Recent Posts

1

Virtuemart Development and bug reports / Re: Tax & Calculation Rules Wrong Dates

« Last post by diri on Today at 09:23:24 »

I bet it's caused by some Javascript.

Did you check scripts being active at the very time?

2

Your Live Sites / Re: Online bookstore

« Last post by artonweb on Today at 07:06:21 »

Thank you for your review.
I will fix it soon

3

Your Live Sites / Re: Online bookstore

« Last post by jjk on Yesterday at 22:27:06 »

Well done. The only small error I can see is:
GEThttps://kyklosbookstore.gr/templates/horme_3/js/custom.js
[HTTP/2 404 Not Found 74ms]

4

Virtuemart Development and bug reports / Re: 1054 Unknown column 'Array' in 'where clause after update to 3.8.6 ** SOLVED **

« Last post by patosal on Yesterday at 20:26:42 »

Please test http://dev.virtuemart.net/attachments/1276/com_virtuemart.3.8.7.10378.zip

THIS worked! THANK YOU VERY MUCH!

5

Templating & Layouts / Re: [VM2] how to customize VM search results page?

« Last post by GJC Web Design on Yesterday at 19:29:22 »

or pass $this->keyword to your sublayout

echo shopFunctionsF::renderVmSubLayout($this->productsLayout,array('products'=>$products,'currency'=>$this->currency,'products_per_row'=>$this->perRow,'showRating'=>$this->showRating,'keyword'=>$this->keyword));


and at the other end

$keyword = $viewData['keyword'];

might work

6

Virtuemart Development and bug reports / Re: [3.8.6] Admin category filter on products do not work with spaces on subcat

« Last post by sirius on Yesterday at 17:36:32 »

Ok, jenkinhill

So I will do another bunch of tests to figure out where's the hiccup.

Thanks anyway 

7

Virtuemart Development and bug reports / Re: [3.8.6] Admin category filter on products do not work with spaces on subcat

« Last post by jenkinhill on Yesterday at 17:25:08 »

I am on testing/development version VM 3.8.7 10378  and find that subcats with spaces in their name work OK as a product filter.

Now found a VirtueMart 3.8.6 10373 site and checked - sub-categories work OK here, using the drop-down category selector.

I see there is a language string issue with the selector, the text on 3.8.6 10373 is "Unselect any product category" whereas on 3.8.7 10378 it is the correct "Select product category".

Not much help to you, though.

8

Security (https) / Performance / SEO, SEF, URLs / Re: Content Security Policy and inline scripts

« Last post by sirius on Yesterday at 17:10:04 »

You know CSP is another security layer.
CSP is a good point to protect distant script, because if DNS poisoning occur or MITM at the source of your file (any distant libraries for example) it could replace the script loaded on your site.
It's always better to reach maximum security but if your inline script get hacked it would mean that your entire site or whole server is compromised.

And put inline scripts into a file, well I don't know, it's at the dev's discretion. But for some, if they are inline that's in most case for a good reason.

regards

9

Security (https) / Performance / SEO, SEF, URLs / Re: Content Security Policy and inline scripts

« Last post by Huubs on Yesterday at 16:54:56 »

Sorry at this time of wtiting, github is down.

Anyway, I suppose this plugin just help to put some csp code in the header.
But this is not the only thing to do, you must provide the hash of the file and put it next to the file that should be included in your code.

Just look here for reference : https://content-security-policy.com/hash/
Here for hash of your files : https://zinoui.com/tools/csp-hash
You can also try some "assistant" to help to implement, just this one for example: https://addons.mozilla.org/fr/firefox/addon/csp-generator/

I understand, but I presume this would go automatically.

But after doing some more extensive research I think removing all the inline scripts is the best thing to do here. Is that even a possibility? Certain inline scripts can easily be moved to a javascript file. Is this something the Virtuemart team is considering?

I now have a working CSP header myself, only the inline scripts are now a problem. I can use the unsafe-inline but that defeats the purpose of the CSP. I want to clean it all up.

10

Virtuemart Development and bug reports / Re: Tax & Calculation Rules Wrong Dates

« Last post by leoalv on Yesterday at 16:48:27 »

Gentlemen developers, any news about this? apparently it is a bug, because I have also done tests on localhost and it has the same problem.

Regards