search

usefulteam / jwt-auth

WordPress JSON Web Token Authentication
https://wordpress.org/plugins/jwt-auth/
122 stars 48 forks source link

Plugin causing Javascript issues on other plugins #21

Closed tibidibtibo closed 3 years ago

tibidibtibo commented 3 years ago

I have some troubles with 'jwt-auth' on my website using Theme X.

When I try to open the Theme X editor (/x/theme-options), it fails with the followings javascript errors :

In one picture : image

Here is the text :

app.514eb0c.js:42 

Failed to inflate gzip data buffer error
app.514eb0c.js:42 

TypeError: Cannot read property 'groups' of undefined
    at app.514eb0c.js:42
    at r (lodash.min.js?ver=4.17.19:88)
    at db (app.514eb0c.js:42)
react-dom.min.js?ver=16.13.1:125 

TypeError: Cannot read property 'reduce' of undefined
    at app.514eb0c.js:42
    at r (lodash.min.js?ver=4.17.19:88)
    at app.514eb0c.js:42
    at r (lodash.min.js?ver=4.17.19:88)
    at app.514eb0c.js:42
    at r (lodash.min.js?ver=4.17.19:88)
    at Ia (app.514eb0c.js:42)
    at app.514eb0c.js:42
    at app.514eb0c.js:42
    at Object.useMemo (react-dom.min.js?ver=16.13.1:216)
app.514eb0c.js:42 

Uncaught (in promise) TypeError: Cannot read property 'reduce' of undefined
    at app.514eb0c.js:42
    at r (lodash.min.js?ver=4.17.19:88)
    at app.514eb0c.js:42
    at r (lodash.min.js?ver=4.17.19:88)
    at app.514eb0c.js:42
    at r (lodash.min.js?ver=4.17.19:88)
    at Ia (app.514eb0c.js:42)
    at app.514eb0c.js:42
    at app.514eb0c.js:42
    at Object.useMemo (react-dom.min.js?ver=16.13.1:216)

I seems that is a mess in the javascript resources ! I desactivated all others plugins on my website and only 'jwt-auth' is causing this issue.

app.514eb0c.js is a static file from Cornerstone, a plugin used by Theme X to edit pages. The location is : /www/wp-content/plugins/cornerstone/assets/dist/js

Is anything the plugin trying to minify or uglify ? Is there a dependencies conflict (lodash ? react ?) ? I looked at the plugin's code but I'm not really good in PHP ^^

Any idea ?

Thanks !

contactjavas commented 3 years ago

Hi @tibidibtibo , I can't go deeper for now, but this JWT-Auth plugin has nothing to do with JavaScript directly. But if the theme is doing some REST API request to your site via custom endpoint, then you might need to whitelist them. There is a whitelisting section in the doc you can use for now.

tibidibtibo commented 3 years ago

Hi @tibidibtibo , I can't go deeper for now, but this JWT-Auth plugin has nothing to do with JavaScript directly. But if the theme is doing some REST API request to your site via custom endpoint, then you might need to whitelist them. There is a whitelisting section in the doc you can use for now.

Thanks !

You're right, the problem was on api internal request.

I was trapped by another request "successful but not" !

Adding this endpoint to whitelist fixed it :-)