Cavemanon/piratepoet
7
Fork 0
Code Pull Requests Actions Releases 16 Activity

Source reCAPTCHA API only when needed

Browse Source 
When using a subscription form as an iframe, our CSP catched up that the reCAPTCHA API was included despite MailPoet being configured to use its internal CAPTCHA. The following change will only output the relevant <script> tag when MailPoet uses reCAPTCHA.
This commit is contained in:
Lunar
2021-01-07 15:29:39 +01:00
committed by Veljko V
parent be7c3bf0af
commit aa450a2ebe
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/Form/AssetsController.php
View File

@ -35,7 +35,12 @@ class AssetsController {
$this->wp->wpPrintScripts('jquery');
$this->wp->wpPrintScripts('mailpoet_vendor');
$this->wp->wpPrintScripts('mailpoet_public');
echo '<script src="' . self::RECAPTCHA_API_URL . '" async defer></script>';
$captcha = $this->settings->get('captcha');
if (!empty($captcha['type']) && $captcha['type'] === Captcha::TYPE_RECAPTCHA) {
echo '<script src="' . self::RECAPTCHA_API_URL . '" async defer></script>';
}
$scripts = ob_get_contents();
ob_end_clean();
if ($scripts === false) {