Open yuvipanda opened 9 years ago
ocdtrekkie
commented
9 years ago Likely a good suggestion, but a counter thought is: What happens if you're running WordPress in Sandstorm and you disable your Sandstorm integration plugin and can no longer authenticate?
dwrensha
commented
9 years ago WP is notorious for being insecure when left unupdated
This is less of a problem on Sandstorm. The WordPress Sandstorm app only exposes static content to the outside world, disallows outgoing network requests, and is tightly sandboxed from the rest of your machine. There's a lot less to fear than with a standard WordPress install.
Switch this to use a WP plugin than a fork.
Much of the Sandstorm integration is already in a plugin. In fact, it's a must use plugin, so @ocdtrekkie's concern does not apply. I agree that it would be awesome if I didn't need to maintain a fork, but there are some obstacles:
fabacab
commented
8 years ago There are a few places (e.g. here and here) where the WordPress code really does need to be modified to place nicely with Sandstorm.
Some of these issues could be resolved by getting a little fancy with PHP's output buffering. You could ob_start() during your plugin's init and then during a WP shutdown hook you could ob_get_contents(), replace the target attributes to your liking with WP's links_add_target() function, and then print your modified output.
I know that won't take care of all the patches you need to make but maybe it would be easier to maintain the fork with fewer patches?
Just a thought.
dwrensha
commented
8 years ago Wow, output buffering looks like it could really come in handy sometimes. I'm not sure that it is worth the trouble in this particular case, but it definitely seems useful to know about.
xet7
commented
6 years ago This issue was moved to wpsandstorm/wordpress-sandstorm#3
WP is notorios for being insecure when left unupdated, and updating is hard when using forks :) Switch this to use a WP plugin than a fork.