desrosj
0df80b099e
WordPress 4.9.11.
...
Built from https://develop.svn.wordpress.org/branches/4.9@46043
git-svn-id: http://core.svn.wordpress.org/branches/4.9@45855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 22:05:54 +00:00
Sergey Biryukov
94aa7baeb2
Escape the output in `wp_ajax_upload_attachment()`.
...
Merges [45936] to the 4.9 branch.
Props whyisjake, sstoqnov.
Built from https://develop.svn.wordpress.org/branches/4.9@45943
git-svn-id: http://core.svn.wordpress.org/branches/4.9@45754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 16:29:27 +00:00
Gary Pendergast
0e494b043d
WordPress 4.9.10
...
Built from https://develop.svn.wordpress.org/branches/4.9@44868
git-svn-id: http://core.svn.wordpress.org/branches/4.9@44699 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-13 00:58:25 +00:00
Sergey Biryukov
176bfb2694
Comments: Improve comment content filtering.
...
Merges [44842] to the 4.9 branch.
Built from https://develop.svn.wordpress.org/branches/4.9@44845
git-svn-id: http://core.svn.wordpress.org/branches/4.9@44677 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-12 22:34:26 +00:00
Gary Pendergast
f105803f14
Dashboard: Remove the Try Gutenberg callout.
...
Merge of [43807] from the 5.0 branch.
Props mukesh27.
Fixes #45063 .
Built from https://develop.svn.wordpress.org/branches/4.9@44106
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43936 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 09:07:26 +00:00
Jeremy Felt
21095bb883
Bump 4.9 branch to version 4.9.9.
...
Built from https://develop.svn.wordpress.org/branches/4.9@44078
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 02:12:11 +00:00
Gary Pendergast
ed38a616b1
Editor: Remove unwanted fields before saving posts.
...
The `meta_input`, `file`, and `guid` fields are not intended to be updated through user input.
Merges [44047] to the 4.9 branch.
Built from https://develop.svn.wordpress.org/branches/4.9@44053
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 01:38:25 +00:00
Peter Wilson
298af5bcf2
Multisite: Validate activation links.
...
Merges [44048] to the 4.9 branch.
Built from https://develop.svn.wordpress.org/branches/4.9@44051
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 01:33:26 +00:00
Sergey Biryukov
b1f105e400
Privacy: Revert [43614] from the 4.9 branch.
...
This change is out of the 4.9.x scope, and will be reintroduced in 5.0.x.
See #43985 .
Built from https://develop.svn.wordpress.org/branches/4.9@43705
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-11 04:04:26 +00:00
Sergey Biryukov
319971e3ed
Customize: Revert [43575] from the 4.9 branch.
...
This change is out of the 4.9.x scope, and will be reintroduced in 5.0.x.
See #44763 .
Built from https://develop.svn.wordpress.org/branches/4.9@43699
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-11 03:41:25 +00:00
Adam Silverstein
b250096446
Try Gutenberg callout: improve formatting for Internet Explorer 11.
...
Correct an issue where the layout of the "Try Gutenberg" callout added in #41316 falls apart under IE11.
Props kjellr, ianbelanger, pbiron, Luciano Croce, belcherj, ryansommers.
Fixes #44742 .
Built from https://develop.svn.wordpress.org/branches/4.9@43674
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-05 14:51:26 +00:00
Sergey Biryukov
f0001b7423
Docs: Correct `@since` value for `_wp_privacy_statuses()`.
...
Fix typo in `@since` entry for `WP_Privacy_Policy_Content:add()`.
Props dimadin.
Merges [43638] to the 4.9 branch.
Fixes #44915 .
Built from https://develop.svn.wordpress.org/branches/4.9@43639
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43468 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-13 10:22:24 +00:00
Sergey Biryukov
7296f063d7
Help/About: Ensure the space after the period for the 4.9.8 changelog entry is preserved.
...
Props chetan200891, burhandodhy, swissspidy.
Fixes #44717 .
Built from https://develop.svn.wordpress.org/branches/4.9@43622
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43451 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-03 21:36:26 +00:00
Sergey Biryukov
a3ff44115b
Script loader: remove (PHP based) compression from `load-styles.php` and `load-scripts.php`. WIth the amount of scripts and stylesheets grown a lot over the years, it has become pretty slow and consumes a lot of server resources. Also, most servers are set to compress PHP output anyway.
...
Props LucasRolff, azaozz.
Merges [43580] to the 4.9 branch.
Fixes #44815 . See #43308 .
Built from https://develop.svn.wordpress.org/branches/4.9@43618
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-03 21:17:25 +00:00
Sergey Biryukov
74ee7ba44a
Docs: Correct parameter type for `WP_Privacy_Policy_Content::notice()`.
...
Props burhandodhy.
Merges [43609] to the 4.9 branch.
Fixes #44877 .
Built from https://develop.svn.wordpress.org/branches/4.9@43615
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43444 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-03 21:04:26 +00:00
Sergey Biryukov
a69b052f3f
Privacy: Ensure the user request email is sent in the requested user's locale (or the site's default locale if they are not a registered user) when the administrator creating the request uses a different locale.
...
Props desrosj, Chouby, iandunn, lbenicio, birgire, earnjam, swissspidy, garrett-eclipse.
Merges [43568] to the 4.9 branch.
Fixes #43985 .
Built from https://develop.svn.wordpress.org/branches/4.9@43614
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43443 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-03 21:01:26 +00:00
John Blackbourn
f4f66b96b1
Customize: Increase the colour contrast of the line numbers in CodeMirror.
...
Props earnjam, abdullahramzan, audrasjb, Luminus
Fixes #44763
Merges [43574] to the 4.9 branch.
Built from https://develop.svn.wordpress.org/branches/4.9@43575
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-19 11:03:27 +00:00
Dominik Schilling
4ae8f8d4e6
Bump 4.9 branch to version 4.9.8.
...
Built from https://develop.svn.wordpress.org/branches/4.9@43552
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-02 20:13:24 +00:00
Aaron Jorbin
9f6f75bd8b
Gutenberg: Restrict "Try Gutenberg" based on capability and gutenstatus
...
When Gutenberg is either not installed, or not activated, only show the callout to users with the `install_plugins` capability.
When Gutenberg is activated, expand that to include all users with the `edit_posts` capability.
4.9 branch commit.
Props pento.
Fixes #44680 .
Built from https://develop.svn.wordpress.org/branches/4.9@43544
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43373 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-31 14:52:28 +00:00
Sergey Biryukov
deee543f0d
Dashboard: Tweak the "Try Gutenberg" callout:
...
* Introduce `try_gutenberg_learn_more_link` filter that allows hosts or site owners to change the link, to provide extra information about Gutenberg, specific to their service.
* Only display the "Install" buttons if we're able to directly write to disk to install the plugins.
* Make sure the "Dismiss" link works correctly.
Props pento, andrew.taylor, leemon.
Fixes #41316 .
Built from https://develop.svn.wordpress.org/branches/4.9@43537
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43366 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-26 15:06:26 +00:00
Gary Pendergast
da5f52aae3
Dashboard: Tweak the "Try Gutenberg" subheading line height.
...
Props pento, pbiron, afercia, SergeyBiryukov.
Fixes #44627 .
Built from https://develop.svn.wordpress.org/branches/4.9@43536
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43365 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-26 03:54:24 +00:00
Sergey Biryukov
e7c1553bde
Privacy: Revert [43525].
...
The commenter cookies checkbox is not legally required, so should be disabled by default.
Merges [43531] to the 4.9 branch.
Fixes #44373 .
Built from https://develop.svn.wordpress.org/branches/4.9@43532
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43361 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-24 17:08:26 +00:00
Sergey Biryukov
fa163b9c0a
I18N: Separate two "About" strings with different context.
...
Props desrosj, XpertOne, Nao.
Merges [43527] to the 4.9 branch.
Fixes #44139 .
Built from https://develop.svn.wordpress.org/branches/4.9@43528
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43357 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-24 15:06:26 +00:00
Sergey Biryukov
c0a7aaf659
Privacy: Remove the setting to enable comment cookies consent added in [43469].
...
This needs some more work to ensure expected behaviour.
Merges [43525] to the 4.9 branch.
See #44373 .
Built from https://develop.svn.wordpress.org/branches/4.9@43526
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-24 12:53:26 +00:00
Gary Pendergast
b20bfba009
Dashboard: Improve "Try Gutenberg" subheading appearance for long headings.
...
When translated, the callout subheadings can wrap onto a new line, which caused them to overlap the paragraph text.
Props earnjam, fierevere.
Fixes #44611 .
Built from https://develop.svn.wordpress.org/branches/4.9@43523
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-24 03:05:26 +00:00
Gary Pendergast
a9ea4a1f7d
Dashboard: Make some of the "Try Gutenberg" links translatable.
...
Some of the links in the "Try Gutenberg" callout go to wordpress.org, so would potentially be better served by localised site.
Props dimadin.
See #41316 .
Built from https://develop.svn.wordpress.org/branches/4.9@43522
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43351 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-24 02:52:29 +00:00
Sergey Biryukov
0dfd159712
Privacy: Improve grammar on Privacy Settings screen.
...
Props ianbelanger, garrett-eclipse.
Merges [43513] to the 4.9 branch.
Fixes #44612 .
Built from https://develop.svn.wordpress.org/branches/4.9@43514
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-19 20:16:26 +00:00
Sergey Biryukov
76138b9b66
Privacy: Use a consistent case for "Privacy Policy page" on Privacy Settings screen.
...
Props XpertOne, idea15, garrett-eclipse.
Merges [43508] to the 4.9 branch.
Fixes #44130 .
Built from https://develop.svn.wordpress.org/branches/4.9@43509
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43338 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-19 12:17:25 +00:00
Sergey Biryukov
4a6101fc53
I18N: Update list of continents and cities for the timezone selection.
...
Props soulseekah, dyrer.
Merges [43504] to the 4.9 branch.
Fixes #44574 .
Built from https://develop.svn.wordpress.org/branches/4.9@43505
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43334 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-18 11:27:24 +00:00
Gary Pendergast
bf820c9036
Dashboard: Introduce the "Try Gutenberg" callout.
...
To encourage folks to prepare for Gutenberg, this new Dashboard box allows site users to easily install and try the Gutenberg plugin now, or to install the Classic Editor plugin before WordPress 5.0 is released.
Props pento, melchoyce, joen, karmatosed, joemcgill, SergeyBiryukov, jorbin, bph, Clorith, afercia, chanthaboune, chrislema, kjellr, matveb, michelleweber.
Fixes #41316 .
Built from https://develop.svn.wordpress.org/branches/4.9@43502
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43329 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-18 06:42:26 +00:00
Sergey Biryukov
9ebbcad7a0
Privacy: Mark Privacy Policy page as such in the Pages list table.
...
Props desrosj, subrataemfluence, ianbelanger, danieltj.
Merges [43495] to the 4.9 branch.
Fixes #44006 .
Built from https://develop.svn.wordpress.org/branches/4.9@43496
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43323 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 16:47:26 +00:00
Sergey Biryukov
d954d6213a
Privacy: Enable pagination screen options for privacy requests list tables.
...
Props birgire, pbiron.
Merges [43486] to the 4.9 branch.
Fixes #44025 .
Built from https://develop.svn.wordpress.org/branches/4.9@43487
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43314 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 16:08:26 +00:00
Sergey Biryukov
7aab30a907
Privacy: Remove some unnecessary code comments.
...
[42967] introduced some WPCS-related comments, probably accidentally saved by an IDE.
Props burhandodhy.
Merges [43465] to the 4.9 branch.
Fixes #44590 .
Built from https://develop.svn.wordpress.org/branches/4.9@43485
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 15:25:24 +00:00
Sergey Biryukov
29dfd13361
Privacy: Rename `username_or_email_to_export` POST variable on Erase Personal Data screen to a more generic `username_or_email_for_privacy_request`.
...
Props ianbelanger, allendav.
Merges [43478] to the 4.9 branch.
Fixes #44181 .
Built from https://develop.svn.wordpress.org/branches/4.9@43479
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43306 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 14:18:27 +00:00
Andrew Ozz
eeef639639
Privacy: Add a setting to disable comment cookie consent.
...
Merges [43469] to the 4.9 branch.
Fixes #44373 .
Built from https://develop.svn.wordpress.org/branches/4.9@43470
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 09:30:25 +00:00
Sergey Biryukov
c0903e830b
Posts, Post Types: Add a new `add_inline_data` action which allows extra fields to be added to the inline editing fields.
...
Props mensmaximus, NathanAtmoz.
Merges [42676] and [43460] to the 4.9 branch.
Fixes #36085 .
Built from https://develop.svn.wordpress.org/branches/4.9@43461
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 15:34:25 +00:00
Sergey Biryukov
cb2625e260
Privacy: Use consistent values for the site name and URL used in notification emails.
...
The functions `send_confirmation_on_profile_email()`, `_wp_privacy_send_request_confirmation_notification()`, `_wp_privacy_send_erasure_fulfillment_notification()`, and `wp_send_user_request()` all include a title and URL indicating the current site. However, so far they have dealt with those values inconsistently, sometimes using the site values, other times using the network values if in a multisite. This changeset ensures that only the current site is taken into account in all cases and that special characters in the site name are consistently decoded.
Props subrataemfluence, desrosj.
Merges [43388], [43390], and [43435] to the 4.9 branch.
Fixes #44396 .
Built from https://develop.svn.wordpress.org/branches/4.9@43459
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43286 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 14:24:26 +00:00
Sergey Biryukov
30b402c24b
Privacy: append `(Draft)` to draft page titles in the page drop-down on the Privacy Settings screen.
...
Props allendav, desrosj.
Merges [43376] and [43454] to the 4.9 branch.
Fixes #44100 .
Built from https://develop.svn.wordpress.org/branches/4.9@43455
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43282 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 13:52:26 +00:00
Sergey Biryukov
8040b247a4
Privacy: on the Privacy Settings screen change `view` to `preview` when a draft page is selected for the privacy policy.
...
Props garrett-eclipse, desrosj.
Merges [43374] to the 4.9 branch.
Fixes #44131 .
Built from https://develop.svn.wordpress.org/branches/4.9@43453
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 13:30:26 +00:00
Sergey Biryukov
b74a18dc8b
Privacy: Silence is golden and invisible.
...
"Be more discrete." declared matt in [3155], and since then, "Silence is Golden" has been the calling card of placeholder index files. Historically, these have been php files, but [43012] changed that and added index.html files for privacy export generated folders.
The php silence files produce no visible content. This adds consistency with these new html files in that there will be no visible content. Silence will fall when the question is asked.
Merges [43446] to the 4.9 branch.
Fixes #44195 .
Props audrasjb, rafsuntaskin, Ov3rfly, johnbillion, pento
Built from https://develop.svn.wordpress.org/branches/4.9@43448
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43275 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 12:02:29 +00:00
Aaron Campbell
cf8c4fa0d8
Bump 4.9 branch to version 4.9.7
...
Built from https://develop.svn.wordpress.org/branches/4.9@43407
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-05 16:05:26 +00:00
John Blackbourn
1f5f8129de
Security: Harden the random aspect of the hash used for user profile and admin email address changes.
...
Props BjornW
Fixes #43771
Merges [43367] to the 4.9 branch.
Built from https://develop.svn.wordpress.org/branches/4.9@43368
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:39:07 +00:00
John Blackbourn
15054d8a94
Options, Meta APIs: Use the correct escaping function when outputting the meta box context.
...
Props khaihong, abdullahramzan, leanderiversen, aryamaaru, lbenicio, palmiak
Fixes #44274
Merges [43365] to the 4.9 branch.
Built from https://develop.svn.wordpress.org/branches/4.9@43366
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43194 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:38:18 +00:00
Sergey Biryukov
cd2f52dda1
Privacy: Make sure `wp_add_privacy_policy_content()` does not cause a fatal error by unintentionally flushing rewrite rules outside of the admin context.
...
Add a `_doing_it_wrong()` message describing the correct usage of the function.
Props kraftbj, azaozz, SergeyBiryukov, YuriV.
Merges [43361], [43362], [43363] to the 4.9 branch.
Fixes #44142 .
Built from https://develop.svn.wordpress.org/branches/4.9@43364
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:37:26 +00:00
Sergey Biryukov
ea7c189825
Privacy: Only link to menus panel in Customizer if selected privacy page can be accessed there.
...
Props dlh.
Merges [43343] to the 4.9 branch.
Fixes #44117 .
Built from https://develop.svn.wordpress.org/branches/4.9@43358
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43186 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:34:55 +00:00
Sergey Biryukov
567d4b0961
Community Events Dashboard: Always show a WordCamp if one is coming up.
...
WordCamps are celebrations of the local WordPress Community and once a local one is scheduled, people in that community should know it is coming. This adjusts the WordPress Events in the dashboard widgets to always display a WordCamp, even if there are multiple Meetups happening first.
Props iandunn, metalandcoffee, warmlaundry, alejandroxlopez, jorbin.
Merges [42726], [42728], and [43356] to the 4.9 branch.
Fixes #41112 .
Built from https://develop.svn.wordpress.org/branches/4.9@43357
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43185 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:34:30 +00:00
Sergey Biryukov
e2bf0ae498
Privacy: Remove unnecessary `This email has been sent to ###EMAIL###` from privacy emails.
...
The line was copied from the emails that get sent when an email address changes, without considering if it made sense in the new context.
Props iandunn, ianbelanger, desrosj.
Merges [43353] to the 4.9 branch.
Fixes #44030 .
Built from https://develop.svn.wordpress.org/branches/4.9@43354
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43182 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:33:14 +00:00
Sergey Biryukov
eaf96830ce
Privacy: Fix typo in default privacy policy text.
...
Props garetharnold, abdullahramzan.
Merges [43350] to the 4.9 branch.
Fixes #44166 .
Built from https://develop.svn.wordpress.org/branches/4.9@43351
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:31:57 +00:00
Sergey Biryukov
98eb869d8b
Docs: Add missing documentation and duplicate hook references for `wp_privacy_personal_data_export_file`, `wp_privacy_personal_data_exporters`, and `wp_privacy_personal_data_erasers` hooks.
...
Props birgire.
Merges [43303] to the 4.9 branch.
See #44125 .
Built from https://develop.svn.wordpress.org/branches/4.9@43305
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43134 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-21 13:16:25 +00:00
Sergey Biryukov
e782caa1e7
Comments: Escape permalink values on edit screen to prevent XSS.
...
There doesn't appear to be any way for an attacker to introduce malicious input into the URL, unless a plugin is filtering the URL to add it, but it's better to be safe than sorry.
Props 1naveengiri, joyously.
Merges [43290] to the 4.9 branch.
Fixes #44115 .
Built from https://develop.svn.wordpress.org/branches/4.9@43301
git-svn-id: http://core.svn.wordpress.org/branches/4.9@43130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-21 12:40:26 +00:00