"Quote Edit Ban" is a third party plugin, does XF checks all security related stuff?

S

sajal

Active member
Hello Team,

We want to purchase following:
xenforo.com

[DCom] Quote Edit Ban

The prohibition on editing applies to quotes containing a link to the quoted message (i.e. added using the "Reply" button) Prohibition to change the quoted text. Cannot be modified using direct HTML editing in the browser console. Works even...
xenforo.com xenforo.com

But, it takes us to third-party site and asking the "XF License Token" before we can buy it? Is it safe and OK? Does the XF team checks all plugins for security related stuff?

Thanks in advance.
 
Sort by date Sort by votes
sajal said:
Hello Team,

We want to purchase following:
xenforo.com

[DCom] Quote Edit Ban

The prohibition on editing applies to quotes containing a link to the quoted message (i.e. added using the "Reply" button) Prohibition to change the quoted text. Cannot be modified using direct HTML editing in the browser console. Works even...
xenforo.com xenforo.com

But, it takes us to third-party site and asking the "XF License Token" before we can buy it? Is it safe and OK? Does the XF team checks all plugins for security related stuff?

Thanks in advance.
Click to expand...

Yes, it's just to validate your license, the only information they can get is what your domain is, and when the license expires.

Many developer sites do this to ensure only Xenforo licensed owners are acquiring their addons.
 
Upvote 0 Downvote
@Dragonfruit Thanks for your reply. Would you please elaborate a bit on about XF team's auditing procedure before it lists any third party plugin on the official plugins site? Do they check the code quality and authenticity of the plugin if the plugin is doing exactly what's supposed to do and nothing more (like reading other data without permissions...)?
 
Upvote 0 Downvote
sajal said:
@Dragonfruit Thanks for your reply. Would you please elaborate a bit on about XF team's auditing procedure before it lists any third party plugin on the official plugins site? Do they check the code quality and authenticity of the plugin if the plugin is doing exactly what's supposed to do and nothing more (like reading other data without permissions...)?
Click to expand...
You need to ask staff that. But considering they did post it on the official XenForo resources, I’d trust it.
 
Upvote 0 Downvote
Thanks @Dragonfruit.

@Brogan Would you please elaborate a bit on about XF team's auditing procedure before it lists any third party plugin on the official plugins site? Do they check the code quality and authenticity of the plugin if the plugin is doing exactly what's supposed to do and nothing more (like reading other data without permissions...)?
 
Upvote 0 Downvote
sajal said:
Thanks @Dragonfruit.

@Brogan Would you please elaborate a bit on about XF team's auditing procedure before it lists any third party plugin on the official plugins site? Do they check the code quality and authenticity of the plugin if the plugin is doing exactly what's supposed to do and nothing more (like reading other data without permissions...)?
Click to expand...
No, they don't do such a process. That would be a monumental task with the amount of 3rd party work that is contributed. If you are concerned about a 3rd party addon, you'll need to have someone with the necessary expertise audit the code used to build the addon. Just because it's posted in the resources section here, doesn't mean it's officially endorsed by the XenForo company itself.
 
Upvote 0 Downvote
You must log in or register to reply here.
Top Bottom