[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fe5QMD-9k9vwKeeuehT6OraHQar715m_IlA1sObDc7xc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":22,"download_link":23,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":34,"analysis":55,"fingerprints":93},"iis-chinese-tag-permalink","IIS Chinese Tag Permalink","1.4","bossma","https:\u002F\u002Fprofiles.wordpress.org\u002Fbossma\u002F","\u003Cp>在IIS下使用Wordpress时，如果Url路径中包含中文，访问时会提示找不到页面或者404错误。\u003C\u002Fp>\n\u003Cp>这个插件就是用来解决这个问题的。\u003C\u002Fp>\n\u003Cp>这个插件上次更新还是遥远的2011年，7年多之后看到还有很多用户在用，所以在目前最新的4.9.8版本上测试了下，发现仍旧可以解决Url路径中包含中文的问题（不使用本插件的情况下URL路径中包含中文仍旧找不到页面）。同时欣喜的发现，不用再单独处理分页时的Url编码（测试环境为Win10+IIS10），不过为了兼容低版本WP，还是保留了相关代码。\u003C\u002Fp>\n\u003Cp>在目前的测试中，这个插件可以适配Url路径中包含index.php的情况，比如固定链接的结构为：\u002Findex.php\u002F%year%\u002F%monthnum%\u002F%day%\u002F%postname%\u002F，如果想去掉index.php，需要为IIS安装URL重写的插件。\u003C\u002Fp>\n","在IIS下使用Wordpress时，如果Url路径中包含中文，访问时会提示找不到页面或者404错误。",200,7934,100,2,"2019-10-23T02:48:00.000Z","5.3.21","3.1","",[20,21],"chinese-tag","iis","http:\u002F\u002Fblog.bossma.cn\u002Fphp\u002Fin-iis-wordpress-chinese-tag-permalinks-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fiis-chinese-tag-permalink.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":30,"avg_security_score":24,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},400,30,84,"2026-04-05T05:10:37.160Z",[35],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":43,"downloaded":44,"rating":25,"num_ratings":25,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":18,"tags":48,"homepage":53,"download_link":54,"security_score":24,"vuln_count":25,"unpatched_count":25,"last_vuln_date":26,"fetched_at":27},"permalink-validator","Permalink Validator","0.7","snakefoot","https:\u002F\u002Fprofiles.wordpress.org\u002Fsnakefoot\u002F","\u003Cp>WordPress 2.3 now includes validation of the permalink URL when using Apache web server,\u003Cbr \u002F>\nbut if using IIS then this plugin is still relevant.\u003C\u002Fp>\n\u003Cp>Permalink Validator helps Search Engine Optimization (SEO) as it prevents duplicate\u003Cbr \u002F>\ncontents on your WordPress blog:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Adds trailing back-slash if missing (Can also be done with \u003Ca href=\"http:\u002F\u002Fwww.alistercameron.com\u002F2007\u002F01\u002F12\u002Ftwo-wordpress-plugins-you-dont-need-and-shouldnt-use\u002F\" rel=\"nofollow ugc\">htaccess\u003C\u002Fa> or \u003Ca href=\"http:\u002F\u002Fcephas.net\u002Fblog\u002F2005\u002F07\u002F11\u002Ftrailing-slashes-iis-and-f5-big-ip\u002F\" rel=\"nofollow ugc\">isapi_rewrite\u003C\u002Fa>).\u003C\u002Fli>\n\u003Cli>Adds or removes www prefix according to your permalink structure (Can also be done with \u003Ca href=\"http:\u002F\u002Fandybeard.eu\u002F2007\u002F04\u002Fthe-ultimate-wordpress-htaccess-file.html\" rel=\"nofollow ugc\">htaccess\u003C\u002Fa> or isapi_rewrite).\u003C\u002Fli>\n\u003Cli>Forces a correct 404 page instead of showing an empty search result when using an invalid URL\u003C\u002Fli>\n\u003Cli>Works only on post, pages and categories. Archives based on date (Daily, Monthly, Yearly) and search-result-pages should use noindex. Feed and trackback pages should be added to the robots.txt.\u003C\u002Fli>\n\u003Cli>Fixes pagination for WP on IIS.\u003C\u002Fli>\n\u003Cli>Fixes trailing slash for pages and categories on WP 2.2 when not having trailing slash in post permalink structure.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>WordPress it very forgiving when supplying an URL that doesn’t match the\u003Cbr \u002F>\nactual permalink to a post or a page. This is caused by WordPress using some\u003Cbr \u002F>\nvery greedy wp_rewrite_rules, which accepts almost any URL as valid.\u003C\u002Fp>\n\u003Cp>This means that multiple URLs could be used to reach the page, which search engines\u003Cbr \u002F>\nsees a duplicate content and leads to penalty.\u003C\u002Fp>\n\u003Cp>For example it will accept the following permalink URL as valid:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>http:\u002F\u002Fexample.com\u002Fpost\u002Fhello-world\u002F2\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Even though the official URL is this:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>http:\u002F\u002Fexample.com\u002Fpost\u002Fhello-world\u002F\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Permalink Validator makes a hook to template_redirect, and then adds some\u003Cbr \u002F>\nextra validation of the URL supplied before actually calling the\u003Cbr \u002F>\ntheme-templates.\u003C\u002Fp>\n\u003Ch3>Version History\u003C\u002Fh3>\n\u003Cp>Version 0.8\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fixed PHP Warning: strpos() [function.strpos]: Empty delimiter\u003C\u002Fli>\n\u003Cli>Converted the PHP file from UTF8 to ANSI (Removed special BOM character in file beginning)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Version 0.7\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Permalink Validator will not perform redirect of POST server request\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Version 0.6\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fixed a redirection bug introduced in 0.5 when the front page is a page of posts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Version 0.5\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress 2.3 includes permalink validation (canonical urls) when using Apache, so this plugin should now only be used with IIS\u003C\u002Fli>\n\u003Cli>Added support for HTTPS urls\u003C\u002Fli>\n\u003Cli>Added support for special IIS installations where PATH_INFO and SCRIPT_NAME is the same\u003C\u002Fli>\n\u003Cli>Added small hack to exclude pages from validation (One is required to edit the source to use it)\u003C\u002Fli>\n\u003Cli>Added detection of the plugin \u003Ca href=\"http:\u002F\u002Fvapourtrails.ca\u002Fwp-keywords\" rel=\"nofollow ugc\">Jerome’s Keywords\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Version 0.4\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Better guessing of a proper REQUEST_URI\u003C\u002Fli>\n\u003Cli>Finds the proper REQUEST_URI when using isapi_rewrite\u003C\u002Fli>\n\u003Cli>Finds the proper REQUEST_URI when using IIS Mod-Rewrite\u003C\u002Fli>\n\u003Cli>Improved validation as it nows expects a proper REQUEST_URI (Guess Apache is now supported)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Version 0.3\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fixes trailing slash for pages and categories in WP 2.2 when using a post permalink structure without ending slash.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Version 0.2\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Added support for static front page.\u003C\u002Fli>\n\u003Cli>Added detection of integrated \u003Ca href=\"https:\u002F\u002Fbbpress.org\u002F\" rel=\"nofollow ugc\">BBPress\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Checks that WordPress has been started before adding hooks\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Version 0.1\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fixes REQUEST_URI for WP on IIS, which also fixes pagination.\u003C\u002Fli>\n\u003Cli>Handles permalink structure with or without index.php.\u003C\u002Fli>\n\u003Cli>Handles default permalink structure using only post-id.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Testing Procedures\u003C\u002Fh3>\n\u003Cp>For each of the different permalink structures:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Default permalink structure (Using query string)\u003C\u002Fli>\n\u003Cli>Permalink structure with index.php \u003C\u002Fli>\n\u003Cli>Permalink structure without index.php (Using ISAPI_rewrite)\u003C\u002Fli>\n\u003Cli>Permalink structure ending with .html\u003C\u002Fli>\n\u003Cli>All the above in a sub-directory\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Tries the following pages:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Front page and paged\u003C\u002Fli>\n\u003Cli>Static page\u003C\u002Fli>\n\u003Cli>Post page\u003C\u002Fli>\n\u003Cli>Category page and paged\u003C\u002Fli>\n\u003Cli>Front page as static page (WP 2.2+)\u003C\u002Fli>\n\u003Cli>Front page as post page (WP 2.2+)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contributors\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Ffucoder.com\u002Fcode\u002Fpermalink-redirect\u002F\" rel=\"nofollow ugc\">Scott Yang\u003C\u002Fa> for giving me the idea and the example of to how make this plugin.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.articulate.com\u002Fblog\u002F\" rel=\"nofollow ugc\">Gabe Anderson\u003C\u002Fa> for giving me the initiative to release this plugin.\u003C\u002Fli>\n\u003C\u002Ful>\n","Validates the URL used and if not matching the official permalink then it issues a HTTP 301 or HTTP 404 message.",10,10937,"2009-08-17T19:27:00.000Z","2.6","2.0.0",[49,50,21,51,52],"301","404","permalink","redirect","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fpermalink-validator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpermalink-validator.0.8.zip",{"attackSurface":56,"codeSignals":76,"taintFlows":83,"riskAssessment":84,"analyzedAt":92},{"hooks":57,"ajaxHandlers":72,"restRoutes":73,"shortcodes":74,"cronEvents":75,"entryPointCount":25,"unprotectedCount":25},[58,63,68],{"type":59,"name":60,"callback":61,"file":62,"line":43},"action","init","bossma_get_urf8_pathandurl","iis-chinese-tag-permalink.php",{"type":64,"name":65,"callback":66,"file":62,"line":67},"filter","get_pagenum_link","bossma_set_utf8_pagenumlink",11,{"type":59,"name":69,"callback":70,"file":62,"line":71},"parse_query","bossma_chinese_tag_encode",12,[],[],[],[],{"dangerousFunctions":77,"sqlUsage":78,"outputEscaping":80,"fileOperations":25,"externalRequests":25,"nonceChecks":25,"capabilityChecks":25,"bundledLibraries":82},[],{"prepared":25,"raw":25,"locations":79},[],{"escaped":25,"rawEcho":25,"locations":81},[],[],[],{"summary":85,"deductions":86},"The \"iis-chinese-tag-permalink\" v1.4 plugin exhibits a strong security posture based on the provided static analysis and vulnerability history. The plugin has zero identified CVEs, a clean vulnerability history, and importantly, its code analysis reveals no dangerous functions, no raw SQL queries, and all outputs are properly escaped. The absence of external HTTP requests and file operations further minimizes its potential attack surface.\n\nWhile the plugin's current codebase appears secure, the analysis also highlights a complete lack of any identified attack entry points such as AJAX handlers, REST API routes, or shortcodes. This could indicate that the plugin has a very limited functionality, or conversely, that the static analysis tools were unable to detect potential entry points that might exist in a more dynamic or complex plugin. The absence of nonce and capability checks is noted, but given the lack of identified entry points, this does not currently present an immediate risk.\n\nIn conclusion, the plugin demonstrates excellent adherence to secure coding practices, with no apparent vulnerabilities in its current state. The lack of historical vulnerabilities further reinforces this positive assessment. The primary area of consideration is the complete absence of detected attack surface, which warrants further investigation to understand the plugin's intended functionality and ensure no hidden entry points are overlooked.",[87,90],{"reason":88,"points":89},"No nonce checks found",5,{"reason":91,"points":89},"No capability checks found","2026-03-16T20:27:48.056Z",{"wat":94,"direct":99},{"assetPaths":95,"generatorPatterns":96,"scriptPaths":97,"versionParams":98},[],[],[],[],{"cssClasses":100,"htmlComments":101,"htmlAttributes":102,"restEndpoints":103,"jsGlobals":104,"shortcodeOutput":105},[],[],[],[],[],[]]