2

on one of our Wordpress application we have Cloudflare, and from a month ago we noticed a problem, that our javascripts are not loading. The url is: https://somedomain.com/wp-admin/load-scripts.php?c=0&load%5B%5D=hoverIntent,common,admin-bar,heartbeat,autosave,wp-ajax-response,jquery-color,wp-lists,jquery-query,admin-comments,suggest,jquer&load%5B%5D=y-ui-mouse,jquery-ui-sortable,postbox,tags-suggest,tags-box,word-count,post,editor-expand,thickbox,shortcode,wp-plupload,mediael&load%5B%5D=ement,wp-mediaelement,media-views,media-editor,media-audiovideo,mce-view,image-edit,svg-painter,wp-auth-check,jquery-ui-tabs,jqu&load%5B%5D=ery-ui-draggable,jquery-ui-slider,jquery-touch-punch,iris,wp-color-picker,media-upload,wp-pointer,editor,wplink,wp-embed&ver=4.8.9

When we enter this url in our browser it shows Cloudflare page and captcha to enter "One more step. Please complete the security check to access.." So probably the url is too long, and Cloudflare Owasp security see problems in that.

This problem comes probably from Wordpress load-scripts.php file (code below), which join files in one, and we have a lot of plugins.

What can we do with that?

  1. We could try to rewrite that code, and split this file to several, but we would like to not modify Wordpress file :/
  2. Maybe there is any plugin which does this?
function _print_scripts() {
    global $wp_scripts, $compress_scripts;
    $zip = $compress_scripts ? 1 : 0;
    if ( $zip && defined('ENFORCE_GZIP') && ENFORCE_GZIP )
        $zip = 'gzip';
    if ( $concat = trim( $wp_scripts->concat, ', ' ) ) {
        if ( !empty($wp_scripts->print_code) ) {
            echo "\n<script type='text/javascript'>\n";
            echo "/* <![CDATA[ */\n"; // not needed in HTML 5
            echo $wp_scripts->print_code;
            echo "/* ]]> */\n";
            echo "</script>\n";
        }
        $concat = str_split( $concat, 128 );
        $concat = 'load%5B%5D=' . implode( '&load%5B%5D=', $concat );
        $src = $wp_scripts->base_url . "/wp-admin/load-scripts.php?c={$zip}&" . $concat . '&ver=' . $wp_scripts->default_version;
        echo "<script type='text/javascript' src='" . esc_attr($src) . "'></script>\n";
    }
    if ( !empty($wp_scripts->print_html) )
        echo $wp_scripts->print_html;
}
Wojciech A.
  • 174
  • 1
  • 13
  • 1
    My wordpress foo is not too strong, but have you tried setting `define( 'CONCATENATE_SCRIPTS', false );` in your wp-config.php? This might be a quick solution to have your site up and running. This will slightly slow down the initial load of the wp-admin area. – Augusto Apr 02 '19 at 13:00

1 Answers1

0

Enable Auto Minify

  • Log into the dashboard.
  • Select your account and website.
  • Go to Speed > Optimization.
  • Select the file types to minify.

check your wordpress settings.


Try to use wp_enqueue_script

add_action('wp_enqueue_scripts','load_script');

function load_script() {
    wp_enqueue_script( 'jsfile', plugins_url( '/js/jsfile.js', __FILE__ ));
}

where load_script is the handler from wp_register_script. Please check maximum browsers url length and load-script.php not loading, hope this help.

user11717481
  • 1
  • 9
  • 15
  • 25