Insecure Content Warning

Prevent editors from adding insecure content in the editor.

Description

Insecure Content Warning helps content creators with secure (HTTPS) websites avoid insecure-content warnings in the browser by flagging any elements in the editor (such as images and embeds) that are being delivered or sourced from an insecure (HTTP) web address. All insecure elements are flagged before the content is published, and can be fixed manually or simply by clicking "fix it."

Compatible with both the block and classic editors.

Requirements

PHP 7.4+.
WordPress 5.8+.
A secure / SSL (HTTPS) website, front and back end.

Installation

Install the plugin via the plugin installer, either by searching for it or uploading a .zip file.
Activate the plugin.

Usage

This plugin requires no configuration. Simply activate and the plugin will prevent posts with insecure elements from being published, as well as provide a banner with information on the offending assets.

Optional WP-CLI Commands

These are not required for normal usage of the plugin, but are available as a utility for more advanced usage.

wp icw fix

Used to fix insecure elements in existing content. Can target specific posts or bulk batches.

wp icw fix [<id>] [--include] [--all] [--post_type] [--limit] [--offset] [--dry-run]

Example: Fix all page content:

$ wp icw fix --all --post_type=page
Checking post content...
Total posts checked for insecure URL(s): 10
+-------------------------------------+
| URL(s) fixed summary                |
+-------------------------------------+
| 0/0 URL(s) fixed in post 98         |
| 0/0 URL(s) fixed in post 96         |
| 0/0 URL(s) fixed in post 76         |
| ...........................         |
| 0/0 URL(s) fixed in post 6          |
| 0/0 URL(s) fixed in post 1          |
+-------------------------------------+

Run wp help icw fix for more information.

Support Level

Stable: 10up is not planning to develop any new features for this, but will still respond to bug reports and security concerns. We welcome PRs, but any that include new features should be small and easy to integrate and should not include breaking changes. We otherwise intend to keep this tested up to the most recent version of WordPress.

Changelog

A complete listing of all notable changes to Insecure Content Warning are documented in CHANGELOG.md.

Contributing

Please read CODE_OF_CONDUCT.md for details on our code of conduct, CONTRIBUTING.md for details on the process for submitting pull requests to us, and CREDITS.md for a listing of maintainers of, contributors to, and libraries used by Insecure Content Warning.

Name		Name	Last commit message	Last commit date
Latest commit History 492 Commits
.github		.github
.wordpress-org		.wordpress-org
config		config
includes		includes
languages		languages
src		src
tests		tests
.browserslistrc		.browserslistrc
.distignore		.distignore
.editorconfig		.editorconfig
.eslintignore		.eslintignore
.eslintrc.json		.eslintrc.json
.gitignore		.gitignore
.npmrc		.npmrc
.nvmrc		.nvmrc
.wordpress-version-checker.json		.wordpress-version-checker.json
.wp-env.json		.wp-env.json
CHANGELOG.md		CHANGELOG.md
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
CONTRIBUTING.md		CONTRIBUTING.md
CREDITS.md		CREDITS.md
LICENSE.md		LICENSE.md
README.md		README.md
composer.json		composer.json
composer.lock		composer.lock
insecure-content-warning.php		insecure-content-warning.php
package-lock.json		package-lock.json
package.json		package.json
phpcs.xml		phpcs.xml
readme.txt		readme.txt
webpack.config.js		webpack.config.js

License

10up/insecure-content-warning

Folders and files

Latest commit

History

Repository files navigation

Insecure Content Warning

Description

Requirements

Installation

Usage

Optional WP-CLI Commands

wp icw fix

Support Level

Changelog

Contributing

Like what you see?

About

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Languages