The HTML4 Plupload handler uses a hidden iframe to POST the upload form,
Unfortunately Internet Explorer 9 doesn't support the `application/json`
content-type which `wp_send_json_success()` and requires `text/html` instead.
This partially reverts [30354], keeping the better error messages.
Fixes#31037 for trunk.
Built from https://develop.svn.wordpress.org/trunk@31429
git-svn-id: http://core.svn.wordpress.org/trunk@31410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The UI for these taxonomies was hidden in [31308], but it remained possible to
send a direct POST request to the `inline-edit` endpoint to bypass the
restriction. The current changeset fixes this.
Props meloniq.
Fixes#26948.
Built from https://develop.svn.wordpress.org/trunk@31313
git-svn-id: http://core.svn.wordpress.org/trunk@31294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Bump MediaElement script loader versions to 2.16.2 - missed in [30634], oops!
* Add `Froogaloop` to `js/mediaelement` scripts for Vimeo
* Check for Vimeo in the same locations that YouTube is checked
* Dynamically load Froogaloop script in admin when editing a TinyMCE view
* Edit MediaElement to call `mejs.$.extend` instead of `$.extend` in `mejs.HtmlMediaElementShim.createPlugin()`, since `$` is not available via WP's jQuery (I will report this upstream):
6f9a78e008/src/js/me-shim.js (L631)Fixes#29267.
Built from https://develop.svn.wordpress.org/trunk@31016
git-svn-id: http://core.svn.wordpress.org/trunk@30997 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If the token is set (`$keep` is a string), this means the user is viewing their own profile-editing screen and destroying their own sessions (except the current one). If it isn't set (`$keep` is null), the user is editing another user's profile and destroying all of their sessions with no exceptions.
See #30264, #30469
Built from https://develop.svn.wordpress.org/trunk@30595
git-svn-id: http://core.svn.wordpress.org/trunk@30585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Variables in DocBlocks should be backtick-escaped
* Parameter and return types should be as specific as possible
* `@param` types and variables should align with each other, but not intentionally with the `@return` description
See #30230.
Built from https://develop.svn.wordpress.org/trunk@30284
git-svn-id: http://core.svn.wordpress.org/trunk@30284 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Use a `MutationObserver` to listen to the `body` class of the parent editor frame.
* In `wpview_media_sandbox_styles()`, only return the MEjs stylesheets.
* In `wp_ajax_parse_media_shortcode()` and `wp_ajax_parse_embed()`, return an object instead of an HTML blob to allow passing `body` and `head` separately
Props avryl, azaozz.
Fixes#29048.
Built from https://develop.svn.wordpress.org/trunk@29615
git-svn-id: http://core.svn.wordpress.org/trunk@29389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Add a setting to `_wpMediaViewsL10n.settings`: `mediaTrash`
* In the attachment edit modal, properly toggle between Trash/Untrash
* In `media.view.Attachment`, add a method for `untrashAttachment`
* When creating the grid toolbar, switch the setting order of subviews so that `media.view.DeleteSelectedButton` can listen to the instance of `media.view.AttachmentFilters.All` to update the text in its UI.
* Add a new filter to `media.view.AttachmentFilters.All`, `trash`, when `settings.mediaTrash` is true
* Allow the cached queries in `Query.get()` to be flushed when race conditions exist and collections need to be refreshed. This is currently only being used when `MEDIA_TRASH` is set, to refresh the filtered/mirrored collections related to `all`, `trash`, and any already queried filter.
* Cleanup the bootstrapping of `media.view.MediaFrame.Manage`
* Allow `wp_ajax_query_attachments()` to return items from the trash when `MEDIA_TRASH` is `true`
* Allow `wp_ajax_save_attachment()` to set `post_status` when `MEDIA_TRASH` is `true`. It allows `wp_delete_post()` to be called, which will trash the attachment instead of deleting when the flag is set.
Props koop for the knowledge sharing and thought partnership.
See #29145.
Built from https://develop.svn.wordpress.org/trunk@29490
git-svn-id: http://core.svn.wordpress.org/trunk@29268 1a063a9b-81f0-0310-95a4-ce76da25c4cd
We will no longer replace previously valid oEmbed responses with an `{{unknown}}` cache value. When this happens due to reaching a rate limit or a service going down, it is data loss, and is not acceptable. This means that oEmbed caches for a post are no longer deleted indiscriminately every time that post is saved.
oEmbed continues to be cached in post meta, with the addition of a separate meta key containing the timestamp of the last retrieval, which is used to avoid re-requesting a recently cached oEmbed response. By default, we consider a valued cached in the past day to be fresh. This can greatly reduce the number of outbound requests, especially in cases where a post containing multiple embeds is saved frequently.
The TTL used to determine whether or not to request a response can be filtered using `oembed_ttl`, thus allowing for the possibility of respecting the optional oEmbed response parameter `cache_age` or altering the period of time a cached value is considered to be fresh.
Now that oEmbeds are previewed in the visual editor as well as the media modal, oEmbed caches are often populated before a post is saved or published. By pre-populating and avoiding having to re-request that response, we also greatly reduce the chances of a stampede happening when a published post is visible before oEmbed caching is complete.
As it previously stood, a stampede was extremely likely to happen, as the AJAX caching was only triggered when `$_GET['message']` was 1. The published message is 6. We now trigger the caching every time `$_GET['message']` is present on the edit screen, as we are able to avoid triggering so many HTTP requests overall.
props markjaquith. fixes#14759. see #17210.
Built from https://develop.svn.wordpress.org/trunk@28972
git-svn-id: http://core.svn.wordpress.org/trunk@28761 1a063a9b-81f0-0310-95a4-ce76da25c4cd