Commit Graph

17008 Commits

Author SHA1 Message Date
desrosj 0df80b099e WordPress 4.9.11.
Built from https://develop.svn.wordpress.org/branches/4.9@46043


git-svn-id: http://core.svn.wordpress.org/branches/4.9@45855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 22:05:54 +00:00
Sergey Biryukov 94aa7baeb2 Escape the output in `wp_ajax_upload_attachment()`.
Merges [45936] to the 4.9 branch.
Props whyisjake, sstoqnov.
Built from https://develop.svn.wordpress.org/branches/4.9@45943


git-svn-id: http://core.svn.wordpress.org/branches/4.9@45754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 16:29:27 +00:00
Gary Pendergast 0e494b043d WordPress 4.9.10
Built from https://develop.svn.wordpress.org/branches/4.9@44868


git-svn-id: http://core.svn.wordpress.org/branches/4.9@44699 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-13 00:58:25 +00:00
Sergey Biryukov 176bfb2694 Comments: Improve comment content filtering.
Merges [44842] to the 4.9 branch.
Built from https://develop.svn.wordpress.org/branches/4.9@44845


git-svn-id: http://core.svn.wordpress.org/branches/4.9@44677 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-12 22:34:26 +00:00
Gary Pendergast f105803f14 Dashboard: Remove the Try Gutenberg callout.
Merge of [43807] from the 5.0 branch.

Props mukesh27.
Fixes #45063.


Built from https://develop.svn.wordpress.org/branches/4.9@44106


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43936 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 09:07:26 +00:00
Jeremy Felt 21095bb883 Bump 4.9 branch to version 4.9.9.
Built from https://develop.svn.wordpress.org/branches/4.9@44078


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 02:12:11 +00:00
Gary Pendergast ed38a616b1 Editor: Remove unwanted fields before saving posts.
The `meta_input`, `file`, and `guid` fields are not intended to be updated through user input.

Merges [44047] to the 4.9 branch.


Built from https://develop.svn.wordpress.org/branches/4.9@44053


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 01:38:25 +00:00
Peter Wilson 298af5bcf2 Multisite: Validate activation links.
Merges [44048] to the 4.9 branch.

Built from https://develop.svn.wordpress.org/branches/4.9@44051


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 01:33:26 +00:00
Sergey Biryukov b1f105e400 Privacy: Revert [43614] from the 4.9 branch.
This change is out of the 4.9.x scope, and will be reintroduced in 5.0.x.

See #43985.
Built from https://develop.svn.wordpress.org/branches/4.9@43705


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-11 04:04:26 +00:00
Sergey Biryukov 319971e3ed Customize: Revert [43575] from the 4.9 branch.
This change is out of the 4.9.x scope, and will be reintroduced in 5.0.x.

See #44763.
Built from https://develop.svn.wordpress.org/branches/4.9@43699


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-11 03:41:25 +00:00
Adam Silverstein b250096446 Try Gutenberg callout: improve formatting for Internet Explorer 11.
Correct an issue where the layout of the "Try Gutenberg" callout added in #41316 falls apart under IE11.

Props kjellr, ianbelanger, pbiron, Luciano Croce, belcherj, ryansommers.     
Fixes #44742.

Built from https://develop.svn.wordpress.org/branches/4.9@43674


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-05 14:51:26 +00:00
Sergey Biryukov f0001b7423 Docs: Correct `@since` value for `_wp_privacy_statuses()`.
Fix typo in `@since` entry for `WP_Privacy_Policy_Content:add()`.

Props dimadin.
Merges [43638] to the 4.9 branch.
Fixes #44915.
Built from https://develop.svn.wordpress.org/branches/4.9@43639


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43468 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-13 10:22:24 +00:00
Sergey Biryukov 7296f063d7 Help/About: Ensure the space after the period for the 4.9.8 changelog entry is preserved.
Props chetan200891, burhandodhy, swissspidy.
Fixes #44717.
Built from https://develop.svn.wordpress.org/branches/4.9@43622


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43451 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-03 21:36:26 +00:00
Sergey Biryukov a3ff44115b Script loader: remove (PHP based) compression from `load-styles.php` and `load-scripts.php`. WIth the amount of scripts and stylesheets grown a lot over the years, it has become pretty slow and consumes a lot of server resources. Also, most servers are set to compress PHP output anyway.
Props LucasRolff, azaozz.
Merges [43580] to the 4.9 branch.
Fixes #44815. See #43308.
Built from https://develop.svn.wordpress.org/branches/4.9@43618


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-03 21:17:25 +00:00
Sergey Biryukov 74ee7ba44a Docs: Correct parameter type for `WP_Privacy_Policy_Content::notice()`.
Props burhandodhy.
Merges [43609] to the 4.9 branch.
Fixes #44877.
Built from https://develop.svn.wordpress.org/branches/4.9@43615


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43444 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-03 21:04:26 +00:00
Sergey Biryukov a69b052f3f Privacy: Ensure the user request email is sent in the requested user's locale (or the site's default locale if they are not a registered user) when the administrator creating the request uses a different locale.
Props desrosj, Chouby, iandunn, lbenicio, birgire, earnjam, swissspidy, garrett-eclipse.
Merges [43568] to the 4.9 branch.
Fixes #43985.
Built from https://develop.svn.wordpress.org/branches/4.9@43614


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43443 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-03 21:01:26 +00:00
John Blackbourn f4f66b96b1 Customize: Increase the colour contrast of the line numbers in CodeMirror.
Props earnjam, abdullahramzan, audrasjb, Luminus

Fixes #44763

Merges [43574] to the 4.9 branch.

Built from https://develop.svn.wordpress.org/branches/4.9@43575


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-19 11:03:27 +00:00
Dominik Schilling 4ae8f8d4e6 Bump 4.9 branch to version 4.9.8.
Built from https://develop.svn.wordpress.org/branches/4.9@43552


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-02 20:13:24 +00:00
Aaron Jorbin 9f6f75bd8b Gutenberg: Restrict "Try Gutenberg" based on capability and gutenstatus
When Gutenberg is either not installed, or not activated, only show the callout to users with the `install_plugins` capability.
When Gutenberg is activated, expand that to include all users with the `edit_posts` capability.

4.9 branch commit.

Props pento.
Fixes #44680.


Built from https://develop.svn.wordpress.org/branches/4.9@43544


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43373 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-31 14:52:28 +00:00
Sergey Biryukov deee543f0d Dashboard: Tweak the "Try Gutenberg" callout:
* Introduce `try_gutenberg_learn_more_link` filter that allows hosts or site owners to change the link, to provide extra information about Gutenberg, specific to their service.
* Only display the "Install" buttons if we're able to directly write to disk to install the plugins.
* Make sure the "Dismiss" link works correctly.

Props pento, andrew.taylor, leemon.
Fixes #41316.
Built from https://develop.svn.wordpress.org/branches/4.9@43537


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43366 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-26 15:06:26 +00:00
Gary Pendergast da5f52aae3 Dashboard: Tweak the "Try Gutenberg" subheading line height.
Props pento, pbiron, afercia, SergeyBiryukov.
Fixes #44627.


Built from https://develop.svn.wordpress.org/branches/4.9@43536


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43365 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-26 03:54:24 +00:00
Sergey Biryukov e7c1553bde Privacy: Revert [43525].
The commenter cookies checkbox is not legally required, so should be disabled by default.

Merges [43531] to the 4.9 branch.
Fixes #44373.
Built from https://develop.svn.wordpress.org/branches/4.9@43532


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43361 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-24 17:08:26 +00:00
Sergey Biryukov fa163b9c0a I18N: Separate two "About" strings with different context.
Props desrosj, XpertOne, Nao.
Merges [43527] to the 4.9 branch.
Fixes #44139.
Built from https://develop.svn.wordpress.org/branches/4.9@43528


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43357 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-24 15:06:26 +00:00
Sergey Biryukov c0a7aaf659 Privacy: Remove the setting to enable comment cookies consent added in [43469].
This needs some more work to ensure expected behaviour.

Merges [43525] to the 4.9 branch.
See #44373.
Built from https://develop.svn.wordpress.org/branches/4.9@43526


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-24 12:53:26 +00:00
Gary Pendergast b20bfba009 Dashboard: Improve "Try Gutenberg" subheading appearance for long headings.
When translated, the callout subheadings can wrap onto a new line, which caused them to overlap the paragraph text.

Props earnjam, fierevere.
Fixes #44611.


Built from https://develop.svn.wordpress.org/branches/4.9@43523


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-24 03:05:26 +00:00
Gary Pendergast a9ea4a1f7d Dashboard: Make some of the "Try Gutenberg" links translatable.
Some of the links in the "Try Gutenberg" callout go to wordpress.org, so would potentially be better served by localised site.

Props dimadin.
See #41316.


Built from https://develop.svn.wordpress.org/branches/4.9@43522


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43351 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-24 02:52:29 +00:00
Sergey Biryukov 0dfd159712 Privacy: Improve grammar on Privacy Settings screen.
Props ianbelanger, garrett-eclipse.
Merges [43513] to the 4.9 branch.
Fixes #44612.
Built from https://develop.svn.wordpress.org/branches/4.9@43514


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-19 20:16:26 +00:00
Sergey Biryukov 76138b9b66 Privacy: Use a consistent case for "Privacy Policy page" on Privacy Settings screen.
Props XpertOne, idea15, garrett-eclipse.
Merges [43508] to the 4.9 branch.
Fixes #44130.
Built from https://develop.svn.wordpress.org/branches/4.9@43509


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43338 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-19 12:17:25 +00:00
Sergey Biryukov 4a6101fc53 I18N: Update list of continents and cities for the timezone selection.
Props soulseekah, dyrer.
Merges [43504] to the 4.9 branch.
Fixes #44574.
Built from https://develop.svn.wordpress.org/branches/4.9@43505


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43334 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-18 11:27:24 +00:00
Gary Pendergast bf820c9036 Dashboard: Introduce the "Try Gutenberg" callout.
To encourage folks to prepare for Gutenberg, this new Dashboard box allows site users to easily install and try the Gutenberg plugin now, or to install the Classic Editor plugin before WordPress 5.0 is released.

Props pento, melchoyce, joen, karmatosed, joemcgill, SergeyBiryukov, jorbin, bph, Clorith, afercia, chanthaboune, chrislema, kjellr, matveb, michelleweber.
Fixes #41316.


Built from https://develop.svn.wordpress.org/branches/4.9@43502


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43329 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-18 06:42:26 +00:00
Sergey Biryukov 9ebbcad7a0 Privacy: Mark Privacy Policy page as such in the Pages list table.
Props desrosj, subrataemfluence, ianbelanger, danieltj.
Merges [43495] to the 4.9 branch.
Fixes #44006.
Built from https://develop.svn.wordpress.org/branches/4.9@43496


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43323 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 16:47:26 +00:00
Sergey Biryukov d954d6213a Privacy: Enable pagination screen options for privacy requests list tables.
Props birgire, pbiron.
Merges [43486] to the 4.9 branch.
Fixes #44025.
Built from https://develop.svn.wordpress.org/branches/4.9@43487


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43314 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 16:08:26 +00:00
Sergey Biryukov 7aab30a907 Privacy: Remove some unnecessary code comments.
[42967] introduced some WPCS-related comments, probably accidentally saved by an IDE.

Props burhandodhy.
Merges [43465] to the 4.9 branch.
Fixes #44590.
Built from https://develop.svn.wordpress.org/branches/4.9@43485


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 15:25:24 +00:00
Sergey Biryukov 29dfd13361 Privacy: Rename `username_or_email_to_export` POST variable on Erase Personal Data screen to a more generic `username_or_email_for_privacy_request`.
Props ianbelanger, allendav.
Merges [43478] to the 4.9 branch.
Fixes #44181.
Built from https://develop.svn.wordpress.org/branches/4.9@43479


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43306 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 14:18:27 +00:00
Andrew Ozz eeef639639 Privacy: Add a setting to disable comment cookie consent.
Merges [43469] to the 4.9 branch.
Fixes #44373.
Built from https://develop.svn.wordpress.org/branches/4.9@43470


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 09:30:25 +00:00
Sergey Biryukov c0903e830b Posts, Post Types: Add a new `add_inline_data` action which allows extra fields to be added to the inline editing fields.
Props mensmaximus, NathanAtmoz.
Merges [42676] and [43460] to the 4.9 branch.
Fixes #36085.
Built from https://develop.svn.wordpress.org/branches/4.9@43461


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 15:34:25 +00:00
Sergey Biryukov cb2625e260 Privacy: Use consistent values for the site name and URL used in notification emails.
The functions `send_confirmation_on_profile_email()`, `_wp_privacy_send_request_confirmation_notification()`, `_wp_privacy_send_erasure_fulfillment_notification()`, and `wp_send_user_request()` all include a title and URL indicating the current site. However, so far they have dealt with those values inconsistently, sometimes using the site values, other times using the network values if in a multisite. This changeset ensures that only the current site is taken into account in all cases and that special characters in the site name are consistently decoded.

Props subrataemfluence, desrosj.
Merges [43388], [43390], and [43435] to the 4.9 branch.
Fixes #44396.
Built from https://develop.svn.wordpress.org/branches/4.9@43459


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43286 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 14:24:26 +00:00
Sergey Biryukov 30b402c24b Privacy: append `(Draft)` to draft page titles in the page drop-down on the Privacy Settings screen.
Props allendav, desrosj.
Merges [43376] and [43454] to the 4.9 branch.
Fixes #44100.
Built from https://develop.svn.wordpress.org/branches/4.9@43455


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43282 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 13:52:26 +00:00
Sergey Biryukov 8040b247a4 Privacy: on the Privacy Settings screen change `view` to `preview` when a draft page is selected for the privacy policy.
Props garrett-eclipse, desrosj.
Merges [43374] to the 4.9 branch.
Fixes #44131.
Built from https://develop.svn.wordpress.org/branches/4.9@43453


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 13:30:26 +00:00
Sergey Biryukov b74a18dc8b Privacy: Silence is golden and invisible.
"Be more discrete." declared matt in [3155], and since then, "Silence is Golden" has been the calling card of placeholder index files. Historically, these have been php files, but [43012] changed that and added index.html files for privacy export generated folders.

The php silence files produce no visible content. This adds consistency with these new html files in that there will be no visible content. Silence will fall when the question is asked.

Merges [43446] to the 4.9 branch.
Fixes #44195.
Props audrasjb, rafsuntaskin, Ov3rfly, johnbillion, pento
Built from https://develop.svn.wordpress.org/branches/4.9@43448


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43275 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 12:02:29 +00:00
Aaron Campbell cf8c4fa0d8 Bump 4.9 branch to version 4.9.7
Built from https://develop.svn.wordpress.org/branches/4.9@43407


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-05 16:05:26 +00:00
John Blackbourn 1f5f8129de Security: Harden the random aspect of the hash used for user profile and admin email address changes.
Props BjornW

Fixes #43771

Merges [43367] to the 4.9 branch.

Built from https://develop.svn.wordpress.org/branches/4.9@43368


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:39:07 +00:00
John Blackbourn 15054d8a94 Options, Meta APIs: Use the correct escaping function when outputting the meta box context.
Props khaihong, abdullahramzan, leanderiversen, aryamaaru, lbenicio, palmiak

Fixes #44274

Merges [43365] to the 4.9 branch.

Built from https://develop.svn.wordpress.org/branches/4.9@43366


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43194 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:38:18 +00:00
Sergey Biryukov cd2f52dda1 Privacy: Make sure `wp_add_privacy_policy_content()` does not cause a fatal error by unintentionally flushing rewrite rules outside of the admin context.
Add a `_doing_it_wrong()` message describing the correct usage of the function.

Props kraftbj, azaozz, SergeyBiryukov, YuriV.
Merges [43361], [43362], [43363] to the 4.9 branch.
Fixes #44142.
Built from https://develop.svn.wordpress.org/branches/4.9@43364


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:37:26 +00:00
Sergey Biryukov ea7c189825 Privacy: Only link to menus panel in Customizer if selected privacy page can be accessed there.
Props dlh.
Merges [43343] to the 4.9 branch.
Fixes #44117.
Built from https://develop.svn.wordpress.org/branches/4.9@43358


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43186 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:34:55 +00:00
Sergey Biryukov 567d4b0961 Community Events Dashboard: Always show a WordCamp if one is coming up.
WordCamps are celebrations of the local WordPress Community and once a local one is scheduled, people in that community should know it is coming. This adjusts the WordPress Events in the dashboard widgets to always display a WordCamp, even if there are multiple Meetups happening first.

Props iandunn, metalandcoffee, warmlaundry, alejandroxlopez, jorbin.
Merges [42726], [42728], and [43356] to the 4.9 branch.
Fixes #41112.
Built from https://develop.svn.wordpress.org/branches/4.9@43357


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43185 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:34:30 +00:00
Sergey Biryukov e2bf0ae498 Privacy: Remove unnecessary `This email has been sent to ###EMAIL###` from privacy emails.
The line was copied from the emails that get sent when an email address changes, without considering if it made sense in the new context.

Props iandunn, ianbelanger, desrosj.
Merges [43353] to the 4.9 branch.
Fixes #44030.
Built from https://develop.svn.wordpress.org/branches/4.9@43354


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43182 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:33:14 +00:00
Sergey Biryukov eaf96830ce Privacy: Fix typo in default privacy policy text.
Props garetharnold, abdullahramzan.
Merges [43350] to the 4.9 branch.
Fixes #44166.
Built from https://develop.svn.wordpress.org/branches/4.9@43351


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:31:57 +00:00
Sergey Biryukov 98eb869d8b Docs: Add missing documentation and duplicate hook references for `wp_privacy_personal_data_export_file`, `wp_privacy_personal_data_exporters`, and `wp_privacy_personal_data_erasers` hooks.
Props birgire.
Merges [43303] to the 4.9 branch.
See #44125.
Built from https://develop.svn.wordpress.org/branches/4.9@43305


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43134 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-21 13:16:25 +00:00
Sergey Biryukov e782caa1e7 Comments: Escape permalink values on edit screen to prevent XSS.
There doesn't appear to be any way for an attacker to introduce malicious input into the URL, unless a plugin is filtering the URL to add it, but it's better to be safe than sorry.

Props 1naveengiri, joyously.
Merges [43290] to the 4.9 branch.
Fixes #44115.
Built from https://develop.svn.wordpress.org/branches/4.9@43301


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-21 12:40:26 +00:00