{"id":41720,"date":"2024-07-02T14:15:01","date_gmt":"2024-07-02T14:15:01","guid":{"rendered":"https:\/\/s.b\/oikcom\/?post_type=shortcode_example&#038;p=50460"},"modified":"2024-07-04T16:46:02","modified_gmt":"2024-07-04T16:46:02","slug":"bw_button-security-fix-2","status":"publish","type":"shortcode_example","link":"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/","title":{"rendered":"bw_button <span class=\"summary\">&#8211; security fix<\/span>"},"content":{"rendered":"\n<p>This post demonstrates the security fix implemented to prevent Cross Site Scripting using the class parameter in the bw_button shortcode.<\/p>\n\n\n\n<p>Without the fix, when the button is hovered over a JavaScript alert box is displayed.<\/p>\n\n\n<figure class=\"wp-block-post-featured-image\"><img loading=\"lazy\" decoding=\"async\" width=\"561\" height=\"182\" src=\"https:\/\/www.oik-plugins.com\/wp-content\/uploads\/2024\/07\/image.png\" class=\"attachment-post-thumbnail size-post-thumbnail wp-post-image\" alt=\"\" style=\"object-fit:cover;\" srcset=\"https:\/\/www.oik-plugins.com\/wp-content\/uploads\/2024\/07\/image.png 561w, https:\/\/www.oik-plugins.com\/wp-content\/uploads\/2024\/07\/image-300x97.png 300w, https:\/\/www.oik-plugins.com\/wp-content\/uploads\/2024\/07\/image-386x125.png 386w\" sizes=\"auto, (max-width: 561px) 100vw, 561px\" \/><\/figure>\n\n\n<p>With the fix applied the JavaScript alert message is NOT DISPLAYED when the button is hovered over.<\/p>\n\n\n<p><a class=\"button   &quot; onmouseover=alert(5) \" href=\"#\">dummy<\/a><\/p>\n\n\n<div class=\"wp-block-oik-css-geshi\"><div class=\"bw_geshi none\"><pre>&#091;bw_button class=&#039; &quot; onmouseover=alert(5) &#039;]<\/pre><\/div><\/div>\n\n\n<p>The fix also applies to the following shortcodes:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>bw_contact_button<\/li>\n\n\n\n<li>bw_link<\/li>\n<\/ul>\n\n\n<p><a class=\"button   &quot; onmouseover=alert(6) bw_contact\" href=\"\/contact\/\" title=\"Write to oik\">Contact oik<\/a><\/p>\n\n\n<p><a class=\"  &quot; onmouseover=alert(7) \" href=\"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/\">bw_button <span class=\"summary\">&#8211; security fix<\/span><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><!-- wp:paragraph --><\/p>\n<p>This post demonstrates the security fix implemented to prevent Cross Site Scripting using the class parameter in the bw_button shortcode.<\/p>\n<p><!-- \/wp:paragraph --><\/p>\n<p><!-- wp:paragraph --><\/p>\n<p>Without the fix, when the button is hovered over a JavaScript alert box is displayed.<\/p>\n<p><!-- \/wp:paragraph --><\/p>\n<p><!-- wp:post-featured-image \/--><\/p>\n<p><!-- wp:paragraph --><\/p>\n<p>With the fix applied the JavaScript alert message is NOT DISPLAYED when the button is hovered over.<\/p>\n<p><!-- \/wp:paragraph --><\/p>\n<p><!-- wp:shortcode --><br \/>\n<a class=\"button   &quot; onmouseover=alert(5) \" href=\"#\">dummy<\/a><br \/>\n<!-- \/wp:shortcode --><\/p>\n<p><!-- wp:oik-css\/geshi {\"content\":\"[bw_button class=' \\u0022 onmouseover=alert(5) ']\"} \/--><\/p>\n<p><!-- wp:paragraph --><\/p>\n<p>The fix also applies to the following shortcodes:<\/p>\n<p><!-- \/wp:paragraph --><\/p>\n<p><!-- wp:list --><\/p>\n<ul><!-- wp:list-item --><\/p>\n<li>bw_contact_button<\/li>\n<p><!-- \/wp:list-item --><\/p>\n<p><!-- wp:list-item --><\/p>\n<li>bw_link<\/li>\n<p><!-- \/wp:list-item --><\/ul>\n<p><!-- \/wp:list --><\/p>\n<p><!-- wp:shortcode --><br \/>\n<a class=\"button   &quot; onmouseover=alert(6) bw_contact\" href=\"\/contact\/\" title=\"Write to oik\">Contact oik<\/a><br \/>\n<!-- \/wp:shortcode --><\/p>\n<p><!-- wp:shortcode --><br \/>\n<a class=\"  &quot; onmouseover=alert(7) \" href=\"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/\">bw_button <span class=\"summary\">&#8211; security fix<\/span><\/a><br \/>\n<!-- \/wp:shortcode --><\/p>\n","protected":false},"featured_media":41722,"template":"","letters":[523],"class_list":{"0":"post-41720","1":"shortcode_example","2":"type-shortcode_example","3":"status-publish","4":"has-post-thumbnail","6":"letters-b","7":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>bw_button - security fix - [oik] plugins.com<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"bw_button - security fix - [oik] plugins.com\" \/>\n<meta property=\"og:description\" content=\"This post demonstrates the security fix implemented to prevent Cross Site Scripting using the class parameter in the bw_button shortcode.  Without the fix, when the button is hovered over a JavaScript alert box is displayed.   With the fix applied the JavaScript alert message is NOT DISPLAYED when the button is hovered over.  dummy   The fix also applies to the following shortcodes:   bw_contact_button  bw_link   Contact oik  bw_button &#8211; security fix\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/\" \/>\n<meta property=\"og:site_name\" content=\"[oik] plugins.com\" \/>\n<meta property=\"article:modified_time\" content=\"2024-07-04T16:46:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.oik-plugins.com\/wp-content\/uploads\/2024\/07\/image.png\" \/>\n\t<meta property=\"og:image:width\" content=\"561\" \/>\n\t<meta property=\"og:image:height\" content=\"182\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/\",\"url\":\"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/\",\"name\":\"bw_button - security fix - [oik] plugins.com\",\"isPartOf\":{\"@id\":\"https:\/\/www.oik-plugins.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.oik-plugins.com\/wp-content\/uploads\/2024\/07\/image.png\",\"datePublished\":\"2024-07-02T14:15:01+00:00\",\"dateModified\":\"2024-07-04T16:46:02+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/#primaryimage\",\"url\":\"https:\/\/www.oik-plugins.com\/wp-content\/uploads\/2024\/07\/image.png\",\"contentUrl\":\"https:\/\/www.oik-plugins.com\/wp-content\/uploads\/2024\/07\/image.png\",\"width\":561,\"height\":182},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Shortcode examples\",\"item\":\"https:\/\/www.oik-plugins.com\/shortcode_example\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"bw_button &#8211; security fix\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.oik-plugins.com\/#website\",\"url\":\"https:\/\/www.oik-plugins.com\/\",\"name\":\"[oik] plugins.com\",\"description\":\"WordPress plugins and themes\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.oik-plugins.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"bw_button - security fix - [oik] plugins.com","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/","og_locale":"en_US","og_type":"article","og_title":"bw_button - security fix - [oik] plugins.com","og_description":"This post demonstrates the security fix implemented to prevent Cross Site Scripting using the class parameter in the bw_button shortcode.  Without the fix, when the button is hovered over a JavaScript alert box is displayed.   With the fix applied the JavaScript alert message is NOT DISPLAYED when the button is hovered over.  dummy   The fix also applies to the following shortcodes:   bw_contact_button  bw_link   Contact oik  bw_button &#8211; security fix","og_url":"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/","og_site_name":"[oik] plugins.com","article_modified_time":"2024-07-04T16:46:02+00:00","og_image":[{"width":561,"height":182,"url":"https:\/\/www.oik-plugins.com\/wp-content\/uploads\/2024\/07\/image.png","type":"image\/png"}],"twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/","url":"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/","name":"bw_button - security fix - [oik] plugins.com","isPartOf":{"@id":"https:\/\/www.oik-plugins.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/#primaryimage"},"image":{"@id":"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/#primaryimage"},"thumbnailUrl":"https:\/\/www.oik-plugins.com\/wp-content\/uploads\/2024\/07\/image.png","datePublished":"2024-07-02T14:15:01+00:00","dateModified":"2024-07-04T16:46:02+00:00","breadcrumb":{"@id":"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/#primaryimage","url":"https:\/\/www.oik-plugins.com\/wp-content\/uploads\/2024\/07\/image.png","contentUrl":"https:\/\/www.oik-plugins.com\/wp-content\/uploads\/2024\/07\/image.png","width":561,"height":182},{"@type":"BreadcrumbList","@id":"https:\/\/www.oik-plugins.com\/shortcode_example\/bw_button-security-fix-2\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Shortcode examples","item":"https:\/\/www.oik-plugins.com\/shortcode_example\/"},{"@type":"ListItem","position":2,"name":"bw_button &#8211; security fix"}]},{"@type":"WebSite","@id":"https:\/\/www.oik-plugins.com\/#website","url":"https:\/\/www.oik-plugins.com\/","name":"[oik] plugins.com","description":"WordPress plugins and themes","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.oik-plugins.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/www.oik-plugins.com\/wp-json\/wp\/v2\/shortcode_example\/41720","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.oik-plugins.com\/wp-json\/wp\/v2\/shortcode_example"}],"about":[{"href":"https:\/\/www.oik-plugins.com\/wp-json\/wp\/v2\/types\/shortcode_example"}],"version-history":[{"count":2,"href":"https:\/\/www.oik-plugins.com\/wp-json\/wp\/v2\/shortcode_example\/41720\/revisions"}],"predecessor-version":[{"id":41724,"href":"https:\/\/www.oik-plugins.com\/wp-json\/wp\/v2\/shortcode_example\/41720\/revisions\/41724"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.oik-plugins.com\/wp-json\/wp\/v2\/media\/41722"}],"wp:attachment":[{"href":"https:\/\/www.oik-plugins.com\/wp-json\/wp\/v2\/media?parent=41720"}],"wp:term":[{"taxonomy":"letters","embeddable":true,"href":"https:\/\/www.oik-plugins.com\/wp-json\/wp\/v2\/letters?post=41720"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}