Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/plugins/jetpack/modules/sharedaddy/recaptcha.php
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/jetpack/modules/sharedaddy/recaptcha.php')
-rw-r--r--plugins/jetpack/modules/sharedaddy/recaptcha.php51
1 files changed, 43 insertions, 8 deletions
diff --git a/plugins/jetpack/modules/sharedaddy/recaptcha.php b/plugins/jetpack/modules/sharedaddy/recaptcha.php
index 58ae6563..b5946404 100644
--- a/plugins/jetpack/modules/sharedaddy/recaptcha.php
+++ b/plugins/jetpack/modules/sharedaddy/recaptcha.php
@@ -73,7 +73,9 @@ class Jetpack_ReCaptcha {
public function get_default_config() {
return array(
'language' => get_locale(),
- 'script_async' => true,
+ 'script_async' => false,
+ 'script_defer' => true,
+ 'script_lazy' => false,
'tag_class' => 'g-recaptcha',
'tag_attributes' => array(
'theme' => 'light',
@@ -128,11 +130,25 @@ class Jetpack_ReCaptcha {
if ( true !== $resp_decoded['success'] ) {
return new WP_Error( $error_code, $error_message );
}
-
// Validate the hostname matches expected source
if ( isset( $resp_decoded['hostname'] ) ) {
$url = wp_parse_url( get_home_url() );
- if ( $url['host'] !== $resp_decoded['hostname'] ) {
+
+ /**
+ * Allow other valid hostnames.
+ *
+ * This can be useful in cases where the token hostname is expected to be
+ * different from the get_home_url (ex. AMP recaptcha token contains a different hostname)
+ *
+ * @module sharedaddy
+ *
+ * @since 9.1.0
+ *
+ * @param array [ $url['host'] ] List of the valid hostnames to check against.
+ */
+ $valid_hostnames = apply_filters( 'jetpack_recaptcha_valid_hostnames', array( $url['host'] ) );
+
+ if ( ! in_array( $resp_decoded['hostname'], $valid_hostnames, true ) ) {
return new WP_Error( 'unexpected-host', $this->error_codes['unexpected-hostname'] );
}
}
@@ -166,23 +182,42 @@ class Jetpack_ReCaptcha {
* @return string
*/
public function get_recaptcha_html() {
- return sprintf(
+ $url = sprintf(
+ 'https://www.google.com/recaptcha/api.js?hl=%s',
+ rawurlencode( $this->config['language'] )
+ );
+
+ $html = sprintf(
'
<div
class="%s"
data-sitekey="%s"
data-theme="%s"
data-type="%s"
- data-tabindex="%s"></div>
- <script type="text/javascript" src="https://www.google.com/recaptcha/api.js?hl=%s"%s></script>
+ data-tabindex="%s"
+ data-lazy="%s"
+ data-url="%s"></div>
',
esc_attr( $this->config['tag_class'] ),
esc_attr( $this->site_key ),
esc_attr( $this->config['tag_attributes']['theme'] ),
esc_attr( $this->config['tag_attributes']['type'] ),
esc_attr( $this->config['tag_attributes']['tabindex'] ),
- rawurlencode( $this->config['language'] ),
- $this->config['script_async'] ? ' async' : ''
+ $this->config['script_lazy'] ? 'true' : 'false',
+ esc_attr( $url )
);
+
+ if ( ! $this->config['script_lazy'] ) {
+ $html = $html . sprintf(
+ // phpcs:ignore WordPress.WP.EnqueuedResources.NonEnqueuedScript
+ '<script src="%s"%s%s></script>
+ ',
+ $url,
+ $this->config['script_async'] && ! $this->config['script_defer'] ? ' async' : '',
+ $this->config['script_defer'] ? ' defer' : ''
+ );
+ }
+
+ return $html;
}
}