plugin check can now act on late_escaping too (as I cleaned up transl… #14
futttaAnnotations
10 errors and 3 warnings
|
WordPress.WP.I18n.MissingTranslatorsComment:
classes/critcss-inc/admin_settings_explain.php#L45
A function call to esc_html__() with texts containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
classes/critcss-inc/admin_settings_explain.php#L52
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$ccss_explanation'.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
classes/autoptimizeConfig.php#L95
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
classes/autoptimizeConfig.php#L96
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'apply_filters'.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
classes/autoptimizeConfig.php#L210
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
classes/autoptimizeConfig.php#L212
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'admin_url'.
|
|
WordPress.Security.EscapeOutput.UnsafePrintingFunction:
classes/autoptimizeConfig.php#L337
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
classes/autoptimizeConfig.php#L341
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$critcss_settings_url'.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
classes/autoptimizeConfig.php#L347
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'autoptimizeStyles'.
|
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
classes/autoptimizeConfig.php#L370
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$_rapidload_link'.
|
|
WordPress.WP.EnqueuedResourceParameters.MissingVersion:
classes/autoptimizeCriticalCSSSettings.php#L100
Resource version not set in call to wp_enqueue_script(). This means new versions of the script may not always be loaded due to browser caching.
|
|
WordPressVIPMinimum.Performance.WPQueryParams.PostNotIn_exclude:
classes/autoptimizeCriticalCSSSettingsAjax.php#L261
Using exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.
|
|
WordPressVIPMinimum.Performance.WPQueryParams.PostNotIn_exclude:
classes/autoptimizeCriticalCSSSettingsAjax.php#L275
Using exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.
|