Merge pull request #30 from shinsenter/develop

shinsenter · web-flow · commit 71f748a8b74f · 2019-12-06T17:39:05.000+09:00
Fixed CVE-2019-18888, updated library
diff --git a/README.txt b/README.txt
@@ -103,7 +103,9 @@ Lazy loading content on web page can help reduce resource contention and improve
 
 == Changelog ==
 
-1.1.10+4 Removed external resources
+1.1.11 Fixed security issue (Fixed CVE-2019-18888)
+
+1.1.10+5 Removed external resources
 
 1.1.10 Bug fixes and improvements
 
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-1.1.10+4
+1.1.11
diff --git a/admin/class-defer-js-admin.php b/admin/class-defer-js-admin.php
@@ -67,19 +67,22 @@ public function register_options()
 
     public function register_menu()
     {
-        // Remove old menu
-        remove_menu_page(DEFER_JS_PLUGIN_NAME);
-
-        // Create new top-level menu
-        add_menu_page(
-            __('Configure defer.js settings'),
-            __('My defer.js'),
-            'administrator',
-            DEFER_JS_PLUGIN_NAME,
-            array($this, 'options_page'),
-            plugins_url('/icon.jpg', __FILE__),
-            $this->get_menu_position()
-        );
+        // Temporary disable icon on menu
+        return null;
+
+        // // Remove old menu
+        // remove_menu_page(DEFER_JS_PLUGIN_NAME);
+
+        // // Create new top-level menu
+        // add_menu_page(
+        //     __('Configure defer.js settings'),
+        //     __('My defer.js'),
+        //     'administrator',
+        //     DEFER_JS_PLUGIN_NAME,
+        //     array($this, 'options_page'),
+        //     plugins_url('/icon.jpg', __FILE__),
+        //     $this->get_menu_position()
+        // );
     }
 
     public function register_menu_plugin_options($links)
diff --git a/composer.json b/composer.json
@@ -1,17 +1,16 @@
 {
     "license": "MIT",
     "type": "project",
-    "scripts":
-    {
+    "scripts": {
         "fixer": "php-cs-fixer fix --show-progress=estimating --verbose",
         "deploy": [
             "bash ./_dist_/deploy.sh"
         ]
     },
     "require": {
         "php": ">=5.6",
-        "symfony/http-foundation": "3.4.36",
-        "shinsenter/defer.php": "^1.0.0"
+        "symfony/http-foundation": "3.3.18",
+        "shinsenter/defer.php": "^1.0"
     },
     "config": {
         "preferred-install": "dist",
diff --git a/composer.lock b/composer.lock
diff --git a/defer-wordpress.php b/defer-wordpress.php
@@ -20,15 +20,15 @@
  * Currently plugin version.
  * Rename this for your plugin and update it as you release new versions.
  */
-define('DEFER_WORDPRESS_PLUGIN_VERSION', '1.1.10+4');
+define('DEFER_WORDPRESS_PLUGIN_VERSION', '1.1.11');
 define('DEFER_JS_PREFIX', 'shinsenter_deferjs_');
 
 /*
  * @wordpress-plugin
  * Plugin Name:       An efficient lazy loader (defer.js)
  * Plugin URI:        https://wordpress.org/plugins/shins-pageload-magic/
  * Description:       ⚡️ A native, blazing fast lazy loader. ✅ Legacy browsers support (IE9+). 💯 SEO friendly. 🧩 Lazy load almost anything.
- * Version:           1.1.10+4
+ * Version:           1.1.11
  * Author:            Mai Nhut Tan
  * Author URI:        https://code.shin.company/
  * License:           GPL-2.0+
@@ -41,7 +41,7 @@
  * defer.js library version
  */
 // if (!defined('DEFER_JS_VERSION')) {
-//     define('DEFER_JS_VERSION', '1.1.10');
+//     define('DEFER_JS_VERSION', '1.1.11');
 // }
 
 if (!defined('DEFER_JS_PLUGIN_NAME')) {
@@ -88,27 +88,26 @@ function shinsenter_deferjs_ob($buffer)
 
                 // all files have been downloaded and served locally
                 // https://github.com/shinsenter/defer.js/tree/master/dist
+                $deferjs  = file_get_contents(__DIR__ . '/public/js/defer.js');
                 $polyfill = '"IntersectionObserver"in window||deferscript("'
                     . plugin_dir_url(__FILE__)
                     . 'public/js/polyfill.js","polyfill-js",1);';
-                $deferjs  = file_get_contents(__DIR__ . '/public/js/defer.js');
                 $helpers  = file_get_contents(\shinsenter\Defer::HELPERS_URL);
 
                 // Append polyfill.js and defer_plus.min.js
-                \shinsenter\Defer::$helpers = $polyfill . $deferjs . $helpers;
-
+                \shinsenter\Defer::$helpers = $deferjs . $polyfill . $helpers;
 
                 // Remove copyright (omit external requests)
                 \shinsenter\Defer::$fingerprint = '
     ┌┬┐┌─┐┌─┐┌─┐┬─┐  ┬┌─┐
      ││├┤ ├┤ ├┤ ├┬┘  │└─┐
     ─┴┘└─┘└  └─┘┴└─o└┘└─┘
 This page was optimized with defer.js
-WordPress: https://wordpress.org/plugins/shins-pageload-magic/
+https://wordpress.org/plugins/shins-pageload-magic/
 ';
 
-                $defer->debug_mode      = false;
-                $defer->hide_warnings   = true;
+                $defer->debug_mode    = false;
+                $defer->hide_warnings = true;
 
                 $optimized = $defer->fromHtml($buffer)->toHtml();
             } catch (\Exception $e) {
diff --git a/public/js/defer.js b/public/js/defer.js
