Insecure Content Warning - ChoosePlugin.com

Not yet.

Author:	10up (profile at wordpress.org)
WordPress version required:	5.8
WordPress version tested:	6.4.2
Plugin version:	1.2.0
Added to WordPress repository:	13-08-2019
Last updated:	02-01-2024
Rating, %:	0
Rated by:	0
Plugin URI:	https://wordpress.org/plugins/insecure-conten...
Total downloads:	3 144
Active installs:	10+
Click to start download

Insecure Content Warning helps content creators with secure (HTTPS) websites avoid insecure-content warnings in the browser by flagging any elements in the content editor (such as images, videos, and embeds) that are being delivered or sourced from an insecure (HTTP) web address. All insecure elements are flagged before the content is published, and can be fixed manually or simply by clicking “fix it.”

Compatible with the “classic” editor as well as the block editor (aka Gutenberg).

Technical Notes

Requires PHP 7.4+.
Requires WordPress 5.8+.
Requires a secure / SSL (HTTPS) website, front and back end.

Usage

This plugin requires no configuration. Simply activate and the plugin will prevent posts with insecure elements from being published, as well as provide a banner with information on the offending assets.

Optional WP-CLI Commands

These are not required for normal usage of the plugin, but are available as a utility for more advanced usage.

wp icw fix

Used to fix insecure elements in existing content. Can target specific posts or bulk batches.

wp icw fix [<id>] [--include] [--all] [--post_type] [--limit] [--offset] [--dry-run]

Example:
$ wp icw fix --all --post_type=page Checking post content... Total posts checked for insecure URL(s): 10 +-------------------------------------+ | URL(s) fixed summary | +-------------------------------------+ | 0/0 URL(s) fixed in post 98 | | 0/0 URL(s) fixed in post 96 | | 0/0 URL(s) fixed in post 76 | | ........................... | | 0/0 URL(s) fixed in post 6 | | 0/0 URL(s) fixed in post 1 | +-------------------------------------+

Run wp help icw fix for more information on the command args.

Screenshots
ChangeLog

1.2.0 – 2023-10-16

Note that this version bumps the minimum WordPress version from 5.7 to 5.8.
Added: Ensure that saving using the keyboard shortcut Ctrl|Command + S triggers the insecure content check (props @Sidsector9, @dinhtungdu, @jeffpaul, @faisal-alvi via #56).
Added: New admin screen to bulk fix insecure content (props @kmgalanakis, @peterwilsoncc via #112).
Added: Composer, with PHPCBF and PHPCS to aid with coding standards (props @cameronterry, @peterwilsoncc via #127).
Added: Check for minimum required PHP version before loading the plugin (props @kmgalanakis, @peterwilsoncc via #135).
Added: Repo Automater GitHub Action added to automate common repo operations (props @iamdharmesh, @jeffpaul via #142).
Changed: Bump WordPress “tested up to” version to 6.3 (props @kmgalanakis, @jeffpaul, @dkotter via #140, #144).
Changed: Bump WordPress minimum supported version from 5.7 to 5.8 (props @iamdharmesh, @dkotter via #145).
Fixed: Properly handle fixing of multiple different instances of insecure content (props @kmgalanakis, @iamdharmesh via #139).
Fixed: Ensure all Cypress E2E tests pass when running on WordPress 6.3 (props @iamdharmesh, @dkotter via #145).
Security: Bump stylelint from 9.10.1 to 15.10.1 (props @dependabot, @ravinderk via #126).
Security: Bump cypress from 11.2.0 to 13.2.0, @10up/cypress-wp-utils from 0.1.0 to 0.2.0 and @wordpress/env from 5.8.0 to 8.7.0 (props @iamdharmesh, @dkotter via #145).
Security: Bump postcss from 8.4.27 to 8.4.31 (props @dependabot, @Sidsector9 via #147).

1.1.0 – 2023-06-21

Added: View element link to highlight and auto-scroll to the insecure element (props @cadic, @peterwilsoncc, @psorensen, @adamsilverstein, @dkotter via #73).
Changed: Bump WordPress “tested up to” version 6.2 (props @Sidsector9, @iamdharmesh via #117).
Changed: Update the Dependency Review GitHub Action (props @jeffpaul, @Sidsector9 via #122).
Fixed: Update dependencies of javascript assets (props @cadic, @peterwilsoncc, @psorensen, @adamsilverstein, @dkotter via #73).
Fixed: Ensure that HTML blocks and converted classic editor blocks are correctly checked for insecure content (props @nateconley, @Sidsector9 via #108).
Security: Bump simple-git from 3.15.1 to 3.16.0 (props @dependabot via #107).
Security: Bump json5 from 1.0.1 to 1.0.2 (props @dependabot via #110).
Security: Bump ua-parser-js from 1.0.2 to 1.0.33 and browser-sync from 2.27.11 to 2.28.1 (props @dependabot via #111).
Security: Bump engine.io from 6.4.1 to 6.4.2 (props @dependabot via #119).
Security: Bump socket.io-parser from 4.2.2 to 4.2.3 (props @dependabot via #121).

1.0.3 – 2023-01-09

Note that this version bumps the minimum PHP version from 7.0 to 7.4 and the minimum WordPress version from 5.3 to 5.7.
Added: Documentation for our custom WP-CLI commands (props @csloisel, @iamdharmesh via #99).
Added: Setup E2E testing using Cypress (props @cadic, @iamdharmesh via #75).
Changed: Bump minimum PHP version from 7.0 to 7.4 (props @Sidsector9, @iamdharmesh, @vikrampm1 via #81).
Changed: Bump minimum WordPress version from 5.3 to 5.7 (props @Sidsector9, @iamdharmesh, @vikrampm1 via #81).
Changed: Update Support Level from Active to Stable (props @jeffpaul, @dkotter via #80).
Changed: Bump WordPress version “tested up to” 6.1 (props @jayedul, @dkotter via #97).
Security: Bump terser from 4.8.0 to 4.8.1 (props @dependabot via #79).
Security: Bump loader-utils from 1.4.0 to 1.4.2 (props @dependabot via #87).
Security: Bump minimatch from 3.0.4 to 3.1.2 (props @dependabot via #88).
Security: Bump engine.io from 3.2.1 to 6.2.1 (props @dependabot via #90).
Security: Bump browser-sync from 2.26.12 to 2.27.11 (props @dependabot via #90, #104).
Security: Bump color-string from 1.5.3 to 1.9.1 (props @dependabot via #91).
Security: Bump is-svg from 4.2.1 to 4.3.2 and postcss-svgo from 4.0.2 to 4.0.3 (props @dependabot via #92).
Security: Bump browserslist from 4.14.0 to 4.16.5 (props @dependabot via #94).
Security: Bump ini from 1.3.5 to 1.3.8 (props @dependabot via #96).
Security: Bump decode-uri-component from 0.2.0 to 0.2.2 (props @dependabot via #98).
Security: Bump json5 from 1.0.1 to 1.0.2 (props @dependabot via #102).
Security: Bump qs from 6.2.3 to 6.11.0 (props @dependabot via #104).

1.0.2 – 2022-06-27

Added: Dependency security scanning (props @jeffpaul via #70).
Changed: Bump WordPress version “tested up to” 6.0 (props @cadic via #74).
Security: Bump minimist from 1.2.5 to 1.2.6 (props @dependabot via #67).
Security: Bump postcss from 7.0.32 to 7.0.39 (props @dependabot via #68).

1.0.1 – 2022-02-17

Fixed: Ensure we support WordPress 5.9 (props @dkotter, @mohitwp, @peterwilsoncc).

1.0.0 – 2021-08-24

Added: Initial public release! 🎉

Hide ChangeLog