v7.0-a9: news/cdn status API

litespeed-cache.php

@@ -4,7 +4,7 @@
  * Plugin Name:       LiteSpeed Cache
  * Plugin URI:        https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration
  * Description:       High-performance page caching and site optimization from LiteSpeed
- * Version:           7.0-a1
+ * Version:           7.0-a9
  * Author:            LiteSpeed Technologies
  * Author URI:        https://www.litespeedtech.com
  * License:           GPLv3
@@ -34,7 +34,7 @@
 	return;
 }
 
-!defined('LSCWP_V') && define('LSCWP_V', '7.0-a1');
+!defined('LSCWP_V') && define('LSCWP_V', '7.0-a9');
 
 !defined('LSCWP_CONTENT_DIR') && define('LSCWP_CONTENT_DIR', WP_CONTENT_DIR);
 !defined('LSCWP_DIR') && define('LSCWP_DIR', __DIR__ . '/'); // Full absolute path '/var/www/html/***/wp-content/plugins/litespeed-cache/' or MU

readme.txt

@@ -293,23 +293,6 @@ You can report security bugs through the Patchstack Vulnerability Disclosure Pro
 * **3rd** Correct the integration with User Switching. (John Blackbourn #725)
 * **3rd** Fixed Admin Bar Missing issue on DIVI + Elementor frontend. (thyran/robertstaddon PR#727)
 
-= 6.4.2 - Sep 3 2024 =
-* **Debug** Moved debug log to litespeed individual folder `/wp-content/litespeed/debug/`.
-* **Debug** Disallowed visits to `/litespeed/debug/` folder log files in .htaccess.
-* **Debug** Dropped const `LSCWP_DEBUG_PATH` support.
-* **Debug** Renamed `debug.purge.log` to `purge.log`.
-* **Debug** Added dummy `index.php` for debug folder.
-* **Debug** Used random string for log filenames.
-* **Debug** Removed cookies-related info. (Thanks to Rafie)
-* **Debug** Dropped `Log Cookies` option.
-* **Report** Escaped report content to protect it from potential XSS attack. (Islam R alsaid #505746)
-* **ESI** Added nonce for Advanced Custom Fields + Advanced Forms. (David Lapointe Gilbert #439)
-* **Purge** Run ACTION_PURGE_EMPTYCACHE even if cache is disabled in network admin. (Philip #453)
-* **Page Optimize** Disable UCSS exclusion when UCSS is inactived. (#640)
-* **3rd** Fixed undefined warning in WooCommerce Widgets. (Lolosan #719)
-* **3rd** Correct the integration with User Switching. (John Blackbourn #725)
-* **3rd** Fixed Admin Bar Missing issue on DIVI + Elementor frontend. (thyran/robertstaddon PR#727)
-
 = 6.4.1 - Aug 19 2024 =
 * ❗**Security** This release patches a security issue that may affect previous LSCWP versions since v1.9.
 * 🐞**Page Optimize** Fixed HTML minification returning blank page issue. (#706)

src/cloud.cls.php

@@ -21,6 +21,7 @@ class Cloud extends Base
 	const SVC_U_ACTIVATE = 'u/wp3/activate';
 	const SVC_U_LINK = 'u/wp3/link';
 	const SVC_U_ENABLE_CDN = 'u/wp3/enablecdn';
+	const SVC_U_STATUS = 'u/wp3/status/';
 	const SVC_D_NODES = 'd/nodes';
 	const SVC_D_SYNC_CONF = 'd/sync_conf';
 	const SVC_D_USAGE = 'd/usage';
@@ -99,6 +100,7 @@ class Cloud extends Base
 	const TYPE_ENABLE_CDN = 'enablecdn';
 	const TYPE_SYNC_USAGE = 'sync_usage';
 	const TYPE_RESET = 'reset';
+	const TYPE_SYNC_STATUS = 'sync_status';
 
 	protected $_summary;
 
@@ -403,6 +405,46 @@ public function finish_qc_activation()
 		wp_redirect(get_admin_url(null, 'admin.php?page=litespeed'));
 	}
 
+	/**
+	 * Load QC status for dash usage
+	 *
+	 * @since 7.0
+	 */
+	public function load_qc_status_for_dash($type, $force = false)
+	{
+		$col = 'body';
+		if ($type == 'cdn_dash_mini') {
+			$type = 'cdn_dash';
+			$col = 'body_mini';
+		}
+
+		if (!$force && !empty($this->_summary['next_call_ttl' . $type]) && $this->_summary['next_call_ttl' . $type] > time()) {
+			if ($col == 'body_mini') {
+				return $this->_summary['cdn_dash_mini'];
+			}
+			return $this->_summary[$type];
+		}
+
+		// Try to update dash content
+		$data = self::post(self::SVC_U_STATUS . $type);
+		if (empty($data['next_call_ttl'])) {
+			return;
+		}
+
+		// Store the info
+		$this->_summary['next_call_ttl.' . $type] = time() + intval($data['next_call_ttl']);
+		if (!empty($data['body'])) {
+			$this->_summary[$type] = Str::safe_html($data['body']);
+		}
+		if ($type == 'cdn_dash') { // Also save the mini content
+			$this->_summary['cdn_dash_mini'] = Str::safe_html($data['body_mini']);
+		}
+		$this->save_summary();
+
+		// Show the info
+		return Str::safe_html($data[$col]);
+	}
+
 	/**
 	 * Reset QC setup
 	 *
@@ -669,6 +711,9 @@ public function detect_cloud($service, $force = false)
 		if (in_array($service, self::$CENTER_SVC_SET)) {
 			return self::CLOUD_SERVER;
 		}
+		if (strpos($service, self::SVC_U_STATUS) === 0) {
+			return self::CLOUD_SERVER;
+		}
 
 		if (in_array($service, self::$WP_SVC_SET)) {
 			return self::CLOUD_SERVER_WP;
@@ -754,7 +799,7 @@ public function detect_cloud($service, $force = false)
 		if (in_array($service, self::$SERVICES_LOAD_CHECK)) {
 			$valid_cloud_loads = array();
 			foreach ($valid_clouds as $k => $v) {
-				$response = wp_remote_get($v, array('timeout' => 5, 'sslverify' => true));
+				$response = wp_remote_get($v, array('timeout' => 5));
 				if (is_wp_error($response)) {
 					$error_message = $response->get_error_message();
 					self::debug('failed to do load checker: ' . $error_message);
@@ -857,7 +902,6 @@ private function _get($service, $data = false)
 
 		$response = wp_remote_get($url, array(
 			'timeout' => 15,
-			'sslverify' => true,
 			'headers' => array('Accept' => 'application/json'),
 		));
 
@@ -1031,7 +1075,6 @@ private function _post($service, $data = false, $time_out = false)
 		$response = wp_remote_post($url, array(
 			'body' => $param,
 			'timeout' => $time_out ?: 15,
-			'sslverify' => true,
 			'headers' => array('Accept' => 'application/json'),
 		));
 
@@ -1046,11 +1089,14 @@ private function _post($service, $data = false, $time_out = false)
 	 */
 	private function _parse_response($response, $service, $service_tag, $server)
 	{
+		// If show the error or not if failed
+		$visible_err = $service !== self::API_VER && $service !== self::API_NEWS && strpos($service, self::SVC_U_STATUS) !== 0;
+
 		if (is_wp_error($response)) {
 			$error_message = $response->get_error_message();
 			self::debug('failed to request: ' . $error_message);
 
-			if ($service !== self::API_VER && $service !== self::API_NEWS) {
+			if ($visible_err) {
 				$msg = __('Failed to request via WordPress', 'litespeed-cache') . ': ' . $error_message . " [server] $server [service] $service";
 				Admin_Display::error($msg);
 
@@ -1073,7 +1119,7 @@ private function _parse_response($response, $service, $service_tag, $server)
 		if (!is_array($json)) {
 			self::debugErr('failed to decode response json: ' . $response['body']);
 
-			if ($service !== self::API_VER && $service !== self::API_NEWS) {
+			if ($visible_err) {
 				$msg = __('Failed to request via WordPress', 'litespeed-cache') . ': ' . $response['body'] . " [server] $server [service] $service";
 				Admin_Display::error($msg);
 
@@ -1251,7 +1297,10 @@ public function extract_msg($json, $service, $server = false, $is_callback = fal
 			$str_translated = Error::msg($json_msg);
 			$msg = __('Failed to communicate with QUIC.cloud server', 'litespeed-cache') . ': ' . $str_translated . " [server] $server [service] $service";
 			$msg .= $this->_parse_link($json);
-			Admin_Display::error($msg);
+			$visible_err = $service !== self::API_VER && $service !== self::API_NEWS && strpos($service, self::SVC_U_STATUS) !== 0;
+			if ($visible_err) {
+				Admin_Display::error($msg);
+			}
 
 			// QC may try auto alias
 			/** @since 5.0 Store the domain as `err_domains` only for QC auto alias feature */
@@ -1584,6 +1633,12 @@ public function handler()
 				$this->enable_cdn();
 				break;
 
+			case self::TYPE_SYNC_STATUS:
+				$this->load_qc_status_for_dash('cdn_dash');
+				$msg = __('Sync QUIC.cloud status successfully.', 'litespeed-cache');
+				Admin_Display::success($msg);
+				break;
+
 			case self::TYPE_SYNC_USAGE:
 				$this->sync_usage();
 

src/str.cls.php

@@ -1,15 +1,40 @@
 <?php
+
 /**
  * LiteSpeed String Operator Library Class
  *
  * @since 1.3
  */
+
 namespace LiteSpeed;
 
 defined('WPINC') || exit();
 
 class Str
 {
+	/**
+	 * Return safe HTML
+	 *
+	 * @since 7.0
+	 */
+	public static function safe_html($html)
+	{
+		$allowed_tags = array(
+			'p'      => array('style' => array()),
+			'span'   => array('style' => array()),
+			'img'    => array(
+				'style' => array(),
+				'src' => array(),
+				'alt' => array(),
+			),
+			'a'      => array('href' => array()),
+			'div'    => array('style' => array()),
+			'font'   => array('color' => array()),
+		);
+
+		return wp_kses($html, $allowed_tags);
+	}
+
 	/**
 	 * Generate random string
 	 *