"Quote Edit Ban" is a third party plugin, does XF checks all security related stuff?

sajal

Active member
Hello Team,

We want to purchase following:

But, it takes us to third-party site and asking the "XF License Token" before we can buy it? Is it safe and OK? Does the XF team checks all plugins for security related stuff?

Thanks in advance.
 
Hello Team,

We want to purchase following:

But, it takes us to third-party site and asking the "XF License Token" before we can buy it? Is it safe and OK? Does the XF team checks all plugins for security related stuff?

Thanks in advance.

Yes, it's just to validate your license, the only information they can get is what your domain is, and when the license expires.

Many developer sites do this to ensure only Xenforo licensed owners are acquiring their addons.
 
@Dragonfruit Thanks for your reply. Would you please elaborate a bit on about XF team's auditing procedure before it lists any third party plugin on the official plugins site? Do they check the code quality and authenticity of the plugin if the plugin is doing exactly what's supposed to do and nothing more (like reading other data without permissions...)?
 
@Dragonfruit Thanks for your reply. Would you please elaborate a bit on about XF team's auditing procedure before it lists any third party plugin on the official plugins site? Do they check the code quality and authenticity of the plugin if the plugin is doing exactly what's supposed to do and nothing more (like reading other data without permissions...)?
You need to ask staff that. But considering they did post it on the official XenForo resources, I’d trust it.
 
Thanks @Dragonfruit.

@Brogan Would you please elaborate a bit on about XF team's auditing procedure before it lists any third party plugin on the official plugins site? Do they check the code quality and authenticity of the plugin if the plugin is doing exactly what's supposed to do and nothing more (like reading other data without permissions...)?
 
Thanks @Dragonfruit.

@Brogan Would you please elaborate a bit on about XF team's auditing procedure before it lists any third party plugin on the official plugins site? Do they check the code quality and authenticity of the plugin if the plugin is doing exactly what's supposed to do and nothing more (like reading other data without permissions...)?
No, they don't do such a process. That would be a monumental task with the amount of 3rd party work that is contributed. If you are concerned about a 3rd party addon, you'll need to have someone with the necessary expertise audit the code used to build the addon. Just because it's posted in the resources section here, doesn't mean it's officially endorsed by the XenForo company itself.
 
Back
Top Bottom