×
Kunena 5.2 Beta 1 Released (Yesterday)

The Kunena team is thrilled to announce the first public beta release of Kunena 5.2, a native Joomla extension for Joomla 3.9. This is a development release and should be only be used for testing; this version is not recommended for live websites at this stage.

The purpose of this release is to encourage testing by downloading, installing and identifying any problems or shortcomings that people may discover. K 5.2.0 B1 is stable and we are aware that people will discover defects. We encourage you to use the forum to report defects, as soon as they are discovered, so that the development team can work through the problems before the release of K 5.1 as a stable product. Reporting defects does not mean that the problems can or will be fixed. The Kunena team is looking forward to hearing your feedback on how well we have achieved our design goals.

Solved Editing/Disabling Open Graph Meta Tags [SOLVED]

More
1 year 7 months ago - 1 year 7 months ago #1 by OpenTexts
Hello, I have found a security hole with Open Graph tags.

When I set to show only display names (not logins), they work normally with Kunena. But if I open a page source, I can find there a real login as a meta tag (<meta property="og:author").

How can I completely disable generating this?

Thank you.
Last edit: 1 year 7 months ago by OpenTexts. Reason: Removing a forum report information. Setting a [SOLVED] status.

Please Log in or Create an account to join the conversation.

More
1 year 7 months ago #2 by ssh
Let's wait for a fix.

in the meanwhile, you can comment the line 453 in /components/com_kunena/controller/topic/item/display.php;

//$this->setMetaData('og:author', $this->topic->getAuthor()->username, 'property');
The following user(s) said Thank You: OpenTexts

Please Log in or Create an account to join the conversation.

More
1 year 7 months ago #3 by OpenTexts

ssh wrote: Let's wait for a fix.

in the meanwhile, you can comment the line 453 in /components/com_kunena/controller/topic/item/display.php;

//$this->setMetaData('og:author', $this->topic->getAuthor()->username, 'property');


Thank you! Partially it works. But I have found one more place in that code, which also displays a name:
"@type": "Person",
        "name": "LOGIN_NAME"

Please Log in or Create an account to join the conversation.

More
1 year 7 months ago #4 by ruud
Hi, og:author is a non-existing tag and should NOT be used.
see below the information from facebook when using the og:author tag:

sharing = caring
Attachments:

Please Log in or Create an account to join the conversation.

More
1 year 7 months ago - 1 year 7 months ago #5 by OpenTexts

ruud wrote: Hi, og:author is a non-existing tag and should NOT be used.
see below the information from facebook when using the og:author tag:

I have already disabled this tag as ssh wrote. But this "author" thing is more complicated than I thought before. At this Kunena official forum I don't see this mistake as I see on my site. IDK why.
Last edit: 1 year 7 months ago by OpenTexts.

Please Log in or Create an account to join the conversation.

More
1 year 7 months ago #6 by OpenTexts
I have found a temporary solution for this issue. As ssh wrote above about a file location, where we can disable Open Graph (site_root/components/com_kunena/controller/topic/item/display.php), we can comment another line to completely block any user login leaking there:
//$tmp->{'name'}                  = $this->topic->getLastPostAuthor()->username;

Please Log in or Create an account to join the conversation.

  • Not Allowed: to create new topic.
  • Not Allowed: to reply.
  • Not Allowed: to edit your message.
Time to create page: 0.358 seconds