Total Posts: 84 Karma: 714 Joined: 6/8/2014 Location: Thailand How can we ensure for Theme and Plug-in source code which contributors provide for free is clean without any hack or virus inside original Nop source code?
Total Posts: 766 Karma: 16050 Joined: 12/24/2012 Location: Vietnam Any contributed free theme and plugin need approval from nopCommerce team before you can see theme on the list.
Total Posts: 117 Karma: 1016 Joined: 9/6/2014 Location: Australia It would be nice if the Plugins bin and Plugins content was seperated into folders. eg. Follow the MVC folder structure, could be something like: /Plugins/bin/DiscountRules.CustomerRoles (Nop.Plugin.DiscountRules.HadSpentAmount.dll, ...) /Plugins/Views/DiscountRules.CustomerRoles (Configure.cshtml) /Plugins/Content/DiscountRules.CustomerRoles (description.txt, logo.jpg) Applying IIS Hidden Segments to the /Plugins/bin folder would be alot easier. I'm sure many nopCommerce IIS deployments have overlooked this security and may have left their plugin DLL's exposed to the clients for download!