wpForo mangles site...
 
Notifications
Clear all

wpForo mangles site URLs that contain port number (:xxxx)

3 Posts
3 Users
1 Likes
665 Views
Posts: 1
Topic starter
(@mirish)
New Member
Joined: 12 months ago

We are developing a WordPress site and have multiple development sites hosted on different ports on the same host. Our site URLs look something like `mysite.mybox.com:1234`. When clicking some wpForo links (going to the next page on forums, synching user profiles, regenerating topic statistics), wpForo tries to do the action but it is blocked by some browsers (Chrome, Edge) and user/admin is sent to an "about:blank#blocked" screen.

After some debugging, I have discovered that the issue is that wpForo calls a function `can_do` in Actions.php, which then calls `wpforo_get_request_uri` in functions.php, which then eventually calls `wpforo_fix_url`. In this last function, the URL is being rewritten with an escape code for the colon in our site URL. For example:

[15-Dec-2022 03:05:00 UTC] old url: http://mysite.mybox.com:1234/wp-admin/admin.php?page=wpforo-overview&wpfaction=synch_user_profiles&_wpnonce=08564289f1
[15-Dec-2022 03:05:00 UTC] new url: http://mysite.mybox.com%3a1234/wp-admin/admin.php?page=wpforo-overview&wpfaction=synch_user_profiles&_wpnonce=08564289f1

Notice that in the second 'new url' after `wpforo_fix_url` is called, the colon is converted to %3a. This raises Chrome/Edges alert, because it seems like a site is trying to redirect me to another site.

If I comment out `wpforo_fix_url` in `wpforo_get_request_uri`, then everything runs as it should and all of the actions can run without Chrome choking.

This is the cause of this bug report: https://wpforo.com/community/general-forums-bug-reports/updating-user-statistics-leads-to-blank/

2 Replies
Posts: 33
(@mmlitvin)
Trusted Member
Joined: 1 year ago

I am seeing the same problem !

Reply
Chris
Posts: 3652
(@chris)
Famed Member
Joined: 2 years ago

Hi  @mirish,

Thank you for the wpforo_fix_url() function.

We will try to fix the problem with :port and it would be fixed in the new version of the plugin.

Reply