References disappearing from ABT

[glorious1]

Not a bug report since it's not predictably reproducible.

Has anyone else experienced references disappearing from ABT when coming back to a page? At first it seemed happen to after viewing revisions, (even if then immediately returning to the editor). I spent hours troubleshooting. Disabling all plugins and using default theme made it stop, but as I slowly added the plugins back and the theme, the references never disappeared again. Now I've found it doesn't require going to revisions; it happens when I come back to a page after closing it. I can't say this is reproducible at this point. Before I spend more time troubleshooting, I'm just wondering if anyone else experiences this.

Although the references disappear from the plugin, the citations and reference list remain on the page. When I re-import the references to ABT, some get put in the cited section and some in uncited. If I make any changes by citing something at that point, some citations break and have to be deleted in html mode and recited.

[dsifford]

When you say "references disappearing from ABT when coming back to a page", what specifically are you referring to? What exactly is disappearing?

[glorious1]

Sorry for not being clear. I mean when I bring up abt in the right sidebar, cited refs shows 0, uncited refs shows 0, and whatever the third category is shows 0. The refs I had there before are gone

[glorious1]

I tried more troubleshooting this morning but the problem defies me.

I created a test page, imported some references, and cited a few. I saved the draft, closed its browser tab, then reopened the draft again for editing. All references were gone from ABT's Cited Items and Uncited Items. I reimported them, saved, and tried again. The references repeatedly disappeared doing this.

Using the plugin Health Check and Troubleshooting's troubleshooting mode, I enabled only ABT. All other plugins disabled and using default theme. Reopened the page, and the references were there in ABT. So now it's a simple matter of enabling plugins and theme batchwise until the problem re-occurs, right? Wrong - it never came back. This is the same thing that happened in my previous troubleshooting.

So I created a new test page with references, saved, closed, and reopened it. Now the references were gone again. I tried it with all Firefox browser extensions disabled, I tried it in Safari. Still the references were gone every time I opened the page (I re-imported them each test before saving).

Somehow doing the troubleshooting health check fixes it for only that one file.

Thinking maybe it's one of my references, I tried importing a new, small set of references. Still disappeared. I tried it with only 2 references added by DOI, no importing. Still disappeared.

I'm stumped now, don't know what else to try.

[dsifford]

Does this happen reliably? Can I reproduce?

[glorious1]

It happens reliably for me, but I can't say it will for you or anyone else. Here's what I do:

1. In WordPress back end, Pages > Add New
2. In the new page, go to ABT and import references or add them by DOI.
3. Cite one or more of them on the page.
4. Save draft.
5. Reopen the page from the Pages > All Pages
6. In the page, open ABT

For me, the citation and reference are still on the page, but all references are gone from ABT's Cited Items and Uncited Items.

[dsifford]

Gotcha. I'll try and check into it soon.

[glorious1]

I've stumbled on a pretty good clue what's going on here. It may be a conflict with the plugin Wordfence Security.

In the weekly report it sends (portion pasted below), it shows my IP blocked numerous times, and the details indicate it is related to references, for cross-site scripting.

To test, I deactivated Wordfence, created a new page, imported references, cited one, saved as draft, reopened the page, and voila, the references were still there (my prior testing did not go through the entire process with plugins disabled).

Does it make sense it would suspect foul play for cross-site scripting? I've already posted the issue in the Wordfence forums.

Here is part of my last Wordfence report. The first two are likely legitimate blocks (China); the rest are my IP address:

Recently Blocked Attacks Time IP / Action May 25, 2019 4:44am 112.3.24.100 (China) Blocked for Directory Traversal in query string: template=tag_(){};@unlink(FILE);eval($POST[qazw]);print(md5(999));{//../rss May 24, 2019 7:38pm
120.92.102.182 (China) Blocked for Directory Traversal in query string: template=tag(){};@unlink(FILE);eval($_POST[qazw]);print(md5(999));{//../rss May 24, 2019 9:51am < my IP > (United States) Blocked for XSS: Cross Site Scripting in POST body: state={"references":[{"type":"article-journal","title":"Treefall in a mixed oak-pine coastal plain forest:\xea May 24, 2019 9:14am < my IP > (United States) Blocked for XSS: Cross Site Scripting in POST body: state={"references":[{"publisher":"Wiley","DOI":"10.2307/1940083","type":"article-journal","page":"1559-15\xea May 24, 2019 9:14am < my IP > (United States) Blocked for XSS: Cross Site Scripting in POST body: state={"references":[{"publisher":"Wiley","DOI":"10.2307/1940083","type":"article-journal","page":"1559-15\xea May 24, 2019 9:12am < my IP > (United States) Blocked for XSS: Cross Site Scripting in POST body: state={"references":[{"type":"article-journal","title":"Treefall in a mixed oak-pine coastal plain forest:\xea May 24, 2019 9:10am < my IP > (United States) Blocked for XSS: Cross Site Scripting in POST body: state={"references":[{"type":"article-journal","title":"Treefall in a mixed oak-pine coastal plain forest:\xea May 24, 2019 9:07am < my IP > (United States) Blocked for XSS: Cross Site Scripting in POST body: state={"references":[{"type":"article-journal","title":"Treefall in a mixed oak-pine coastal plain forest:\xea May 24, 2019 9:07am < my IP > (United States) Blocked for XSS: Cross Site Scripting in POST body: state={"references":[{"type":"article-journal","title":"Treefall in a mixed oak-pine coastal plain forest:\xea May 24, 2019 9:05am < my IP > (United States) Blocked for XSS: Cross Site Scripting in POST body: state={"references":[{"type":"article-journal","title":"Treefall in a mixed oak-pine coastal plain forest:\xea and 20 additional attacks

[dsifford]

Interesting... Can you share whatever info or upgrades you have installed/enabled with WordFence? I use wordfence on a site I maintain and I've not run into this, but from the logs you posted, that looks like it might be the issue.

[glorious1]

There might be over a hundred settings in Wordfence, and I don't remember what I've fiddled with, and don't really know what half of them do. I reset the plugin to factory install, went through the complete test again, and the problem did NOT occur.

I did notice while I was going through the settings (before resetting), there were a couple of entries in whitelisted URL/Param section (All Options > Firewall Options > Whitelisted URLs. One of them looks reference related. I didn't enter them; they were automatically added.

[dsifford]

Hmm.. very strange.

So are we good to close this issue down for now until it shows up again? Everything back in working order now?

[glorious1]

Yes, I think things are working for now, although I haven’t had time to do thorough testing.

FYI, Wordfence support replied, and suggested a way to whitelist the possibly offending activity:

"I've spoken with the developer about this. It seems it's likely getting caught in our XSS filter due to the \xea string at the end. And it should be just fine to whitelist it.

1. Go to Wordfence > All Options
2. Scroll down until you find Whitelisted URLs
3. Put / for the URL
4. Select Param Type: POST Body for the dropdown
5. Put state for the Param Name
6. Click Add, and then Save Changes

The reason your IP is listed is the request is coming from your site. The request was being blocked, but not your actual IP.

Please try this and let me know how it goes. It may also clear up some of the oddities you were mentioning with the Academic Blogger’s Toolkit (ABT) plugin."

Post Link: https://wordpress.org/support/topic/wordfence-blocking-me/#post-11581613 https://wordpress.org/support/topic/wordfence-blocking-me/#post-11581613

On May 28, 2019, at 9:35 AM, Derek Sifford notifications@github.com wrote:

Hmm.. very strange.

So are we good to close this issue down for now until it shows up again? Everything back in working order now?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/dsifford/academic-bloggers-toolkit/issues/566?email_source=notifications&email_token=ABNZ5QI2SIPE4MJBXSM6CX3PXVNMHA5CNFSM4HPIGYJKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODWMWQWQ#issuecomment-496592986, or mute the thread https://github.com/notifications/unsubscribe-auth/ABNZ5QPU4NFDRJ3YCAHHXVTPXVNMHANCNFSM4HPIGYJA.