Commit Graph

22843 Commits

Author SHA1 Message Date
Andrew Nacin 1ec392175c Additional checks when evaluating the safety of an HTTP request, to avoid false negatives.
* Check if the host is considered a safe redirect host.
 * Check if the host is another domain in a multisite installation.
 * Add a filter to control this.

This only occurs when the DNS resolution of a domain points elsewhere in an internal network, but only internally (and has its own public IP outside the network). This could be considered a bad configuration.

fixes #24646.



git-svn-id: http://core.svn.wordpress.org/trunk@24915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-31 06:44:57 +00:00
Andrew Nacin 4833e3096b Copy about.php string to freedoms and credits. Update CSS for 3.6 credits. see #24832.
git-svn-id: http://core.svn.wordpress.org/trunk@24913 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-31 06:04:41 +00:00
Bot (Assets) 3f860c8ec4 Compress scripts/styles: 3.7-alpha-24912.
git-svn-id: http://core.svn.wordpress.org/trunk@24912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-31 04:58:59 +00:00
Andrew Nacin a0c25d31c9 New build of MediaElement.js SWF. see #24183.
git-svn-id: http://core.svn.wordpress.org/trunk@24910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-31 04:38:34 +00:00
Andrew Nacin 4df303ff76 Heartbeat: Reduce the heartbeat from 120 sec to 100 sec when the window doesn't have the focus, to be shorter than the post lock expiration window.
props azaozz.
fixes #24894.



git-svn-id: http://core.svn.wordpress.org/trunk@24908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-31 03:23:22 +00:00
Mark Jaquith 4e75adda05 Set post locked info height to auto so it doesn't overlap action links.
Fixes #24553 for trunk. Props azaozz.

git-svn-id: http://core.svn.wordpress.org/trunk@24906 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-31 03:10:00 +00:00
Bot (Translations) 7b44ff4dd3 POT, generated from r24904
git-svn-id: http://core.svn.wordpress.org/trunk@24905 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 23:14:01 +00:00
Lance Willett 3f94f093fa Twenty Thirteen: combine two similar `Nothing Found` strings. Fixes #24891.
git-svn-id: http://core.svn.wordpress.org/trunk@24904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 22:24:53 +00:00
Michael Adams c30925d20e Improved XML handling for oEmbed.
git-svn-id: http://core.svn.wordpress.org/trunk@24902 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 21:57:27 +00:00
Andrew Nacin b1bd0841a4 About page: Fix jQuery version # and decouple this from the string, as we had done in WP 3.3. see #24832.
git-svn-id: http://core.svn.wordpress.org/trunk@24900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 20:26:32 +00:00
Andrew Nacin d02a8008e0 Final final about string fixes. see #24832.
git-svn-id: http://core.svn.wordpress.org/trunk@24898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 19:40:35 +00:00
Andrew Nacin 3fc038fd6f Add missing documentation from [24894]. see #24646.
git-svn-id: http://core.svn.wordpress.org/trunk@24895 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 18:39:57 +00:00
Andrew Nacin 8c7adaa7bd Introduce wp_safe_remote_request(). Also wp_safe_remote_head(), wp_safe_remote_get(), wp_safe_remote_post().
Reverts [24482].

see #24646.



git-svn-id: http://core.svn.wordpress.org/trunk@24894 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 15:37:01 +00:00
Andrew Nacin 64f7fda822 Make remaining about strings translatable. Final tweaks to strings and ordering of "Under the Hood". see #24832.
git-svn-id: http://core.svn.wordpress.org/trunk@24892 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 15:31:18 +00:00
Dion Hulse 94b2ed9164 WP_HTTP: PHPDoc updates for WP_Http::handle_redirects(). Props DrewAPicture. Fixes #16889
git-svn-id: http://core.svn.wordpress.org/trunk@24890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 06:47:03 +00:00
Mark Jaquith c1b6c70ea6 Improve the 3.6 about page "Under the Hood" copy.
Props markjaquith, aaroncampbell. See #24832 for trunk.

git-svn-id: http://core.svn.wordpress.org/trunk@24888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 06:34:24 +00:00
Andrew Nacin ae1fe1a0d6 Add missing gettext. This is not a new string; it already exists a few lines up. props alex-ye, fixes #24880.
git-svn-id: http://core.svn.wordpress.org/trunk@24885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 19:48:41 +00:00
Andrew Nacin 3441fa2faf Rename post_lock_text hook to post_locked_dialog, and lock_taken_over_dialog to post_lock_lost_dialog. fixes #24830 for trunk.
git-svn-id: http://core.svn.wordpress.org/trunk@24884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 19:40:13 +00:00
Aaron Campbell f055ac27d1 Make the `show_post_locked_dialog` filter hide both the post locked and post taken over dialogs
props azaozz, DH-Shredder. Fixes #24830 for trunk.


git-svn-id: http://core.svn.wordpress.org/trunk@24883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 19:25:26 +00:00
Andrew Nacin ee1e8501d1 New build of SWFUpload that ignores URL query strings.
git-svn-id: http://core.svn.wordpress.org/trunk@24880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 19:15:00 +00:00
Mark Jaquith f1b2c07df3 Delete old autosave if new autosave has same content as the post.
Props nacin. Fixes #7392 for trunk.

git-svn-id: http://core.svn.wordpress.org/trunk@24878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 19:06:08 +00:00
Bot (Assets) 2572ccaf00 Compress scripts/styles: 3.7-alpha-24877.
git-svn-id: http://core.svn.wordpress.org/trunk@24877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 18:58:59 +00:00
Jon Cave 5c57c78afa Fix potential SQLi through improper use of API functions.
git-svn-id: http://core.svn.wordpress.org/trunk@24875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 18:16:47 +00:00
Andrew Nacin f39e2c28ce Reset $wpdb->insert_id on a failed INSERT or REPLACE. See [24459] [24494].
git-svn-id: http://core.svn.wordpress.org/trunk@24872 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 18:14:05 +00:00
Andrew Nacin 7f12e16e47 Limit pingback response size. fixes #4137. for trunk.
git-svn-id: http://core.svn.wordpress.org/trunk@24871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 18:00:06 +00:00
Andrew Nacin 93ca609f53 Unique load array in load-scripts and load-styles.
git-svn-id: http://core.svn.wordpress.org/trunk@24868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 17:57:04 +00:00
Andrew Nacin e0c4fc0032 Fix pass by reference issue. see #24873.
git-svn-id: http://core.svn.wordpress.org/trunk@24866 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 17:53:24 +00:00
Mark Jaquith b53325cad3 Revisions: Fix PHP loading of comparison to first revision, and premature rendering of tooltip.
Props aaroncampbell, markjaquith. Fixes #24873 for trunk.

git-svn-id: http://core.svn.wordpress.org/trunk@24864 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 17:26:03 +00:00
Andrew Nacin a1c4a3fb76 Update MediaElement.js SWF file from upstream. Fixes issues with controls. fixes #24183.
git-svn-id: http://core.svn.wordpress.org/trunk@24861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 09:16:02 +00:00
Andrew Nacin c8450ceff1 Change 'Change two revisions' to 'Compare any two revisions' for clarity. props siobhan. see #24804.
git-svn-id: http://core.svn.wordpress.org/trunk@24859 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 06:56:49 +00:00
Andrew Nacin 70109f6202 Update HTML classes in the audio and video shortcodes. props rfair404. fixes #24820.
git-svn-id: http://core.svn.wordpress.org/trunk@24857 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 06:51:46 +00:00
Andrew Nacin e91002f4fb Remove unnecessary cap checks from [24854]. You need these capabilities (or equivalent) to access the screens for these feature pointers. see #24832.
git-svn-id: http://core.svn.wordpress.org/trunk@24855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 06:43:30 +00:00
Mark Jaquith 8abd5bb815 Tooltips for 3.6 features: Revisions, Post Locking.
Props siobhan. See #24832 for trunk.

git-svn-id: http://core.svn.wordpress.org/trunk@24853 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 06:17:01 +00:00
Bot (Assets) 8637a08836 Compress scripts/styles: 3.7-alpha-24851.
git-svn-id: http://core.svn.wordpress.org/trunk@24851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 04:58:59 +00:00
Andrew Nacin 34ce599935 Don't override an existing WP_Error object in wp_authenticate_username_password().
props willnorris.
fixes #19714.



git-svn-id: http://core.svn.wordpress.org/trunk@24850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 03:43:22 +00:00
Andrew Nacin 23bc457498 Avoid racing TinyMCE, which avoids the creation of unnecessary autosaves. props azaozz. see #7392.
git-svn-id: http://core.svn.wordpress.org/trunk@24849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 03:37:14 +00:00
Andrew Nacin 5c20d1eca1 Remove "special" multisite spam check in the authentication API.
The spamming of a site no longer directly affects a user of said site.

Moves the spam check to the wp_authenticate filter. Networks in need
of enhanced spam-fighting should leverage this same technique.

Allow is_user_spammy() to accept a WP_User object.

props willnorris, brianhogg.
fixes #24771. see #19714.



git-svn-id: http://core.svn.wordpress.org/trunk@24848 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 03:23:51 +00:00
Bot (Assets) cc4cedcf59 Compress scripts/styles: 3.7-alpha-24847.
git-svn-id: http://core.svn.wordpress.org/trunk@24847 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 02:58:58 +00:00
Dion Hulse ac424c08ca WP_HTTP: When multiple location headers are specified, use the last specified location url as the redirect location. Fixes #16890
git-svn-id: http://core.svn.wordpress.org/trunk@24846 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 02:11:46 +00:00
Dion Hulse d6656cc1f1 WP_HTTP: Fsockopen: Respect a specified Host header in the Fsockopen WP_HTTP transport. Fixes #24182
git-svn-id: http://core.svn.wordpress.org/trunk@24845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 01:47:01 +00:00
Andrew Nacin edc0882d2f If wp-login.php is accessed over HTTPS, get_home_url() should not return HTTPS. This is the same assumption we use in the admin.
props willnorris.
fixes #16822.



git-svn-id: http://core.svn.wordpress.org/trunk@24844 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 01:21:27 +00:00
Dion Hulse c61a2dac03 WP_HTTP: Abstract out the Redirection handling code into it's own method and fix a bunch of redirection edgecases at the same time.
Fixes #17588
Fixes 16889
Props wonderboymusic and kovshenin for initial patches


git-svn-id: http://core.svn.wordpress.org/trunk@24843 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 01:19:54 +00:00
Helen Hou-Sandí d8f819fdda Set the default internal search value for the link dialog to be the text that is highlighted in the editor. props greuben. fixes #16276.
git-svn-id: http://core.svn.wordpress.org/trunk@24841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 01:01:33 +00:00
Mark Jaquith 1f312bc6ef Fix wrong use of `esc_html_e()`.
Props ocean90. Fixes #24854 for trunk.

git-svn-id: http://core.svn.wordpress.org/trunk@24840 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 01:00:59 +00:00
Bot (Assets) 1469cb17dd Compress scripts/styles: 3.7-alpha-24839.
git-svn-id: http://core.svn.wordpress.org/trunk@24839 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 00:58:57 +00:00
Mark Jaquith 0a2ca92b33 Fix a variable typo in `get_post_gallery_images()`.
props rodrigosprimo. Fixes #24202 for trunk.

git-svn-id: http://core.svn.wordpress.org/trunk@24837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 00:52:31 +00:00
Mark Jaquith ab09a13efa Rename the new 'left'/'right' flags on the `_wp_post_revision_field_$field` filter to 'from'/'to'.
Fixes #24848 for trunk.

git-svn-id: http://core.svn.wordpress.org/trunk@24835 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-28 23:28:21 +00:00
Helen Hou-Sandí 8d40c02ac4 More betterer theme screenshot scaling when the admin menu is folded. props andrewspittle. fixes #22794.
git-svn-id: http://core.svn.wordpress.org/trunk@24834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-28 23:24:17 +00:00
Andrew Nacin ac1f98d4ce Add description argument to register_taxonomy().
props aaronholbrook.
fixes #24808.



git-svn-id: http://core.svn.wordpress.org/trunk@24833 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-28 23:01:56 +00:00
Lance Willett 7d35419e62 Importing the Further theme, first pass at the new default theme for 2014.
A magazine theme with clean, responsive design focused on highlighting featured content prominently on home page.

This is slated for 3.8. Development will occur in trunk for the theme, and in plugins for the nice-to-have features.

Nice-to-have improvements include:

- Add a Contributors page template to highlight authors.
- Easy-to-manage featured content.
- Add support for an Authors widget to highlight authors.

Welcome, Twenty Fourteen né Further. Props iamtakashi, see #24858.


git-svn-id: http://core.svn.wordpress.org/trunk@24832 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-28 22:55:10 +00:00