Add CCSS allowlist, notify (#807)

Author: tynanbe

data/ccss_whitelist.txt

@@ -0,0 +1,10 @@
+# Predefined list for CCSS whitelist #
+# Comment can use `# `(there is a space following), or `##`, can use both as a new line or end of one line
+# If you want to predefine new items, please send a Pull Request to https://github.com/litespeedtech/lscache_wp/blob/dev/data/ccss_whitelist.txt We will merge into next plugin release
+
+
+############# DoBar compatibility #############
+.pace-inactive
+
+############# DIVI ################
+.et_pb_number_counter.active

data/const.default.json

@@ -87,6 +87,7 @@
 	"optm-ggfonts_rm": "",
 	"optm-css_async": "",
 	"optm-ccss_per_url": "",
+	"optm-ccss_whitelist": "",
 	"optm-css_async_inline": "1",
 	"optm-css_font_display": "",
 	"optm-js_defer": "",

readme.txt

@@ -255,6 +255,10 @@ You can report security bugs through the Patchstack Vulnerability Disclosure Pro
 
 == Changelog ==
 
+= Unreleased =
+* 🌱**Page Optimize** Added allowlist support for CCSS.
+* **Cloud** CCSS results are now posted via API notification.
+
 = 7.0 - Mar 25 2025 =
 * 🌱**Image Optimization** Added AVIF format.
 * **Core** Changed plugin classes auto load to preload all to prevent upgrade problems.

src/base.cls.php

@@ -149,6 +149,7 @@ class Base extends Root
 	const O_OPTM_CCSS_PER_URL = 'optm-ccss_per_url';
 	const O_OPTM_CCSS_SEP_POSTTYPE = 'optm-ccss_sep_posttype';
 	const O_OPTM_CCSS_SEP_URI = 'optm-ccss_sep_uri';
+	const O_OPTM_CCSS_SELECTOR_WHITELIST = 'optm-ccss_whitelist';
 	const O_OPTM_CSS_ASYNC_INLINE = 'optm-css_async_inline';
 	const O_OPTM_CSS_FONT_DISPLAY = 'optm-css_font_display';
 	const O_OPTM_JS_DEFER = 'optm-js_defer';
@@ -437,6 +438,7 @@ class Base extends Root
 		self::O_OPTM_CCSS_PER_URL => false,
 		self::O_OPTM_CCSS_SEP_POSTTYPE => array(),
 		self::O_OPTM_CCSS_SEP_URI => array(),
+		self::O_OPTM_CCSS_SELECTOR_WHITELIST => array(),
 		self::O_OPTM_CSS_ASYNC_INLINE => false,
 		self::O_OPTM_CSS_FONT_DISPLAY => false,
 		self::O_OPTM_JS_DEFER => false,

src/cloud.cls.php

@@ -83,10 +83,10 @@ class Cloud extends Base
 	// No api key needed for these services
 	private static $_PUB_SVC_SET = array(self::API_NEWS, self::API_REPORT, self::API_VER, self::API_BETA_TEST, self::API_REST_ECHO, self::SVC_D_V3UPGRADE);
 
-	private static $_QUEUE_SVC_SET = array(self::SVC_UCSS, self::SVC_VPI);
+	private static $_QUEUE_SVC_SET = array(self::SVC_CCSS, self::SVC_UCSS, self::SVC_VPI);
 
 	public static $SERVICES_LOAD_CHECK = array(
-		self::SVC_CCSS,
+		// self::SVC_CCSS,
 		// self::SVC_UCSS,
 		// self::SVC_VPI,
 		self::SVC_LQIP,

src/css.cls.php

@@ -18,8 +18,8 @@ class CSS extends Base
 	const TYPE_CLEAR_Q_CCSS = 'clear_q_ccss';
 
 	protected $_summary;
+	private $_ccss_whitelist;
 	private $_queue;
-	private $_endts;
 
 	/**
 	 * Init
@@ -29,6 +29,8 @@ class CSS extends Base
 	public function __construct()
 	{
 		$this->_summary = self::get_summary();
+
+		add_filter('litespeed_ccss_whitelist', array($this->cls('Data'), 'load_ccss_whitelist'));
 	}
 
 	/**
@@ -206,22 +208,11 @@ private function _cron_handler($type, $continue)
 		}
 
 		$i = 0;
-		$timeoutLimit = ini_get('max_execution_time');
-		$this->_endts = time() + $timeoutLimit;
 		foreach ($this->_queue as $k => $v) {
 			if (!empty($v['_status'])) {
 				continue;
 			}
 
-			if (function_exists('set_time_limit')) {
-				$this->_endts += 120;
-				set_time_limit(120);
-			}
-			if ($this->_endts - time() < 10) {
-				// self::debug("🚨 End loop due to timeout limit reached " . $timeoutLimit . "s");
-				// return;
-			}
-
 			Debug2::debug('[' . $type_tag . '] cron job [tag] ' . $k . ' [url] ' . $v['url'] . ($v['is_mobile'] ? ' 📱 ' : '') . ' [UA] ' . $v['user_agent']);
 
 			if ($type == 'ccss' && empty($v['url_tag'])) {
@@ -291,6 +282,8 @@ private function _send_req($request_url, $queue_k, $uid, $user_agent, $vary, $ur
 			return 'out_of_quota';
 		}
 
+		set_time_limit(120);
+
 		// Update css request status
 		$this->_summary['curr_request_' . $type] = time();
 		self::save_summary();
@@ -306,7 +299,8 @@ private function _send_req($request_url, $queue_k, $uid, $user_agent, $vary, $ur
 		list($css, $html) = $this->prepare_css($html, $is_webp);
 
 		if (!$css) {
-			Debug2::debug('[UCSS] ❌ No combined css');
+			$type_tag = strtoupper($type);
+			Debug2::debug('[' . $type_tag . '] ❌ No combined css');
 			return false;
 		}
 
@@ -320,6 +314,10 @@ private function _send_req($request_url, $queue_k, $uid, $user_agent, $vary, $ur
 			'html' => $html,
 			'css' => $css,
 		);
+		if (!isset($this->_ccss_whitelist)) {
+			$this->_ccss_whitelist = $this->_filter_whitelist();
+		}
+		$data['whitelist'] = $this->_ccss_whitelist;
 
 		self::debug('Generating: ', $data);
 
@@ -526,6 +524,83 @@ public function prepare_css($html, $is_webp = false, $dryrun = false)
 		return array($css, $html);
 	}
 
+	/**
+	 * Filter the comment content, add quotes to selector from whitelist. Return the json
+	 *
+	 * @since 7.1
+	 */
+	private function _filter_whitelist()
+	{
+		$whitelist = array();
+		$list = apply_filters('litespeed_ccss_whitelist', $this->conf(self::O_OPTM_CCSS_SELECTOR_WHITELIST));
+		foreach ($list as $v) {
+			if (substr($v, 0, 2) === '//') {
+				continue;
+			}
+			$whitelist[] = $v;
+		}
+
+		return $whitelist;
+	}
+
+	/**
+	 * Notify finished from server
+	 * @since 7.1
+	 */
+	public function notify()
+	{
+		$post_data = \json_decode(file_get_contents('php://input'), true);
+		if (is_null($post_data)) {
+			$post_data = $_POST;
+		}
+		self::debug('notify() data', $post_data);
+
+		$this->_queue = $this->load_queue('ccss');
+
+		list($post_data) = $this->cls('Cloud')->extract_msg($post_data, 'ccss');
+
+		$notified_data = $post_data['data'];
+		if (empty($notified_data) || !is_array($notified_data)) {
+			self::debug('❌ notify exit: no notified data');
+			return Cloud::err('no notified data');
+		}
+
+		// Check if its in queue or not
+		$valid_i = 0;
+		foreach ($notified_data as $v) {
+			if (empty($v['request_url'])) {
+				self::debug('❌ notify bypass: no request_url', $v);
+				continue;
+			}
+			if (empty($v['queue_k'])) {
+				self::debug('❌ notify bypass: no queue_k', $v);
+				continue;
+			}
+
+			if (empty($this->_queue[$v['queue_k']])) {
+				self::debug('❌ notify bypass: no this queue [q_k]' . $v['queue_k']);
+				continue;
+			}
+
+			// Save data
+			if (!empty($v['data_ccss'])) {
+				$is_mobile = $this->_queue[$v['queue_k']]['is_mobile'];
+				$is_webp = $this->_queue[$v['queue_k']]['is_webp'];
+				$this->_save_con('ccss', $v['data_ccss'], $v['queue_k'], $is_mobile, $is_webp);
+
+				$valid_i++;
+			}
+
+			unset($this->_queue[$v['queue_k']]);
+			self::debug('notify data handled, unset queue [q_k] ' . $v['queue_k']);
+		}
+		$this->save_queue('ccss', $this->_queue);
+
+		self::debug('notified');
+
+		return Cloud::ok(array('count' => $valid_i));
+	}
+
 	/**
 	 * Handle all request actions from main cls
 	 *

src/data.cls.php

@@ -645,6 +645,21 @@ public function load_css_exc($list)
 		return $list;
 	}
 
+	/**
+	 * Get list from `data/ccss_whitelist.txt`
+	 *
+	 * @since  7.1
+	 */
+	public function load_ccss_whitelist($list)
+	{
+		$data = $this->_load_per_line('ccss_whitelist.txt');
+		if ($data) {
+			$list = array_unique(array_filter(array_merge($list, $data)));
+		}
+
+		return $list;
+	}
+
 	/**
 	 * Get list from `data/ucss_whitelist.txt`
 	 *

src/lang.cls.php

@@ -172,6 +172,7 @@ public static function title($id)
 			self::O_OPTM_CCSS_CON => __('Critical CSS Rules', 'litespeed-cache'),
 			self::O_OPTM_CCSS_SEP_POSTTYPE => __('Separate CCSS Cache Post Types', 'litespeed-cache'),
 			self::O_OPTM_CCSS_SEP_URI => __('Separate CCSS Cache URIs', 'litespeed-cache'),
+			self::O_OPTM_CCSS_SELECTOR_WHITELIST => __('CCSS Selector Allowlist', 'litespeed-cache'),
 			self::O_OPTM_JS_DEFER_EXC => __('JS Deferred / Delayed Excludes', 'litespeed-cache'),
 			self::O_OPTM_GM_JS_EXC => __('Guest Mode JS Excludes', 'litespeed-cache'),
 			self::O_OPTM_EMOJI_RM => __('Remove WordPress Emoji', 'litespeed-cache'),

src/rest.cls.php

@@ -88,6 +88,12 @@ public function rest_api_init()
 			'permission_callback' => array($this, 'is_from_cloud'),
 		));
 
+		register_rest_route('litespeed/v1', '/notify_ccss', array(
+			'methods' => 'POST',
+			'callback' => array($this, 'notify_ccss'),
+			'permission_callback' => array($this, 'is_from_cloud'),
+		));
+
 		register_rest_route('litespeed/v1', '/notify_ucss', array(
 			'methods' => 'POST',
 			'callback' => array($this, 'notify_ucss'),
@@ -199,6 +205,15 @@ public function notify_img()
 		return Img_Optm::cls()->notify_img();
 	}
 
+	/**
+	 * @since  7.1
+	 */
+	public function notify_ccss()
+	{
+		self::debug('notify_ccss');
+		return CSS::cls()->notify();
+	}
+
 	/**
 	 * @since  5.2
 	 */

tpl/page_optm/settings_tuning_css.tpl.php

@@ -120,6 +120,30 @@
 		</td>
 	</tr>
 
+	<tr>
+		<th>
+			<?php $id = Base::O_OPTM_CCSS_SELECTOR_WHITELIST; ?>
+			<?php $this->title( $id ); ?>
+		</th>
+		<td>
+			<?php $this->build_textarea( $id ); ?>
+			<div class="litespeed-desc">
+				<?php echo __( 'List CSS selectors that should always have their styles contained in critical CSS.', 'litespeed-cache' ); ?>
+				<?php Doc::learn_more( 'https://docs.litespeedtech.com/lscache/lscwp/pageopt/#ccss-whitelist', __( 'How to choose a CCSS allowlist selector?', 'litespeed-cache' ) ); ?>
+				<br /><?php echo sprintf( __( 'Wildcard %s supported.', 'litespeed-cache' ), '<code>*</code>' ); ?>
+				<div class="litespeed-callout notice notice-warning inline">
+					<h4><?php echo __( 'Note', 'litespeed-cache' ); ?></h4>
+					<p>
+						<?php echo __( 'Selectors must exist in the CSS. Parent classes in the HTML will not work.', 'litespeed-cache' ); ?>
+					</p>
+				</div>
+				<font class="litespeed-success">
+					<?php echo __( 'Predefined list will also be combined w/ the above settings', 'litespeed-cache' ); ?>: <a href="https://github.com/litespeedtech/lscache_wp/blob/dev/data/ccss_whitelist.txt" target="_blank">https://github.com/litespeedtech/lscache_wp/blob/dev/data/ccss_whitelist.txt</a>
+				</font>
+			</div>
+		</td>
+	</tr>
+
 	<tr>
 		<th>
 			<?php $id = Base::O_OPTM_CCSS_CON; ?>