hoolamonster
Forum Replies Created
-
Forum: Plugins
In reply to: [WooCommerce Stripe Payment Gateway] Tax Not UpdatingI was able to get this worked out. As it where, there was a checkout template file in the child theme with changes to it. These edits where causing a conflict with the dynamic update of the sales tax.
Forum: Plugins
In reply to: [WooCommerce Stripe Payment Gateway] Tax Not UpdatingJust to clarify taxes:
I have taxes for States entered with only their state aberration and set to priority 1, I have zip codes entered only (for cities/counties) with priority 2. This is what you will see in the screenshot for the taxes (under standard rate).
Forum: Plugins
In reply to: [WooCommerce Stripe Payment Gateway] Tax Not UpdatingDB updated, result is same behavior.
Forum: Plugins
In reply to: [WooCommerce Stripe Payment Gateway] Tax Not UpdatingForum: Plugins
In reply to: [WooCommerce Stripe Payment Gateway] Tax Not Updatingsystem dump can be found here
Forum: Plugins
In reply to: [WooCommerce Stripe Payment Gateway] Tax Not UpdatingIf you send me your email i can link you the staging site where it is active. Will that work?
Forum: Plugins
In reply to: [Yoast SEO - Advanced SEO with real-time guidance and built-in AI] somethingtrying to remove this…
Forum: Plugins
In reply to: [WP Search with Algolia] Conflict with Content Security PolicyOh yes I’ve seen this link. I just do not know how to set up a nonce. And then work it in.
Forum: Plugins
In reply to: [WP Search with Algolia] Conflict with Content Security PolicyI can but Ill need a day to get it going for you! Thank you, ill check the link too.
Forum: Plugins
In reply to: [WP Search with Algolia] Conflict with Content Security PolicyEverything works regarding the plugin, with this separation. I was however hoping it would fix the inline JS aka CSP ‘unsafe-inline’ but it did not.
Forum: Plugins
In reply to: [WP Search with Algolia] Conflict with Content Security PolicyI’ve since taken it down (the CSP) but what I had was similar to this:
Header set Content-Security-Policy “default-src ‘self’; “script-src ‘self’ cdn.for-some-js.com; (and so on adding “style-src” and such)
What happens is a bunch of errors happen in the console and you keep adding the external URIs to permit them running on the site. But for anything running on the main domain. However, inline JS will not run until you modify the CSP to something like such:
Header set Content-Security-Policy “default-src ‘self’; “script-src ‘self’ cdn.for-some-js.com ‘unsafe-inline’;(…)
And while the JS might be safe, the fact you have to use ‘unsafe-inline’ is a security concern.
As for the algolia plugin: I moved the php files to my theme directory/algolia
inside of that I put the 2 php files. I then I made a inc/js folder. I removed the JS between <script>…</script> and moved them into algolia/inc/jsThis is my functions.php
// Load Algolia Autocomplete JS add_action( 'wp_enqueue_scripts', 'bo_add_algolia_autocomplete', 999 ); function bo_add_algolia_autocomplete() { wp_register_script('bo-autocomplete', get_stylesheet_directory_uri() . '/algolia/js/algolia-autocomplete.js', array(),'1.1', true); wp_enqueue_script('bo-autocomplete'); }Forum: Plugins
In reply to: [WP Search with Algolia] Conflict with Content Security PolicyIts not a plugin. I’m just writing to the htaccess.
And because you have to pass this CSP check for other domain reasoning, having an open script policy is flagged.
So I tried cleaning it up by removing the script to its own file and registering it. But that still drops the same inline js.
Wordpress does nonce and apparently you can nonce the script with the server. But, this is above my knowledge bandwidth. So Im just a tad stuck.
Thank you for the continued support! I appreciate the conversation and your time!
Forum: Plugins
In reply to: [WP Search with Algolia] Conflict with Content Security PolicyAlso, not sure about this but, any way to work with wp_get_script_tag() to assit in this?
Forum: Plugins
In reply to: [WP Search with Algolia] Conflict with Content Security PolicyThe problem is, I cannot set a strict Content Security Policy because of this. I’m sure it’s safe, WP has a few inline scripts (also issues). But the second I turn on my CSP the plugin will not work. I have to enable ‘unsafe-inline’ which is a problem for security.
Forum: Plugins
In reply to: [WP Search with Algolia] Conflict with Content Security Policysupport.botron.com
As an update, I’ve moved the scripts out of the PHP files and I’m loading them through a PHP function in my custom functions file. But this also seems to keep the script inline for some reason or another.
If you view the page source and search for var algolia you will see it.
Thanks for the prompt response Michael!
