Open yuvipanda opened 9 years ago
Likely a good suggestion, but a counter thought is: What happens if you're running WordPress in Sandstorm and you disable your Sandstorm integration plugin and can no longer authenticate?
WP is notorious for being insecure when left unupdated
This is less of a problem on Sandstorm. The WordPress Sandstorm app only exposes static content to the outside world, disallows outgoing network requests, and is tightly sandboxed from the rest of your machine. There's a lot less to fear than with a standard WordPress install.
Switch this to use a WP plugin than a fork.
Much of the Sandstorm integration is already in a plugin. In fact, it's a must use plugin, so @ocdtrekkie's concern does not apply. I agree that it would be awesome if I didn't need to maintain a fork, but there are some obstacles:
There are a few places (e.g. here and here) where the WordPress code really does need to be modified to place nicely with Sandstorm.
Some of these issues could be resolved by getting a little fancy with PHP's output buffering. You could ob_start()
during your plugin's init and then during a WP shutdown
hook you could ob_get_contents()
, replace the target
attributes to your liking with WP's links_add_target()
function, and then print your modified output.
I know that won't take care of all the patches you need to make but maybe it would be easier to maintain the fork with fewer patches?
Just a thought.
Wow, output buffering looks like it could really come in handy sometimes. I'm not sure that it is worth the trouble in this particular case, but it definitely seems useful to know about.
This issue was moved to wpsandstorm/wordpress-sandstorm#3
WP is notorios for being insecure when left unupdated, and updating is hard when using forks :) Switch this to use a WP plugin than a fork.