs during plugin deactivation.
* This action is documented in includes/class-no-unsafe-inline-deactivator.php
*
* @since 1.0.0
* @param bool $network_wide True if plugin is network-wide activated.
* @return void
*/
function no_unsafe_inline_deactivate( $network_wide ) {
require_once plugin_dir_path( __FILE__ ) . 'includes/class-no-unsafe-inline-deactivator.php';
\NUNIL\includes\No_Unsafe_Inline_Deactivator::deactivate( $network_wide );
}
register_activation_hook( __FILE__, __NAMESPACE__ . '\\no_unsafe_inline_activate' );
register_deactivation_hook( __FILE__, __NAMESPACE__ . '\\no_unsafe_inline_deactivate' );
/**
* The core plugin class that is used to define internationalization,
* admin-specific hooks, and public-facing site hooks.
*/
require plugin_dir_path( __FILE__ ) . 'includes/class-no-unsafe-inline.php';
/**
* Include all dependencies, managed by composer.
*/
require plugin_dir_path( NO_UNSAFE_INLINE_PLUGIN ) . 'vendor/autoload.php';
/**
* Extra settings for visualization in plugin list.
*/
// ~ require_once plugin_dir_path( NO_UNSAFE_INLINE_PLUGIN ) . 'settings.php';
/**
* Begins execution of the plugin.
*
* Since everything within the plugin is registered via hooks,
* then kicking off the plugin from this point in the file does
* not affect the page life cycle.
*
* @since 1.0.0
* @return void
*/
function no_unsafe_inline_run() {
add_action(
'init',
function () {
$plugin = new \NUNIL\includes\No_Unsafe_Inline();
$plugin->run();
// if we have a new blog on a multisite let's set it up.
add_action( 'wp_initialize_site', __NAMESPACE__ . '\\no_unsafe_inline_run_multisite_new_site' );
// if a blog is removed, let's remove the settings.
add_action( 'wp_uninitialize_site', __NAMESPACE__ . '\\no_unsafe_inline_run_multisite_delete' );
}
);
}
no_unsafe_inline_run();
/**
* Trigger plugin activation on a new blog creations
*
* @since 1.0.0
* @param \WP_Site $params New site object.
* @return void
*/
function no_unsafe_inline_run_multisite_new_site( $params ) {
require_once plugin_dir_path( __FILE__ ) . 'includes/class-no-unsafe-inline-activator.php';
\NUNIL\includes\No_Unsafe_Inline_Activator::add_blog( $params );
}
/**
* Trigger table removes on blog deletion
*
* @since 1.0.0
* @param \WP_Site $params Old site object.
* @return void
*/
function no_unsafe_inline_run_multisite_delete( $params ) {
require_once plugin_dir_path( __FILE__ ) . 'includes/class-no-unsafe-inline-deactivator.php';
\NUNIL\includes\No_Unsafe_Inline_Deactivator::remove_blog( $params );
}