Option to manually add Content Filtering Custom hooks#427
Option to manually add Content Filtering Custom hooks#427alextuan wants to merge 1 commit intorosell-dk:masterfrom
Conversation
rosell-dk
left a comment
There was a problem hiding this comment.
Sorry, but it seems unsafe to allow custom hooks like that.
Hi Rosell, i see other pull request on latest version of plugin, it's great |
|
Yes, my worry is regarding the security implications. My plugin has been taken down once because of security issues. The issue back then could only happen when a logged in user entered something nasty on the settings screen. So apperently, the policy is that we cannot trust that logged in users aren't hackers. I'm not sure it is a good idea to let hackers trigger custom hooks. |
|
Do not allow users without admin caps to access/change plugin settings. |
This pull request adds a textra box to the Use custom filtering hooks setting where the user can add any theme or plugin custom filter hooks.

The textra box has Help text and is only enabled when the Use Custom Filtering Hooks option is selected.
See screenshot