WordPress.org

Ready to get started?Download WordPress

Forums

GD Star Rating
GD Star Rating - AJAX XSS Error (5 posts)

  1. PascalBajorat
    Member
    Posted 2 years ago #

    Hi there,
    since a few days my GD Star Rating not work anymore.
    When someone click on the stars to rate, only the "please wait..." spinner was displayed and no more, the vote will not saved.

    I've found this Ajax Request in the console log:
    http://www.my-domain.net/wp-content/plugins/gd-star-rating/ajax.php?_ajax_nonce=e719cd0016&vote_id=289&vote_value=5&vote_type=a&vote_tpl=10&vote_size=20

    it responds only "xss_error", but why?

    I think this is the error, but why it responds "xss_error", a few days ago it has worked fine.

    http://wordpress.org/extend/plugins/gd-star-rating/

  2. Julio Potier
    Member
    Posted 2 years ago #

    Hello

    I think that "$types" declared on top of ajax.php file is not a good idea because it's too mainstream.
    Maybe a plugin or a WP behavior, sometimes, overwrites it.

    No worry about security, your link is fine (check the changelog for 1.9.10 ;p

    So my advice goees to @GDragoN : can you just rename "$types" ? Like "$gd_allowed_types" ?

    Thanks n see you

  3. PascalBajorat
    Member
    Posted 2 years ago #

    great, thats it I've renamed the $types var and now it works fine.

    Thx

  4. Julio Potier
    Member
    Posted 2 years ago #

    Like i thought ;)
    Good :)

  5. Tuan Linh
    Member
    Posted 1 year ago #

    Thank Julio, I fixed my site as your suggestion!

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic