Commit Graph

41134 Commits

Author SHA1 Message Date
whyisjake 72130f11d0 Administration: Ensure that admin referer nonce is valid.
Fix for a testing regression.

Props desrosj.

Built from https://develop.svn.wordpress.org/trunk@46485


git-svn-id: http://core.svn.wordpress.org/trunk@46283 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-14 17:15:06 +00:00
whyisjake 89468bfb89 REST API: Ensure that we don't generate warnings from sending extra headers after headers have been sent.
Fixes issues stemming from [46478].


Built from https://develop.svn.wordpress.org/trunk@46483


git-svn-id: http://core.svn.wordpress.org/trunk@46281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-14 16:25:04 +00:00
whyisjake b224c251ad REST API: Send a Vary: Origin header on GET requests.
Add this header on all GET requests to prevent cached requests.

Props darthhexx, davidbinda, nickdaugherty, whyisjake.

Built from https://develop.svn.wordpress.org/trunk@46478


git-svn-id: http://core.svn.wordpress.org/trunk@46276 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-14 15:43:04 +00:00
whyisjake b183fd1cca Administration: Ensure that admin referer nonce is valid.
Coding standards, ensure that nonce is valid with identical, rather then equal operator.

Props vortfu, xknown, whyisjake.

Built from https://develop.svn.wordpress.org/trunk@46477


git-svn-id: http://core.svn.wordpress.org/trunk@46275 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-14 15:40:04 +00:00
whyisjake 2524ba3aec Filesystem API: Prevent directory travelersals when creating new folders.
Reject file paths that contain sub-directory paths.

Props iandunn, xknown, sstoqnov, whyisjake.

Built from https://develop.svn.wordpress.org/trunk@46476


git-svn-id: http://core.svn.wordpress.org/trunk@46274 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-14 15:31:04 +00:00
whyisjake 608d39faed HTTP API: Protect against hex interpretation.
Return earlier from wp_http_validate_url().

Props: iandunn, xknown, voldemortensen, whyisjake.

Built from https://develop.svn.wordpress.org/trunk@46475


git-svn-id: http://core.svn.wordpress.org/trunk@46273 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-14 15:27:04 +00:00
whyisjake 946ec8492f Query: Remove the static query property.
Prevent unauthenticated views of publicly queryables content types.

Props aaroncampbell, whyisjake, nickdaugherty, xknown.

Built from https://develop.svn.wordpress.org/trunk@46474


git-svn-id: http://core.svn.wordpress.org/trunk@46272 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-14 15:20:03 +00:00
Sergey Biryukov 9db44754b9 Formatting: In `wp_validate_redirect()`, normalize the path when validating the location for relative URLs, to account for Windows paths.
Props peterwilsoncc, rconde, jmmathc, mat-lipe, Sixes, justinahinon, cmagrin, daxelrod, SergeyBiryukov.
Fixes #47980.
Built from https://develop.svn.wordpress.org/trunk@46472


git-svn-id: http://core.svn.wordpress.org/trunk@46270 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-14 10:52:04 +00:00
Sergey Biryukov e8fcc3fbe7 Docs: Fix typo in a comment in `WP_REST_Settings_Controller::prepare_value()`.
Convert the comment to a multi-line format per the documentation standards.

Props itowhid06.
See #48296.
Built from https://develop.svn.wordpress.org/trunk@46471


git-svn-id: http://core.svn.wordpress.org/trunk@46269 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-13 10:02:04 +00:00
Peter Wilson 5d6cd13597 Docs: Correct documentation typo in print_emoji_detection_script().
Props itowhid06.
Fixes #48298. See #47110.

Built from https://develop.svn.wordpress.org/trunk@46470


git-svn-id: http://core.svn.wordpress.org/trunk@46268 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-13 02:48:01 +00:00
Peter Wilson 8730eb34e3 Docs: Correct comment typo in WP_REST_Terms_Controller::update_item().
Props manikmist09.
Fixes #48295. See #47110.

Built from https://develop.svn.wordpress.org/trunk@46469


git-svn-id: http://core.svn.wordpress.org/trunk@46267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-13 02:42:01 +00:00
John Blackbourn 41d6b80d03 Docs: Fix and improve inline documentation for the HTTP API.
See #47110

Built from https://develop.svn.wordpress.org/trunk@46468


git-svn-id: http://core.svn.wordpress.org/trunk@46266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-12 18:05:04 +00:00
Sergey Biryukov 634242343c Users: Make sure `wp_logout()` clears current user, so that a subsequent call to `is_user_logged_in()` works as expected.
Props sebastian.pisula, donmhico, roytanck, juliobox.
Fixes #35488.
Built from https://develop.svn.wordpress.org/trunk@46467


git-svn-id: http://core.svn.wordpress.org/trunk@46265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-12 03:10:03 +00:00
Sergey Biryukov 4ca89cecbd Tests: Rename tests methods in `tests/pluggable.php` per the handbook's naming convention.
See #47632.
Built from https://develop.svn.wordpress.org/trunk@46466


git-svn-id: http://core.svn.wordpress.org/trunk@46264 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-12 03:02:03 +00:00
Sergey Biryukov cf1c5e1b54 Docs: Adjust `@since` note in `shortcode_parse_atts()` for consistency with similar notes.
See #47863.
Built from https://develop.svn.wordpress.org/trunk@46465


git-svn-id: http://core.svn.wordpress.org/trunk@46263 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-12 02:50:03 +00:00
Sergey Biryukov b0e0f69b2e I18N: Don't capitalize "Extension" in `update_core()`, for consistency with other strings.
Follow-up to [46455].

See #47699.
Built from https://develop.svn.wordpress.org/trunk@46464


git-svn-id: http://core.svn.wordpress.org/trunk@46262 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-12 02:42:01 +00:00
Sergey Biryukov e19329bad0 Docs: Add `requires_php` to the list of fields returned by `plugins_api()`.
Props ediamin.
Fixes #48291.
Built from https://develop.svn.wordpress.org/trunk@46463


git-svn-id: http://core.svn.wordpress.org/trunk@46261 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-12 02:35:04 +00:00
Sergey Biryukov b78a40aa4c Formatting: Make sure `wp_sanitize_redirect()` encodes spaces in URLs instead of stripping them out.
Props donmhico, hlashbrooke, dd32, azaozz.
Fixes #36998.
Built from https://develop.svn.wordpress.org/trunk@46462


git-svn-id: http://core.svn.wordpress.org/trunk@46260 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-11 23:54:03 +00:00
antpb 97356bbd75 Media: Adds Edit Image controller to Media Library `select` frame.
This adds the necessary state for `EditImage` views in the `select` frame and listeners for setting that view.

Props fblaser, w3rkjana, afercia, antpb.
See #48028.

Built from https://develop.svn.wordpress.org/trunk@46461


git-svn-id: http://core.svn.wordpress.org/trunk@46259 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-11 20:43:03 +00:00
antpb ebd52ce048 Administration: Prevents horizontal scroll jumping around while admin menu is open.
This sets the `#adminmenuback` `position` CSS property to `fixed`.

Props promz, man4toman.
Fixes #47010.

Built from https://develop.svn.wordpress.org/trunk@46460


git-svn-id: http://core.svn.wordpress.org/trunk@46258 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-11 19:22:02 +00:00
Mike Schroder 66c8085fc4 Media: Update fallback previews to support `_wp_make_subsizes()`
Allows fallback previews (PDF by default, in core) to save image meta
after each size is generated to allow for resuming, and make sizes
immediately available.

Props azaozz, antpb, progremzion, mikeschroder.
See #48111.
Built from https://develop.svn.wordpress.org/trunk@46459


git-svn-id: http://core.svn.wordpress.org/trunk@46257 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-11 07:54:03 +00:00
Aaron Jorbin 742537ac3d Cron: Prevent sending headers when using ALTERNATE_WP_CRON
ALTERNATE_WP_CRON echos things which causes a "Headers already sent" warning. This adds a check to ensure headers haven't already been sent.

Previously: [45560]

See: #45560. Fixes #48283.
Props dlh.


Built from https://develop.svn.wordpress.org/trunk@46458


git-svn-id: http://core.svn.wordpress.org/trunk@46256 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-10 22:52:03 +00:00
Dominik Schilling c621d4fb3f Themes: Convert core-provided starter content to block content.
Props Clorith.
Fixes #48130.
Built from https://develop.svn.wordpress.org/trunk@46457


git-svn-id: http://core.svn.wordpress.org/trunk@46255 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-10 19:07:05 +00:00
K. Adam White 1a8aba96e7 REST API: Fix error in _fields filtering logic where only one of several requested sibling properties would be included.
Props kadamwhite, TimothyBlynJacobs.
Fixes #48266.

Built from https://develop.svn.wordpress.org/trunk@46456


git-svn-id: http://core.svn.wordpress.org/trunk@46254 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-10 17:18:03 +00:00
desrosj c6d3987b08 Upgrade/Install: Detect the presence of the native PHP JSON extension before updating.
The PHP native JSON extension has been bundled and compiled with PHP by default since version 5.2.0. Because the minimum version of PHP required by WordPress is now 5.6.20 (see #46594 and [45058]), the related polyfills and workarounds have been removed (see [46205-46206,46208]).

However, even though the JSON extension is now included in PHP by default, it is still possible to disable the extension in a custom configuration. This change will prevent sites from upgrading if the JSON extension is disabled to prevent compatibility issues.

Props jrf, jorbin, dd32, desrosj.
Fixes #47699.
Built from https://develop.svn.wordpress.org/trunk@46455


git-svn-id: http://core.svn.wordpress.org/trunk@46253 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-09 22:22:04 +00:00
K. Adam White 55560a708f REST API: Do not addslash when receiving meta arrays of non-string values.
Slashing non-string data caused PUT requests containing unmodified meta arrays of integers to fail the check against the existing stored meta value, causing a 500 when posting an unmodified response body back to the server.

Props TimothyBlynJacobs, augustuswm.
Fixes #48264.

Built from https://develop.svn.wordpress.org/trunk@46454


git-svn-id: http://core.svn.wordpress.org/trunk@46252 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-09 17:36:01 +00:00
whyisjake ec02d199f4 Administration: Ensure visual consistency with large titles in the sidebar.
Custom posts, and other menu titles that are long aren't wrapping correctly.

Props jagirbaheshwp, munyagu, harshbarach, hareesh-pillai, pratikkry, naveenkharwar, mukesh27, dushanthi, worldweb, audrasjb, afercia, amolv, iqbalbary, davidbaumwald.
Fixes #42201

Built from https://develop.svn.wordpress.org/trunk@46453


git-svn-id: http://core.svn.wordpress.org/trunk@46251 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-09 04:58:02 +00:00
Sergey Biryukov 13eecfc861 Docs: Tweak the `@since` note in `Walker::walk()` and `::paged_walk()` for better readability and consistency with other notes.
See #47678.
Built from https://develop.svn.wordpress.org/trunk@46452


git-svn-id: http://core.svn.wordpress.org/trunk@46250 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-09 04:35:01 +00:00
Sergey Biryukov 8d1e51e9c7 Docs: Add a `@since` note about new parameters with the spread operator added to function signatures.
Props jrf.
See #47678.
Built from https://develop.svn.wordpress.org/trunk@46451


git-svn-id: http://core.svn.wordpress.org/trunk@46249 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-09 04:28:02 +00:00
desrosj 6a38614ffe Bundled Themes: Update/audit NPM dependencies for Twenty Nineteen.
Also, ignore the `node_modules` folder for Twenty Nineteen.

Fixes #48262.
Built from https://develop.svn.wordpress.org/trunk@46450


git-svn-id: http://core.svn.wordpress.org/trunk@46248 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 22:19:02 +00:00
Adam Silverstein 376c13f07c Post WordPress 5.3 Beta 3 version bump.
Built from https://develop.svn.wordpress.org/trunk@46449


git-svn-id: http://core.svn.wordpress.org/trunk@46247 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 20:47:02 +00:00
Adam Silverstein 0820f95896 WordPress 5.3 Beta 3.
Built from https://develop.svn.wordpress.org/trunk@46448


git-svn-id: http://core.svn.wordpress.org/trunk@46246 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 19:59:03 +00:00
Dominik Schilling 0b67a91c1c Bundled Themes: Fix JSHint error in [46445]
Props ianbelanger.
See #48110.
Built from https://develop.svn.wordpress.org/trunk@46447


git-svn-id: http://core.svn.wordpress.org/trunk@46245 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 19:52:03 +00:00
desrosj faaf3be0b1 Bundled Themes: Change the `eol-style` property to `native` for Twenty Twenty files.
Props aazaozz, desrosj.
See #48110.
Built from https://develop.svn.wordpress.org/trunk@46446


git-svn-id: http://core.svn.wordpress.org/trunk@46244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 19:21:02 +00:00
desrosj a734d8eea1 Bundled Themes: Update Twenty Twenty.
This brings `trunk`'s version of Twenty Twenty in-sync with GitHub.

For a complete list of changes since [46357], see 7157870...7246fd6.

Props anlino, ianbelanger, poena, williampatton, nielslange, acosmin, netweb, joyusly, luminuu, itowhid06, cbravobernal, intimez, glauberglauber, ocean90, amolv, briceduclos, aristath, mukesh27, garrett-eclipse, audrasjb, afercia, dianeco, utsav72640, mahesh901122, tobifjellner.
See #48110.
Built from https://develop.svn.wordpress.org/trunk@46445


git-svn-id: http://core.svn.wordpress.org/trunk@46243 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 19:08:07 +00:00
Sergey Biryukov 843c39b9bc Themes: Properly align Close/Previous/Next icons in theme preview overlay.
Props chetan200891.
Fixes #48248.
Built from https://develop.svn.wordpress.org/trunk@46444


git-svn-id: http://core.svn.wordpress.org/trunk@46242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 19:07:04 +00:00
Sergey Biryukov 93279742c1 Themes: Adjust CSS media query for theme overlay to match the breakpoint for a folded admin menu.
Props chetan200891.
Fixes #48250.
Built from https://develop.svn.wordpress.org/trunk@46443


git-svn-id: http://core.svn.wordpress.org/trunk@46241 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 18:49:03 +00:00
Sergey Biryukov 38a8513cf2 Code Modernisation: Introduce the spread operator in `Walker::walk()` and `::paged_walk()`.
Rather than relying on `func_get_args()` to retrieve arbitrary function arguments, we can now use the spread operator to assign them directly to a variable.

This re-applies [45624] and reverts [45640], with a dev note upcoming for plugin authors to maintain backward compatibility with old versions of WordPress.

Props jrf.
See #47678.
Built from https://develop.svn.wordpress.org/trunk@46442


git-svn-id: http://core.svn.wordpress.org/trunk@46240 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 17:56:02 +00:00
johnjamesjacoby 477f0ffd71 Network Admin: Improve Site States in List Table rows.
This commit switches a comparison to a Yoda condition, performs a more strict `intval()` check on the value of the Site Status column, and prevents a specific Site State from appearing in List Table rows when filtering by that same Site State already (to match the behavior of other List Table State implementations.)

Fixes #37684. Props pbiron.
Built from https://develop.svn.wordpress.org/trunk@46441


git-svn-id: http://core.svn.wordpress.org/trunk@46239 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 17:46:02 +00:00
Andrea Fercia a0a037db4d Accessibility: Script Loader: Add jQuery as dependency of `admin-bar`.
On the front end, themes that don't use jQuery make the admin bar fallback to the non-jQuery implementation. Some important features miss from the non-jQuery `admin-bar.js` part, for example `hoverintent` and, most importantly, the touch events for the mobile menu don't work at all.

Enqueueing jQuery is the simplest option for now. For the future, a complete rewriting of `admin-bar.js` in plain JavaScript is highly recommended.

See #47069.

Built from https://develop.svn.wordpress.org/trunk@46440


git-svn-id: http://core.svn.wordpress.org/trunk@46238 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 17:21:13 +00:00
Sergey Biryukov 760a55b310 Docs: Add missing `@deprecated` tags in the file docblock of some deprecated files.
Props jrf.
Fixes #48254.
Built from https://develop.svn.wordpress.org/trunk@46439


git-svn-id: http://core.svn.wordpress.org/trunk@46237 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 17:19:04 +00:00
Andrea Fercia 932df464e6 Accessibility: Media: Improve the logic to render the ARIA tabs markup after [46363].
Additionally checks for the "menu" and "router" state attributes to better determine when the ARIA tabs pattern markup is appropriate.

See #47149.

Built from https://develop.svn.wordpress.org/trunk@46438


git-svn-id: http://core.svn.wordpress.org/trunk@46236 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 17:07:02 +00:00
Sergey Biryukov fefc2f56ed I18N: Add context for the `Archives` string introduced in [45651] as a file type heading, to disambiguate from other types of archives.
Props alexclassroom.
Fixes #48259.
Built from https://develop.svn.wordpress.org/trunk@46437


git-svn-id: http://core.svn.wordpress.org/trunk@46235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 17:04:03 +00:00
Adam Silverstein 9fb51e962a External Libraries: upgrade `mediaelement` to version 4.2.13.
Upgrade `mediaelement` to the latest version. Includes a variety of bug fixes made since the 4.2.6 release; see https://github.com/mediaelement/mediaelement/releases.

Props danieliser, Hareesh Pillai.
Fixes #46681.


Built from https://develop.svn.wordpress.org/trunk@46436


git-svn-id: http://core.svn.wordpress.org/trunk@46234 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 16:06:02 +00:00
K. Adam White ed11103f39 REST API: Ensure rest_controller instantiates the post type's declared REST controller class.
Ensures that the ::get_rest_controller() method will always return an instanceof the expected controller class, or null.
Removes unused private static property $post_type_controllers.

Props dlh, TimothyBlynJacobs.
Fixes #45677.


Built from https://develop.svn.wordpress.org/trunk@46435


git-svn-id: http://core.svn.wordpress.org/trunk@46233 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 13:43:02 +00:00
K. Adam White 5815551dfe REST API: Permit embedding of the 'self' link relation in the /search endpoint.
Removes a special-case prohibition against embedding 'self' which prevented ?_embed from being used with the /wp/v2/search endpoint.

Props TimothyBlynJacobs, chrisvanpatten, kadamwhite.
Fixes #47684.


Built from https://develop.svn.wordpress.org/trunk@46434


git-svn-id: http://core.svn.wordpress.org/trunk@46232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 04:45:02 +00:00
K. Adam White de6d164870 REST API: Ensure users with "moderate_comments" capability may edit comments.
Props meloniq.
Fixes #47024.


Built from https://develop.svn.wordpress.org/trunk@46433


git-svn-id: http://core.svn.wordpress.org/trunk@46231 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 04:02:02 +00:00
Sergey Biryukov bcd399918f Coding Standards: Correct the number of accepted arguments in `add_action()` calls in `wp-includes/default-filters.php` for functions that don't accept any arguments.
Props itowhid06, johnbillion, jrf.
Fixes #48123.
Built from https://develop.svn.wordpress.org/trunk@46432


git-svn-id: http://core.svn.wordpress.org/trunk@46230 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 03:20:02 +00:00
Sergey Biryukov ddcf1fb843 CSS Coding Standards: Use unitless values for `line-height` in `wp-includes/css/media-views.css`.
Follow-up to [45478].

Props ianbelanger, afercia.
Fixes #46529. See #44643.
Built from https://develop.svn.wordpress.org/trunk@46431


git-svn-id: http://core.svn.wordpress.org/trunk@46229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 02:57:03 +00:00
Sergey Biryukov bcd53396f1 Twenty Fourteen: Replace overly broad float-clearing selectors with more specific ones, to avoid unintentionally targeting elements generated by plugins.
Props ianbelanger, iandunn, karmatosed.
Fixes #35779.
Built from https://develop.svn.wordpress.org/trunk@46430


git-svn-id: http://core.svn.wordpress.org/trunk@46228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 02:02:03 +00:00