AlertWire plug-in to easily insert script tag for AlertWire client sites.
|Author:||AlertWire (profile at wordpress.org)|
|WordPress version required:||3.0|
|WordPress version tested:||4.7|
|Added to WordPress repository:||16-12-2014|
Click to start download
The plug-in settings screen, where you enter the
data-tokenand select into what pages the script is injected.
The script that is injected at the bottom of the page.
Will this slow down my pages?
end-user has visited your site it will be in their cache.
available long before any images are finished loading.
The CSS file is only loaded if there are alerts to be rendered (not normally the case) and is also served from a CDN as a public long-cacheable file.
This CSS file is under 2K and will only be downloaded one per end-user.
The font file for the alert icons is downloaded only if there are alerts to be rendered and is also served from a CDN as a public long-cacheable file.
This font file is under 10K and will only be downloaded once per end-user.
The actual script execution is very fast and will not block on any downloads.
Will this break my pages?
All alerts are injected into the page in a
divtag and the CSS generated is scoped via a nonce-based id. It should never interact with any styling on your page
but you might need to provide a placement anchor-element to ensure your site CSS doesn’t hide the alert. The script snippet allows you to specify a container
to act as the parent for the injected alerts in case you need to adjust them around header or navigation elements.
The alerts are deleted from the page DOM when closed so nothing remains on screen if the end-user closes the alert. The lightbox-style alert acts as a complete
page take-over and thus might have z-index issues, by default the alerts will be z-index of at least 10000.
What about updates?
version-requirement declared in the JSON response and is completely automatic.
How much does this cost?
The plug-in is free and use is included in the cost of an AlertWire system. For more information about AlertWire.
What if I stop using AlertWire?
Since the script does essentially nothing if there are no alerts configured for the site, your script will just silently keep working and display nothing.
Is this secure?
- Yes, everything is only loaded over HTTPS with OSCP stapling, Strict Transport Security (HSTS) required and preloaded in all browsers.
- No admin defined assets other than pure text are ever served to the end-user’s browser.
- No CSS, JS, HTML or image assets are available for hacking/injecting.
- All AlertWire-supplied content is served via the CloudFlare CDN with
Qualsys SSL Labs A+ SSL rating.
- The administration application is fully tested against the OWASP best-practice criteria.
Resaved all files in UTF8 without BOM so we don’t bust headers
Removed unneeded markup in setting page.
Change default endpoint to https and note version compatibility to 4.7 and update notes.
Bump revision in the plug-in itself.
Cleanup now that we’re in the WordPress plug-in repo.
- Initial release.