make script evaluation optional

includes/class-admin.php

@@ -116,6 +116,15 @@ class Admin extends SCLiveticker {
 			'scliveticker_settings_general',
 			array( 'label_for' => esc_attr( self::OPTION ) . '-enable-shortcode' )
 		);
+
+		add_settings_field(
+			'embedded_script',
+			__( 'Embedded JavaScript', 'stklcode-liveticker' ),
+			array( __CLASS__, 'settings_embedded_script_field' ),
+			'scliveticker-settings-page',
+			'scliveticker_settings_general',
+			array( 'label_for' => esc_attr( self::OPTION ) . '-embedded-script' )
+		);
 	}
 
 	/**
@@ -188,7 +197,7 @@ class Admin extends SCLiveticker {
 	}
 
 	/**
-	 * Render enable css field.
+	 * Render enable shortcode field.
 	 *
 	 * @return void
 	 *
@@ -202,6 +211,21 @@ class Admin extends SCLiveticker {
 		echo '<p class="description">' . esc_html__( 'Enable shortcode processing in tick content.', 'stklcode-liveticker' ) . '</p>';
 	}
 
+	/**
+	 * Render embedded script field.
+	 *
+	 * @return void
+	 *
+	 * @since 1.2
+	 */
+	public static function settings_embedded_script_field() {
+		$checked = self::$options['embedded_script'];
+
+		echo '<input id="' . esc_attr( self::OPTION ) . '-embedded-script" type="checkbox" name="' . esc_attr( self::OPTION ) . '[embedded_script]" value="1" ' . checked( $checked, 1, false ) . ' /> ';
+		esc_html_e( 'Enable', 'stklcode-liveticker' );
+		echo '<p class="description">' . esc_html__( 'Allow embedded script evaluation in tick contents. This might be useful for embedded content, e.g. social media integrations.', 'stklcode-liveticker' ) . '</p>';
+	}
+
 	/**
 	 * Render the settings page.
 	 *
@@ -226,6 +250,7 @@ class Admin extends SCLiveticker {
 		$result['enable_css']       = isset( $input['enable_css'] ) ? intval( $input['enable_css'] ) : 0;
 		$result['show_feed']        = isset( $input['show_feed'] ) ? intval( $input['show_feed'] ) : 0;
 		$result['enable_shortcode'] = isset( $input['enable_shortcode'] ) ? intval( $input['enable_shortcode'] ) : 0;
+		$result['embedded_script']  = isset( $input['embedded_script'] ) ? intval( $input['embedded_script'] ) : 0;
 
 		return $result;
 	}

includes/class-scliveticker.php

@@ -275,10 +275,11 @@ class SCLiveticker {
 				'scliveticker-js',
 				'scliveticker',
 				array(
-					'ajax_url'      => admin_url( 'admin-ajax.php' ),
+					'ajax_url'        => admin_url( 'admin-ajax.php' ),
-					'nonce'         => wp_create_nonce( 'scliveticker_update-ticks' ),
+					'nonce'           => wp_create_nonce( 'scliveticker_update-ticks' ),
-					'api'           => rest_url(),
+					'api'             => rest_url(),
-					'poll_interval' => self::$options['poll_interval'] * 1000,
+					'embedded_script' => boolval( self::$options['embedded_script'] ),
+					'poll_interval'   => self::$options['poll_interval'] * 1000,
 				)
 			);
 
@@ -423,6 +424,7 @@ class SCLiveticker {
 			'enable_css'       => 1,
 			'show_feed'        => 0,
 			'enable_shortcode' => 0,
+			'embedded_script'  => 0,
 			'reset_settings'   => 0,
 		);
 	}

scripts/liveticker.js

@@ -179,23 +179,25 @@
 		content.innerHTML = u.content.rendered;
 
 		// Process embedded scripts, if any.
-		Array.prototype.forEach.call(
+		if ( scliveticker.embedded_script ) {
-			content.getElementsByTagName( 'script' ),
+			Array.prototype.forEach.call(
-			function( script ) {
+				content.getElementsByTagName( 'script' ),
-				var script2;
+				function( script ) {
-				if ( script.src ) {
+					var script2;
-					// Move referenced scripts to page head.
+					if ( script.src ) {
-					script.parentNode.removeChild( script );
+						// Move referenced scripts to page head.
-					script2 = document.createElement( 'script' );
+						script.parentNode.removeChild( script );
-					Array.prototype.forEach.call( script.attributes, function( a ) {
+						script2 = document.createElement( 'script' );
-						script2.setAttribute( a.nodeName, a.nodeValue );
+						Array.prototype.forEach.call( script.attributes, function( a ) {
-					} );
+							script2.setAttribute( a.nodeName, a.nodeValue );
-					document.head.appendChild( script2 );
+						} );
-				} else {
+						document.head.appendChild( script2 );
-					scripts.push( script );
+					} else {
+						scripts.push( script );
+					}
 				}
-			}
+			);
-		);
+		}
 
 		// Create the actual tick element.
 		li.id = 'sclt-' + t.id + '-' + u.id;