Breeze Plugin flagged as malicious


#1

Hey Cloudways team,

The following function in /breeze/inc/minification/breeze-minification-base.php is being falsely flagged as malicious from scanners:

    protected function inject_minified($in) {
    if ( strpos( $in, '%%INJECTLATER%%' ) !== false ) {
        $out = preg_replace_callback(
            '#%%INJECTLATER'.breeze_HASH.'%%(.*?)%%INJECTLATER%%#is',
            create_function(
                '$matches',
                '$filepath=base64_decode(strtok($matches[1],"|"));
                $filecontent=file_get_contents($filepath);

                // remove BOM
                $filecontent = preg_replace("#\x{EF}\x{BB}\x{BF}#","",$filecontent);

                // remove comments and blank lines
                if (substr($filepath,-3,3)===".js") {
                    $filecontent=preg_replace("#^\s*\/\/.*$#Um","",$filecontent);
                }

                $filecontent=preg_replace("#^\s*\/\*[^!].*\*\/\s?#Us","",$filecontent);
                $filecontent=preg_replace("#(^[\r\n]*|[\r\n]+)[\s\t]*[\r\n]+#", "\n", $filecontent);

                // specific stuff for JS-files
                if (substr($filepath,-3,3)===".js") {
                    if ((substr($filecontent,-1,1)!==";")&&(substr($filecontent,-1,1)!=="}")) {
                        $filecontent.=";";
                    }

                    if (get_option("breeze_js_trycatch")==="on") {
                        $filecontent="try{".$filecontent."}catch(e){}";
                    }
                } else if ((substr($filepath,-4,4)===".css")) {
                    $filecontent=Breeze_MinificationStyles::fixurls($filepath,$filecontent);
                }

                // return 
                return "\n".$filecontent;'
            ),
            $in
        );

I’d recommend you guys take a look to rework it so it does not get flagged anymore, thanks!


#2

Thank you for your great input.


#3

Hello Owais,

Do you work with Cloudways?
If so were you able to determine what the above issue was and were you able to fix it?
When someone leaves this type of issue it is reassuring to know that you on top of it.
It was 2 months ago. I am enjoying things with Cloudways. Just please don’t take your foot off the gas. Continued success.