HookPress – Seems Like A Great Idea

pluginspodcastlogoAngelo Mandato who produces the PluginsPodcast, a weekly show dedicated to WordPress plugins recently pushed out episode 24 which featured an interview with Mitcho, the developer of my favorite related posts plugin YARPP (Yet Another Related Posts Plugin). Not only is the interview informative, but during the second half of the show, we find out about another plugin Mitcho is developing called HookPress. HookPress is a plugin that enables WordPress to use Web Hooks. While I did watch the video presentation, I’m still trying to figure out myself how useful this is but considering the fact that these web hooks can be written in any language I believe is a killer feature for developers. If I’m wrong, feel free to correct me.

Webhooks goes beyond the HookPress plugin though as evidenced by the Webhooks blog, Anil Dash and his idea of the Push Button Web, and slides created by Jeff Lindsay explaining the concept. The following is a video presentation of HookPress.

If you’re a developer, please tell me more information about this concept and how it can be useful to you. Also, Mitcho is looking for feedback on his plugin so if you end up using it, be sure to contact him.

7 Comments


  1. Looks very cool – Let’s hope this can’t easily be used for evil. Not sure of the implications as HookPress can make calls on WP native, PHP, Python scripts etc etc.. Assume the WP nonce stuff stops any bad stuff? We’ve already seen crafty URLs doing annoying stuff to our passwords.

    Of course it’s also nice to see him using BBedit :)

    Report


  2. I think it can serve its purpose. Dont know if the plugin itself is that usefull but the webhooks idea is kind of cool. But then it would be more like opening up hooks in wordpress for other services rather than WordPress consuming other hooks.

    Report


  3. I don’t think Hookpress can use WP nonces, since the “web hooks” are not managed by WP.

    So, unless the web hook is controlled by you, there’s no layer of security.

    Report


  4. The concept sounds great, but the more I think of it, the less I find any actual use. Relying on the HTTP system for actions and filters also has some problems for security and stability of the website.

    My biggest problem may be that I just don’t have enough knowledge with the entire webhooks concept since I, a person who thinks that WordPress is great as a web application development framework, am having a hard time coming up with a valid use.

    Report


  5. I wrote about Hookpress a few weeks ago, and I think the idea has some potential uses. Mainly, though, I think it might be useful for someone who just isn’t familiar enough with WordPress and/or PHP to write their own plugins directly, or for someone who already has an external event service set up and available via HTTP. But also, if enough stand-alone services pop up using the webhooks idea, it could catch on for certain tasks.

    Granted, it’s not something that tons of people are bound to use for lots of tasks, but I can definitely see it being a really quick way to let WordPress events trigger external scripts, rather than writing a full-blown custom plugin, and dealing with the extra memory and blocking time, or having to re-invent the wheel every time.l

    I think if you read Anil’s Pushbutton Web post, the key point is that this concept “pushes complexity to the hub”.

    Report


  6. Thanks for the coverage! ^^

    Re: security. As has been stated above, these POST requests don’t rely on wp nonces or such at all. On the other hand, since HookPress can only display the response of the webhook, no additional damage can be done—you can’t, for example, built a webhook which then instructs HookPress to clear the database or anything. Moreover, as you control which fields are being sent to the webhook, it is ulitmately up to the user to control its use and security.

    Report


  7. I think what I need to do is look more into the concept of Webhooks itself and then come back and review the plugin/idea as then I’ll have a better understanding of how useful this could be. Keep up the great work on the YARPP plugin!

    Report

Comments are closed.