Changeset 3069174

Timestamp:

04/11/2024 05:50:09 PM (11 months ago)

Author:

zapier

Message:

Fix User-Agent header validation

Location:

zapier

Files:

• tags/1.0.7 (copied) (copied from zapier/trunk)
• tags/1.0.7/readme.txt (modified) (3 diffs)
• tags/1.0.7/zapier.php (modified) (2 diffs)
• trunk/readme.txt (modified) (3 diffs)
• trunk/zapier.php (modified) (2 diffs)

zapier/tags/1.0.7/readme.txt

@@ -5 +5 @@
 Tested up to: 6.4
 Requires PHP: 7.0
-Stable tag: 1.0.6
+Stable tag: 1.0.7
 License: Expat (MIT License)
 License URI: https://spdx.org/licenses/MIT.html
@@ -13 +13 @@
 == Description ==
 
-Zapier is the #1 workflow automation platform for small and midsize businesses that supports 6,000+ of the most popular apps, like Instagram, Facebook, and Pinterest. In just a few minutes, you can set up automated workflows (called _Zaps_) that connect WordPress with the other apps you use most. You can share your latest WordPress posts to Facebook or Instagram, create drafts from an RSS feed or Mailchimp newsletter, or be notified when you get new comments and much more–no manual work or coding required.
+Zapier is the #1 workflow automation platform for small and midsize businesses that supports 7,000+ of the most popular apps, like Instagram, Facebook, and Pinterest. In just a few minutes, you can set up automated workflows (called _Zaps_) that connect WordPress with the other apps you use most. You can share your latest WordPress posts to Facebook or Instagram, create drafts from an RSS feed or Mailchimp newsletter, or be notified when you get new comments and much more–no manual work or coding required.
 
 = Some things you can do with Zapier + WordPress =
@@ -64 +64 @@
 
 If you have any feature requests, issues, or questions with Zapier for WordPress, please contact us using our [help form](https://zapier.com/app/get-help?utm_source=partner_wordpress_support&utm_medium=plugin_listing&utm_campaign=partner_wordpress).
+
+== Changelog ==
+
+= 1.0.0 =
+
+* Initial release.
+
+= 1.0.1 =
+
+* Improved verification of headers.
+
+= 1.0.2 =
+
+* Updated readme.
+
+= 1.0.3 =
+
+* Added a leeway value for JWT token validation.
+
+= 1.0.4 =
+
+* Updated register_rest_route to match >5.6 required arguments.
+* Updated latest tested Wordpress version to 5.9.
+
+= 1.0.5 =
+
+* Updated latest tested Wordpress version to 6.4.
+* Updated description.
+
+= 1.0.6 =
+
+* Updated short description.
+
+= 1.0.7 =
+
+* Updated assets.
+* Updated description.
+* Hotfix: Fix User-Agent header validation.

zapier/tags/1.0.7/zapier.php

@@ -4 +4 @@
  * Plugin Name:       Zapier for WordPress
  * Description:       Zapier enables you to automatically share your posts to social media, create WordPress posts from Mailchimp newsletters, and much more. Visit https://zapier.com/apps/wordpress/integrations for more details.
- * Version:           1.0.6
+ * Version:           1.0.7
  * Author:            Zapier
  * Author URI:        https://zapier.com
@@ -175 +175 @@
         $is_valid_rest_api_uri = strpos($_SERVER['REQUEST_URI'], $rest_api_slug);
         $is_valid_token_uri = strpos($_SERVER['REQUEST_URI'], $this->namespace . '/token');
-        $is_zapier_request = $_SERVER['HTTP_USER_AGENT'] === 'Zapier' && isset($_SERVER['HTTP_X_ZAPIER_AUTH']);
+        $is_zapier_request = isset($_SERVER['HTTP_USER_AGENT']) && $_SERVER['HTTP_USER_AGENT'] === 'Zapier' && isset($_SERVER['HTTP_X_ZAPIER_AUTH']);
 
         if ($is_zapier_request && $is_valid_rest_api_uri && !$is_valid_token_uri) {

zapier/trunk/readme.txt

@@ -5 +5 @@
 Tested up to: 6.4
 Requires PHP: 7.0
-Stable tag: 1.0.6
+Stable tag: 1.0.7
 License: Expat (MIT License)
 License URI: https://spdx.org/licenses/MIT.html
@@ -13 +13 @@
 == Description ==
 
-Zapier is the #1 workflow automation platform for small and midsize businesses that supports 6,000+ of the most popular apps, like Instagram, Facebook, and Pinterest. In just a few minutes, you can set up automated workflows (called _Zaps_) that connect WordPress with the other apps you use most. You can share your latest WordPress posts to Facebook or Instagram, create drafts from an RSS feed or Mailchimp newsletter, or be notified when you get new comments and much more–no manual work or coding required.
+Zapier is the #1 workflow automation platform for small and midsize businesses that supports 7,000+ of the most popular apps, like Instagram, Facebook, and Pinterest. In just a few minutes, you can set up automated workflows (called _Zaps_) that connect WordPress with the other apps you use most. You can share your latest WordPress posts to Facebook or Instagram, create drafts from an RSS feed or Mailchimp newsletter, or be notified when you get new comments and much more–no manual work or coding required.
 
 = Some things you can do with Zapier + WordPress =
@@ -64 +64 @@
 
 If you have any feature requests, issues, or questions with Zapier for WordPress, please contact us using our [help form](https://zapier.com/app/get-help?utm_source=partner_wordpress_support&utm_medium=plugin_listing&utm_campaign=partner_wordpress).
+
+== Changelog ==
+
+= 1.0.0 =
+
+* Initial release.
+
+= 1.0.1 =
+
+* Improved verification of headers.
+
+= 1.0.2 =
+
+* Updated readme.
+
+= 1.0.3 =
+
+* Added a leeway value for JWT token validation.
+
+= 1.0.4 =
+
+* Updated register_rest_route to match >5.6 required arguments.
+* Updated latest tested Wordpress version to 5.9.
+
+= 1.0.5 =
+
+* Updated latest tested Wordpress version to 6.4.
+* Updated description.
+
+= 1.0.6 =
+
+* Updated short description.
+
+= 1.0.7 =
+
+* Updated assets.
+* Updated description.
+* Hotfix: Fix User-Agent header validation.

zapier/trunk/zapier.php

@@ -4 +4 @@
  * Plugin Name:       Zapier for WordPress
  * Description:       Zapier enables you to automatically share your posts to social media, create WordPress posts from Mailchimp newsletters, and much more. Visit https://zapier.com/apps/wordpress/integrations for more details.
- * Version:           1.0.6
+ * Version:           1.0.7
  * Author:            Zapier
  * Author URI:        https://zapier.com
@@ -175 +175 @@
         $is_valid_rest_api_uri = strpos($_SERVER['REQUEST_URI'], $rest_api_slug);
         $is_valid_token_uri = strpos($_SERVER['REQUEST_URI'], $this->namespace . '/token');
-        $is_zapier_request = $_SERVER['HTTP_USER_AGENT'] === 'Zapier' && isset($_SERVER['HTTP_X_ZAPIER_AUTH']);
+        $is_zapier_request = isset($_SERVER['HTTP_USER_AGENT']) && $_SERVER['HTTP_USER_AGENT'] === 'Zapier' && isset($_SERVER['HTTP_X_ZAPIER_AUTH']);
 
         if ($is_zapier_request && $is_valid_rest_api_uri && !$is_valid_token_uri) {