[theme-reviewers] Question about footer credit function
Angelo Bertolli
angelo.bertolli at gmail.com
Fri Nov 4 19:11:34 UTC 2011
To prevent people from removing the credit link. Which, while it does
not violate the GPL, in my opinion is an attempt to find a loophole in
the policy that users who download themes should be allowed to remove
credit links if they want.
Plus, like you said this opens the door for themes to insert more links
later (for which the theme reviewers should check, meaning more work).
It's better just to have a policy of not allowing obfuscated code.
On 11/04/2011 02:59 PM, Edward Caissie wrote:
> I guess I was not clear on my opinion ... I would *not* approve it
> either. Just saying I'm curious why base64 is being used on such an
> innocuous link.
>
>
> Cais.
>
>
> On Fri, Nov 4, 2011 at 2:44 PM, Simon Prosser <pross at pross.org.uk
> <mailto:pross at pross.org.uk>> wrote:
>
> I would NOT let it in, take a look at the code again, he has split
> the function base64_decode() into base64 '_' decode to get round the
> uploader
>
>
> On 4 November 2011 18:29, Edward Caissie <edward.caissie at gmail.com
> <mailto:edward.caissie at gmail.com>> wrote:
>
> Given that the obscured code is not a posing any concerns I
> would be tempted to let it through, but that just leads to
> potential unscrupulous updates; not that I would expect them but
> part of the reasoning behind not allowing base64 encoded items
> is to keep the theme code "human-readable" as the repository
> should be used as a learning tool besides it's more commonly
> associated distribution service functionality.
>
> I would be interested in what compelled the author to choose to
> encode this link, even as a "Mallory-Everest" idea it does not
> fit with the "spirit of the repository".
>
>
> Cais.
>
>
>
> On Fri, Nov 4, 2011 at 4:57 AM, Mikkel W. Breum
> <mikkel at wpkitchen.com <mailto:mikkel at wpkitchen.com>> wrote:
>
> Hi Tyler
>
> The code is trying to hide that it's adding a credit link to
> the author. It's not doing anything dangerous, but it's not
> allowed.
> You can take the entire code and replace all the encoded
> strings with the decode version
> (use http://www.opinionatedgeek.com/dotnet/tools/base64decode/
> or a similar tool for that) then You'll see that its just
> encoded strings representing some links and even the name of
> the base64_decode function.
>
> When run in its current form the function simply returns the
> following string:
>
> "<a href="http://wordpress.org/">WordPress</a> and <a
> href="http://www.foxload.com/naturefox-wordpress-theme/">NatureFox</a>"
>
>
> ----
>
> Mikkel Breum
> wpKitchen.com <http://wpKitchen.com>
>
> mikkel at wpkitchen.com <mailto:mikkel at wpkitchen.com>
> phone: +49 176 23885016 <tel:%2B49%20176%2023885016>
> skype: mikwolbre
>
> On 04/11/2011, at 06.53, Merci Javier wrote:
>
>>
>> Agreed. That's a fail.
>>
>> Couldn't even decode it with one of tools given
>> http://wordpress.org/support/topic/theme-decoding-thread?replies=43
>> Just curious what was there.
>>
>>
>>
>> On Thu, Nov 3, 2011 at 10:16 PM, Doug Stewart
>> <zamoose at gmail.com <mailto:zamoose at gmail.com>> wrote:
>>
>> That base64 should be enough to FAIL immediately.
>>
>> On Fri, Nov 4, 2011 at 1:12 AM, Tyler Cunningham
>> <seizedpropaganda at gmail.com
>> <mailto:seizedpropaganda at gmail.com>> wrote:
>> > Hey all,
>> > Finally had some time to sit down and do some reviews
>> so I was clearing out
>> > some of the priority 1 tickets and came across
>> something I wanted to run by
>> > some of the more senior review members. Check out the
>> following diff:
>> > http://themes.trac.wordpress.org/changeset?old_path=/naturefox/1.0.5&new_path=/naturefox/1.0.6#file8 <http://themes.trac.wordpress.org/changeset?old_path=/naturefox/1.0.5&new_path=/naturefox/1.0.6#file8>
>> > As soon as I saw the naturefox_credits function a red
>> flag came up. Should I
>> > ask the author what the purpose behind this is? Is
>> this a no-no?
>> > Thanks.
>> > Regards,
>> >
>> > Tyler Cunningham | Founder, COO - CyberChimps LLC
>> > @tylerbcunning
>> > http://gplus.to/tylercunningham
>> > http://linkedin.com/in/tylerbcunningham
>> > tyler at cyberchimps.com <mailto:tyler at cyberchimps.com>
>> >
>> >
>> > _______________________________________________
>> > theme-reviewers mailing list
>> > theme-reviewers at lists.wordpress.org
>> <mailto:theme-reviewers at lists.wordpress.org>
>> > http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>> >
>> >
>>
>>
>>
>> --
>> -Doug
>> _______________________________________________
>> theme-reviewers mailing list
>> theme-reviewers at lists.wordpress.org
>> <mailto:theme-reviewers at lists.wordpress.org>
>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>
>>
>> _______________________________________________
>> theme-reviewers mailing list
>> theme-reviewers at lists.wordpress.org
>> <mailto:theme-reviewers at lists.wordpress.org>
>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> <mailto:theme-reviewers at lists.wordpress.org>
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> <mailto:theme-reviewers at lists.wordpress.org>
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
>
>
> --
> My Blog: http://pross.org.uk/
> Plugins : http://pross.org.uk/plugins/
> Themes: http://wordpress.org/extend/themes/profile/pross
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> <mailto:theme-reviewers at lists.wordpress.org>
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
More information about the theme-reviewers
mailing list