ATTN Speed Freaks: Wordpress now adding Emoji files globally

[Ryuzaki]

With Wordpress 4.2, I just discovered that it's forcing the call of a javascript file and adding some CSS in the header called:

<script type="text/javascript">
            window._wpemojiSettings = {"baseUrl":"http:\/\/s.w.org\/images\/core\/emoji\/72x72\/","ext":".png","source":{"concatemoji":"http:\/\/www.mysite.com\/wp\/wp-includes\/js\/wp-emoji-release.min.js?ver=4.2"}};
            !function(a,b,c){function d(a){var c=b.createElement("canvas"),d=c.getContext&&c.getContext("2d");return d&&d.fillText?(d.textBaseline="top",d.font="600 32px Arial","flag"===a?(d.fillText(String.fromCharCode(55356,56812,55356,56807),0,0),c.toDataURL().length>3e3):(d.fillText(String.fromCharCode(55357,56835),0,0),0!==d.getImageData(16,16,1,1).data[0])):!1}function e(a){var c=b.createElement("script");c.src=a,c.type="text/javascript",b.getElementsByTagName("head")[0].appendChild(c)}var f;c.supports={simple:d("simple"),flag:d("flag")},c.supports.simple&&c.supports.flag||(f=c.source||{},f.concatemoji?e(f.concatemoji):f.wpemoji&&f.twemoji&&(e(f.twemoji),e(f.wpemoji)))}(window,document,window._wpemojiSettings);
        </script>
        <style type="text/css">
img.wp-smiley,
img.emoji {
    display: inline !important;
    border: none !important;
    box-shadow: none !important;
    height: 1em !important;
    width: 1em !important;
    margin: 0 .07em !important;
    vertical-align: -0.1em !important;
    background: none !important;
    padding: 0 !important;
}
</style>

I'm never going to use emoji's and I'm not happy with the two additional HTTP requests and extra bandwidth bulk. So I discovered that there's already a plugin to get rid of it:

https://wordpress.org/plugins/disable-emojis/
​

You can use that, but all it does is what I'm about to paste. You can simply go to your functions.php file from within the Wordpress Dashboard and add the following:

remove_action( 'wp_head', 'print_emoji_detection_script', 7 );
remove_action( 'wp_print_styles', 'print_emoji_styles' );

Viola. Problem resolved.

I HATE smilies



P.S. Don't forget to clear your cache or CDN or it'll keep loading.

 

[CCarter]

Public Service Announcement: Now might be a perfect time to start switching to a flat-file CMS like Pico or it's little brother PhileCMS. Wordpress is comfortable and will continue adding more and more stuff as it continues to grow from blogging software to a full fledged CMS. Flat-file is the way to go - no database to get hacked, no access to get hacked, no security breaches to worry about, no additions of unnecessary code by the developers cause they want to be 16 year old school girls sending texts with emojis... No surprises.

At a certain point a CMS continues growing and becomes the problem with all it's new fancy features no one wants, Wordpress is nearing the point of no return, it's time to get off that train, this is just the beginning...

 

[qwianghomingh]

Can't you just remove the lines from header.php and delete the files it calls?
I'm not a designer and I don't know html and css like you guys do.
Wordpress became annoying a couple of weeks ago when my host started to autoemail me every other day that wordpress installs got updated with each 4.1.x version and now the 4.2.x versions and this and that plugin had security flaws.

 

[Goldorak]

I looked into phileCMS and pico on YT there's not much in terms of tutorials out there unless there's a place they're all hiding.

 

[Ryuzaki]

Can't you just remove the lines from header.php and delete the files it calls?

No, because your header is created by the theme designers and they aren't the one putting these files in. They are being injected through the wp_head() hook from the core files. You could remove it from the core, but as soon as you update they'll return. Using one of the two methods above will create a solution that persists through upgrades.

 

[learningcurve]

Thanks for the update. I fixed that the moment I saw you mention it. Good pick up

 

[Andrewkar]

I'm curious why you @CCarter @Ryuzaki are not mentioning Grav flat file cms? Is there something wrong with it? They have good documentation I think. Also, it looks like they are trying bring flat file to the masses.

 

[CCarter]

I'm curious why you @CCarter @Ryuzaki are not mentioning Grav flat file cms? Is there something wrong with it? They have good documentation I think. Also, it looks like they are trying bring flat file to the masses.

Cause I have never heard of it until now. Looks like they started in August 2014. It you think about it at the macro level there are probably a thousand projects that have started since then that I've never heard of that are related to the multitude of systems I use that can be called 'improvements'. If I have no 'pain' with my current setup there wouldn't be a reason to go seeking out an alternative. I was on Pico since 2013, it works for me, so I wouldn't have a need to be exploring any other flat-file CMS.

On that note - it does look pretty organized and the syntaxes look easy to use, but I don't have a real pain for them to solve, so there isn't a reason to switch over or even try it at the moment. It might be worth bookmarking for a future project but I'd rather not waste time playing musical chairs with CMSs when the one I got does the job I need 100%.

 

[Andrewkar]

Ahh ok, I thought Grav is more popular around. Thanks for the answer, I will use it if I make some time. One problem I can see with flat file sites could be a lower price tag (for now at least when WP is soo easy to run...). On the other hand, security of the no database driven site is much higher so that's on the positive note. But I agree 100%, WP is going out of the control.

 

[contract]

Grav looks awesome!

Hopefully someone develops a Wordpress > Grav migration tool.

At the end of the day I just want basic Wordpress functions with top notch security.. That's it. Something with a CMS backend that I can add new posts/pages, that's it.

Wordpress keeps dumping in all this bullshit with every update.

 

[CCarter]

Looks like that emoji stuff was actually a security vulnerability fix using a trojan horse maneuver:

@MercenaryCarter The emoji update was actually a diversion. They needed to fix a potential vulnerability, but did not want to tip their hand to what they were doing. And it still had to be backwards compatible for the millions of sites running WordPress.

Take a few minutes to read https://poststatus.com/the-trojan-emoji/ for more of the back story.

 

[Antares]

Looks like that emoji stuff was actually a security vulnerability fix using a trojan horse maneuver:

I've avoided wordpress so far, this is just another nail in the coffin. For most things mainstream, I tend to go the opposite direction within reason.

 

[gasmonkeygarage]

Is there a tutorial for pico or phile cms?

 

[Ryuzaki]

Heads up, Wordpress is now also pre-fetching the domain s.w.org, which is Wordpress.org. They are doing this to help speed up the render time for emoji's by having quicker access to the SVG file.

You can get rid of that by adding this to your functions.php:

add_filter( 'emoji_svg_url', '__return_false' );

So to completely remove emoji's in the present you can add this entire block to your functions.php:

remove_action( 'wp_head', 'print_emoji_detection_script', 7 );
remove_action( 'wp_print_styles', 'print_emoji_styles' );
add_filter( 'emoji_svg_url', '__return_false' );

726 x 313​

 

[Raymond Luo]

Adding on to @Ryuzaki, I use code snippets plugin instead of directly mucking with functions.php. Cleaner, more organized, easier to update themes.

 

[Ryuzaki]

Adding on to @Ryuzaki, I use code snippets plugin instead of directly mucking with functions.php. Cleaner, more organized, easier to update themes.

That's a great plugin. I never considered such a thing since I develop my own themes and there's no risk of the functions being overwritten. Good call, I definitely suggest people use this on non-custom themes they plan on updating. Or at least set up a child theme.