20 * |
22 * |
21 * Compares first password to the password confirmation. |
23 * Compares first password to the password confirmation. |
22 * |
24 * |
23 * @since 3.7.0 |
25 * @since 3.7.0 |
24 * |
26 * |
25 * @param {string} password1 The subject password. |
27 * @param {string} password1 The subject password. |
26 * @param {Array} blacklist An array of words that will lower the entropy of |
28 * @param {Array} disallowedList An array of words that will lower the entropy of |
27 * the password. |
29 * the password. |
28 * @param {string} password2 The password confirmation. |
30 * @param {string} password2 The password confirmation. |
29 * |
31 * |
30 * @returns {number} The password strength score. |
32 * @return {number} The password strength score. |
31 */ |
33 */ |
32 meter : function( password1, blacklist, password2 ) { |
34 meter : function( password1, disallowedList, password2 ) { |
33 if ( ! $.isArray( blacklist ) ) |
35 if ( ! $.isArray( disallowedList ) ) |
34 blacklist = [ blacklist.toString() ]; |
36 disallowedList = [ disallowedList.toString() ]; |
35 |
37 |
36 if (password1 != password2 && password2 && password2.length > 0) |
38 if (password1 != password2 && password2 && password2.length > 0) |
37 return 5; |
39 return 5; |
38 |
40 |
39 if ( 'undefined' === typeof window.zxcvbn ) { |
41 if ( 'undefined' === typeof window.zxcvbn ) { |
40 // Password strength unknown. |
42 // Password strength unknown. |
41 return -1; |
43 return -1; |
42 } |
44 } |
43 |
45 |
44 var result = zxcvbn( password1, blacklist ); |
46 var result = zxcvbn( password1, disallowedList ); |
45 return result.score; |
47 return result.score; |
46 }, |
48 }, |
47 |
49 |
48 /** |
50 /** |
49 * Builds an array of words that should be penalized. |
51 * Builds an array of words that should be penalized. |
50 * |
52 * |
51 * Certain words need to be penalized because it would lower the entropy of a |
53 * Certain words need to be penalized because it would lower the entropy of a |
52 * password if they were used. The blacklist is based on user input fields such |
54 * password if they were used. The disallowedList is based on user input fields such |
53 * as username, first name, email etc. |
55 * as username, first name, email etc. |
54 * |
56 * |
55 * @since 3.7.0 |
57 * @since 3.7.0 |
|
58 * @deprecated 5.5.0 Use {@see 'userInputDisallowedList()'} instead. |
56 * |
59 * |
57 * @returns {string[]} The array of words to be blacklisted. |
60 * @return {string[]} The array of words to be disallowed. |
58 */ |
61 */ |
59 userInputBlacklist : function() { |
62 userInputBlacklist : function() { |
|
63 window.console.log( |
|
64 sprintf( |
|
65 /* translators: 1: Deprecated function name, 2: Version number, 3: Alternative function name. */ |
|
66 __( '%1$s is deprecated since version %2$s! Use %3$s instead. Please consider writing more inclusive code.' ), |
|
67 'wp.passwordStrength.userInputBlacklist()', |
|
68 '5.5.0', |
|
69 'wp.passwordStrength.userInputDisallowedList()' |
|
70 ) |
|
71 ); |
|
72 |
|
73 return wp.passwordStrength.userInputDisallowedList(); |
|
74 }, |
|
75 |
|
76 /** |
|
77 * Builds an array of words that should be penalized. |
|
78 * |
|
79 * Certain words need to be penalized because it would lower the entropy of a |
|
80 * password if they were used. The disallowed list is based on user input fields such |
|
81 * as username, first name, email etc. |
|
82 * |
|
83 * @since 5.5.0 |
|
84 * |
|
85 * @return {string[]} The array of words to be disallowed. |
|
86 */ |
|
87 userInputDisallowedList : function() { |
60 var i, userInputFieldsLength, rawValuesLength, currentField, |
88 var i, userInputFieldsLength, rawValuesLength, currentField, |
61 rawValues = [], |
89 rawValues = [], |
62 blacklist = [], |
90 disallowedList = [], |
63 userInputFields = [ 'user_login', 'first_name', 'last_name', 'nickname', 'display_name', 'email', 'url', 'description', 'weblog_title', 'admin_email' ]; |
91 userInputFields = [ 'user_login', 'first_name', 'last_name', 'nickname', 'display_name', 'email', 'url', 'description', 'weblog_title', 'admin_email' ]; |
64 |
92 |
65 // Collect all the strings we want to blacklist. |
93 // Collect all the strings we want to disallow. |
66 rawValues.push( document.title ); |
94 rawValues.push( document.title ); |
67 rawValues.push( document.URL ); |
95 rawValues.push( document.URL ); |
68 |
96 |
69 userInputFieldsLength = userInputFields.length; |
97 userInputFieldsLength = userInputFields.length; |
70 for ( i = 0; i < userInputFieldsLength; i++ ) { |
98 for ( i = 0; i < userInputFieldsLength; i++ ) { |
83 * individual entry. |
111 * individual entry. |
84 */ |
112 */ |
85 rawValuesLength = rawValues.length; |
113 rawValuesLength = rawValues.length; |
86 for ( i = 0; i < rawValuesLength; i++ ) { |
114 for ( i = 0; i < rawValuesLength; i++ ) { |
87 if ( rawValues[ i ] ) { |
115 if ( rawValues[ i ] ) { |
88 blacklist = blacklist.concat( rawValues[ i ].replace( /\W/g, ' ' ).split( ' ' ) ); |
116 disallowedList = disallowedList.concat( rawValues[ i ].replace( /\W/g, ' ' ).split( ' ' ) ); |
89 } |
117 } |
90 } |
118 } |
91 |
119 |
92 /* |
120 /* |
93 * Remove empty values, short words and duplicates. Short words are likely to |
121 * Remove empty values, short words and duplicates. Short words are likely to |
94 * cause many false positives. |
122 * cause many false positives. |
95 */ |
123 */ |
96 blacklist = $.grep( blacklist, function( value, key ) { |
124 disallowedList = $.grep( disallowedList, function( value, key ) { |
97 if ( '' === value || 4 > value.length ) { |
125 if ( '' === value || 4 > value.length ) { |
98 return false; |
126 return false; |
99 } |
127 } |
100 |
128 |
101 return $.inArray( value, blacklist ) === key; |
129 return $.inArray( value, disallowedList ) === key; |
102 }); |
130 }); |
103 |
131 |
104 return blacklist; |
132 return disallowedList; |
105 } |
133 } |
106 }; |
134 }; |
107 |
135 |
108 // Backward compatibility. |
136 // Backward compatibility. |
109 |
137 |