WordPress.org

Ready to get started?Download WordPress

Forums

bublaa forum and comments
[resolved] external javascript? (5 posts)

  1. allm
    Member
    Posted 1 year ago #

    I am thinking of using embedded Bublaa on a website that I am developing.

    I have read the source code of the plugin and it seems that there are 2 external javascript files (on your domein) that get executed. Somehow that doesn't feel right. If your site gets compromised I suffer too. Isn't it much better to add those 2 javascript files to the plugin? That way every user is responsible for their own safety and every user can read what code is in there.

    http://wordpress.org/extend/plugins/bublaa-embeddable-forums/

  2. allm
    Member
    Posted 1 year ago #

    Please also check the plugin guidelines, second item at point 7:
    http://wordpress.org/extend/plugins/about/guidelines/

  3. bublaa
    Member
    Plugin Author

    Posted 1 year ago #

    Hiya!

    We would be glad to have you.

    Unfortunately there isn't much we can do about external JavaScript because that's simply how our service works.

    Thank you for pointing out the plugin guidelines. I'll be sure to see that all required points are made clear enough in the future.

    Kim from the bublaa team

  4. allm
    Member
    Posted 1 year ago #

    Hi Kim,

    It seems to me that using this plugin introduces a potential backdoor security hole in the website that is using it. You say that "this is simply how our service works", but I wouldn't be surprised if you can easily change things by adding the JS script files to the plugin and load them locally and not from your location.

    I am surprised that the plugin made it into the repository with this code in it.

    This way the plugin is not for me, which is a pity as your service looks really promising.

  5. bublaa
    Member
    Plugin Author

    Posted 1 year ago #

    Hi!

    I appreciate the suggestion but Bublaa is designed to work on any platform. And even though WordPress is one of the big ones, developing the WordPress plugin separately the way you suggested would put a strain on our development process and would not really fit in our service model.

    Many services are built like this. You can find these in the plugin directory.

    Thank you for your kind words. I'm confident that you will find the perfect fit for you in the plugin directory.

    Have a good one!

    Kim from the bublaa team

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.