Commit Graph

100 Commits

Author SHA1 Message Date
Peter Wilson 7442fe63a0 Site Health: Reduce false reports of HTTPS failures.
Reduce severity of failing HTTPS tests from critical to warning. Stop reporting failures if the site is being accessed over HTTPS but `wp_is_https_supported()` indicates a lack of support.

Props annalamprou, AnotherDave, ayeshrajans, bobbingwide, Clorith, dragongate, eatsleepcode, gab81, geoffrey1963, Ipstenu, k3nsai, mmuyskens, nicegamer7, peterwilsoncc, pwallner, SergeyBiryukov, TimothyBlynJacobs, Toru.
Fixes #52783.

Built from https://develop.svn.wordpress.org/trunk@50659


git-svn-id: http://core.svn.wordpress.org/trunk@50271 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-06 03:24:08 +00:00
Peter Wilson 0b9c7b7cdf Site Health: Update loopback test to `POST` to wp-cron.
Replace loopback health check URL with a `POST` request to `wp-cron.php` in the WordPress install directory. This more closely represents how WordPress uses loopback requests.

A `POST` request is used to cause `wp-cron.php` to exit prior to running any cron jobs. This allows the test to indicate success quicker and accounts for sites that set the `DISABLE_WP_CRON` constant to avoid running cron jobs on loopback requests.

Props clorith, peterwilsoncc, TimothyBlynJacobs.
Fixes #52547.


Built from https://develop.svn.wordpress.org/trunk@50399


git-svn-id: http://core.svn.wordpress.org/trunk@50010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-22 00:51:09 +00:00
Peter Wilson c6af819b3a Site Health: Use home page for loopback test.
Use `home_url()` for asynchronous loopback test to ensure correct results on sites with WordPress installed elsewhere, for example WordPress in a sub-directory.

Props Levdbas.
Fixes #52547.


Built from https://develop.svn.wordpress.org/trunk@50381


git-svn-id: http://core.svn.wordpress.org/trunk@49992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-17 23:10:04 +00:00
Sergey Biryukov ea2ff553e9 Site Health: Clarify the recommendation in file uploads test when `post_max_size` is defined as `0`.
This adds a more descriptive text in scenarios where `post_max_size` and `upload_max_filesize` differ, and `post_max_size` is set to a value of `0`.

In some scenarios, PHP may read `0` as a literal zero size, and not as unlimited, which it also means in other scenarios.

See https://www.php.net/manual/en/ini.core.php#ini.post-max-size for details, as PHP 5.3.4 introduced this behavior for literal zero interpretation when the content type of a request is `application/x-www-form-urlencoded` or is not registered with PHP.

Props Clorith, pixolin, helen, ratneshk.
Fixes #51466.
Built from https://develop.svn.wordpress.org/trunk@50263


git-svn-id: http://core.svn.wordpress.org/trunk@49908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-09 12:05:07 +00:00
Felix Arntz dbfbf5501a Security, Site Health: Make migrating a site to HTTPS a one-click interaction.
Switching a WordPress site from HTTP to HTTPS has historically been a tedious task. While on the surface the Site Address and WordPress Address have to be updated, existing content still remains using HTTP URLs where hard-coded in the database. Furthermore, updating _two_ URLs to migrate to HTTPS is still a fairly unintuitive step which is not clearly explained.

This changeset simplifies migration from HTTP to HTTPS and, where possible, makes it a one-click interaction.

* Automatically replace insecure versions of the Site Address (`home_url()`) with its HTTPS counterpart on the fly if the site has been migrated from HTTP to HTTPS. This is accomplished by introducing a `https_migration_required` option and enabling it when the `home_url()` is accordingly changed.
    * A new `wp_replace_insecure_home_url()` function is hooked into various pieces of content to replace URLs accordingly.
    * The migration only kicks in when the Site Address (`home_url()`) and WordPress Address (`site_url()`) match, which is the widely common case. Configurations where these differ are often maintained by more advanced users, where this migration routine would be less essential - something to potentially iterate on in the future though.
    * The migration does not actually update content in the database. More savvy users that prefer to do that can prevent the migration logic from running by either deleting the `https_migration_required` option or using the new `wp_should_replace_insecure_home_url` filter.
    * For fresh sites that do not have any content yet at the point of changing the URLs to HTTPS, the migration will also be skipped since it would not be relevant.
* Expose a primary action in the Site Health recommendation, if HTTPS is already supported by the environment, built on top of the HTTPS detection mechanism from [49904]. When clicked, the default behavior is to update `home_url()` and `site_url()` in one go to their HTTPS counterpart.
    * A new `wp_update_urls_to_https()` function takes care of the update routine.
    * A new `update_https` meta capability is introduced to control access.
    * If the site's URLs are controlled by constants, this update is not automatically possible, so in these scenarios the user is informed about that in the HTTPS status check in Site Health.
* Allow hosting providers to modify the URLs linked to in the HTTPS status check in Site Health, similar to how that is possible for the URLs around updating the PHP version.
    * A `WP_UPDATE_HTTPS_URL` environment variable or `wp_update_https_url` filter can be used to provide a custom URL with guidance about updating the site to use HTTPS.
    * A `WP_DIRECT_UPDATE_HTTPS_URL` environment variable or `wp_direct_update_https_url` filter can be used to provide a custom URL for the primary CTA to update the site to use HTTPS.

Props flixos90, timothyblynjacobs.
Fixes #51437.

Built from https://develop.svn.wordpress.org/trunk@50131


git-svn-id: http://core.svn.wordpress.org/trunk@49810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 00:10:01 +00:00
Felix Arntz 9d348e26f3 Security, Site Health: Improve accuracy in messaging about HTTPS support.
Following up on [49904], this changeset focuses mainly on improving the guidance about the current state of HTTPS in Site Health.

* Correct the existing copy to indicate that both the Site Address and the WordPress Address need to be changed to fully switch to HTTPS.
* Link to the respective input fields via anchor links rather than to the overall General Settings screen.
* Show different copy if the site is using HTTPS for the WordPress Address (for example to have only the administration panel in HTTPS), but not for the Site Address.
* Inform the user about potential problems even when the site is already using HTTPS, for example if the SSL certificate was no longer valid.
* Always rely on fresh information for determining HTTPS support issues in Site Health, and therefore change the `https_status` test to become asynchronous.
* Rename the new private `wp_is_owned_html_output()` function to a more appropriate `wp_is_local_html_output()`.

Props adamsilverstein, flixos90, johnjamesjacoby, timothyblynjacobs.
See #47577.

Built from https://develop.svn.wordpress.org/trunk@50072


git-svn-id: http://core.svn.wordpress.org/trunk@49773 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 19:10:58 +00:00
whyisjake d3d95965dd Site Health: Update php update strings to not overpromise performance.
Fixes #52327.

Props chanthaboune, SergeyBiryukov, audrasjb, Clorith, whyisjake.


Built from https://develop.svn.wordpress.org/trunk@50041


git-svn-id: http://core.svn.wordpress.org/trunk@49742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-28 00:17:58 +00:00
TimothyBlynJacobs 33cb202f07 Site Health: Use a front-end URL for loopback tests.
In [49154] the async Site Health tests were changed to use the REST API instead of admin-ajax. An unintended side effect of this change was that the loopback tests which tried to ping the site's `admin_url()` were no longer authenticated because admin-cookies aren't provided to the REST API.

This commit adjusts the loopback test to use the front-end `site_url` which checks that cron will function properly. A follow-up ticket will focus on tests that will cover the file editor checks.

Props Clorith.
Fixes #52097.
See #48105.

Built from https://develop.svn.wordpress.org/trunk@49917


git-svn-id: http://core.svn.wordpress.org/trunk@49616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-02 20:09:08 +00:00
Felix Arntz c81db1f6e6 Security, Site Health: Detect HTTPS support and encourage switching.
This changeset modifies the Site Health panel for HTTPS to provide more accurate recommendations based on whether the environment is already set up for HTTPS.

* Introduces `wp_is_using_https()` to check whether the site is configured to use HTTPS (via its Site Address and WordPress Address).
* Introduces `wp_is_https_supported()` to check whether the environment supports HTTPS. This relies on a cron job which periodically checks support using a loopback request.

Props Clorith, flixos90, miinasikk, westonruter.
Fixes #47577.

Built from https://develop.svn.wordpress.org/trunk@49904


git-svn-id: http://core.svn.wordpress.org/trunk@49603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-23 19:13:04 +00:00
Sergey Biryukov 05125ed8bf Site Health: Add missing i18n for the App Passwords documentation link.
Follow-up to [49334].

Props tai.
Fixes #51815.
Built from https://develop.svn.wordpress.org/trunk@49650


git-svn-id: http://core.svn.wordpress.org/trunk@49387 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-18 15:04:05 +00:00
TimothyBlynJacobs 2df94804d4 Site Health, App Passwords: Test if the Authorization header is populated correctly.
App Passwords rely on the Authorization header to transport the Basic Auth credentials. For Apache web servers, WordPress automatically includes a RewriteRule to populate the value for servers running in CGI or FastCGI that wouldn't ordinarily populate the value. 

This tests if the header is being filled with the expected values. For Apache users, we direct the user to visit the Permalinks settings to flush their permalinks. For all other users, we direct them to a help document on developer.wordpress.org.

Props Clorith, marybaum, TimothyBlynJacobs.
Fixes #51638.

Built from https://develop.svn.wordpress.org/trunk@49334


git-svn-id: http://core.svn.wordpress.org/trunk@49095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-27 18:32:07 +00:00
Sergey Biryukov ecf8e59918 Docs: Add a `@since` note about `async_direct_test` key to the `site_status_tests` filter.
Follow-up to [49232].

See #51547.
Built from https://develop.svn.wordpress.org/trunk@49266


git-svn-id: http://core.svn.wordpress.org/trunk@49028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-21 14:55:09 +00:00
Sergey Biryukov e38c5ca7d4 Upgrade/Install: Introduce a wrapper for the `auto_update_{$type}` filter checks.
This allows for cleaner checks whether auto-updates are forced for a plugin or theme.

Follow-up to [48750].

Props rebasaurus, garrett-eclipse, SergeyBiryukov.
Fixes #50875.
Built from https://develop.svn.wordpress.org/trunk@49241


git-svn-id: http://core.svn.wordpress.org/trunk@49003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 17:39:07 +00:00
Sergey Biryukov 35681b0e9a Site Health: Introduce the `WP_Site_Health::is_development_environment()` method.
This allows Site Health tests to check if the current environment type is set to `development` or `local`.

Use the new method:
* In HTTPS tests, instead of a hardcoded check for `localhost`.
* In `WP_DEBUG` and `WP_DEBUG_DISPLAY` tests, to set the status to `recommended` instead of `critical`.

Props dkotter, Clorith, DavidAnderson, joyously, knutsp, afragen, SergeyBiryukov.
Fixes #47058.
Built from https://develop.svn.wordpress.org/trunk@49237


git-svn-id: http://core.svn.wordpress.org/trunk@48999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 16:23:07 +00:00
desrosj 8778aa8922 Site Health: Improve the reliability of asynchronous tests.
This change adds additional logic to catch HTTP failures that do not return a `WP_Error` object (for example, a wp-json REST API error error).

This also fixes instances where REST API callbacks performed from cron do not work due to a lack of authentication by introducing a direct callback route that asynchronous tests can register.

Props dd32, clorith, timothyblynjacobs.
Fixes #51547.
Built from https://develop.svn.wordpress.org/trunk@49232


git-svn-id: http://core.svn.wordpress.org/trunk@48994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 14:50:06 +00:00
Sergey Biryukov 651f426b3a General: Remove `noreferrer` from `wp_targeted_link_rel()` and other uses.
When `noopener noreferrer` was originally added in #37941 and related tickets, the `noreferrer` bit was specifically included due to Firefox not supporting `noopener` at the time.

Since `noopener` has been supported by all major browsers for a while, it should now be safe to remove the `noreferrer` attribute from core.

Props Mista-Flo, audrasjb, joostdevalk, jonoaldersonwp, peterwilsoncc, elgameel.
Fixes #49558.
Built from https://develop.svn.wordpress.org/trunk@49215


git-svn-id: http://core.svn.wordpress.org/trunk@48977 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-19 23:39:04 +00:00
Sergey Biryukov 0e3147c40e Coding Standards: Replace alias PHP functions with the canonical names.
Using the canonical function name for PHP functions is strongly recommended, as aliases may be deprecated or removed without (much) warning.

This replaces all uses of the following:
* `join()` with `implode()`
* `sizeof()` with `count()`
* `is_writeable()` with `is_writable()`
* `doubleval()` with a `(float)` cast

In part, this is a follow-up to #47746.

Props jrf.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@49193


git-svn-id: http://core.svn.wordpress.org/trunk@48955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-18 17:27:06 +00:00
TimothyBlynJacobs 039ce3f16f Site Health, REST API: Move async tests to REST API endpoints.
This provides more flexibility when writing tests and benefits from running in a front-end context which is necessary for some tests like checking that updates are supported. Additionally, this provides a more robust interface for developers who want to integrate with Site Health tests.

Because the `wp/v2` endpoint is reserved for modeling core entities, site health is registered in its own `wp-site-health/v1` namespace.

The existing ajax actions have been maintained for backward compatibility.

Props Clorith, chrisvanpatten, afragen, pokhriyal, TimothyBlynJacobs.
Fixes #48105.

Built from https://develop.svn.wordpress.org/trunk@49154


git-svn-id: http://core.svn.wordpress.org/trunk@48916 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-15 02:00:08 +00:00
Sergey Biryukov e50ac120a3 Site Health: Ensure that the tests returned by `WP_Site_Health::get_tests()` always have the required array keys: `direct` and `async`.
This avoids PHP notices if these keys were accidentally removed using the `site_status_tests` filter.

Props khag7, Ov3rfly, desrosj, Clorith.
Fixes #50858.
Built from https://develop.svn.wordpress.org/trunk@48808


git-svn-id: http://core.svn.wordpress.org/trunk@48570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-17 02:03:04 +00:00
Sergey Biryukov 7cb2ca73a2 Site Health: Rename the `$upload_max_size` variable to `$upload_max_filesize`, for consistency with the PHP setting name.
Follow-up to [48535], [48538], [48539], [48544], [48800].

See #50945.
Built from https://develop.svn.wordpress.org/trunk@48801


git-svn-id: http://core.svn.wordpress.org/trunk@48563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-16 17:54:05 +00:00
Sergey Biryukov 88e668d8e6 Site Health: Only display the warning about the `post_max_size` PHP value when it's lower than `upload_max_filesize`.
Previously, the warning was displayed even if the value was higher than `upload_max_filesize`, which made the report inaccurate, as these values don't necessarily have to match.

Props oakesjosh, jeroenrotty, desrosj, Clorith.
Fixes #50945.
Built from https://develop.svn.wordpress.org/trunk@48800


git-svn-id: http://core.svn.wordpress.org/trunk@48562 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-16 17:48:08 +00:00
Sergey Biryukov 1f85e7484f Docs: Consistently use third-person singular verbs for various filter descriptions, per the documentation standards.
See #50768.
Built from https://develop.svn.wordpress.org/trunk@48782


git-svn-id: http://core.svn.wordpress.org/trunk@48544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-11 00:34:08 +00:00
Sergey Biryukov 6b5e748dee Docs: Correct usage of the dynamic `auto_update_{$type}` filter.
This ensures that the canonical name of the filter is used in Site Health debug data, as well as on plugin and theme screens, so the developer reference site remains correct.

Props johnbillion.
Fixes #50868.
Built from https://develop.svn.wordpress.org/trunk@48750


git-svn-id: http://core.svn.wordpress.org/trunk@48512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-07 16:14:03 +00:00
Sergey Biryukov 7e1e4f379a Site Health: Check if `session_status()` exists before calling it.
Props bgermann.
Fixes #50862.
Built from https://develop.svn.wordpress.org/trunk@48742


git-svn-id: http://core.svn.wordpress.org/trunk@48504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-06 00:25:07 +00:00
Sergey Biryukov ef382e6aaf Site Health: Escape the displayed result of the request in REST API availability test.
Props siliconforks, gisselfeldt.
Fixes #50588.
Built from https://develop.svn.wordpress.org/trunk@48608


git-svn-id: http://core.svn.wordpress.org/trunk@48370 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-25 15:38:06 +00:00
Sergey Biryukov 161821d155 Site Health: Correct the quotes for the `tested` value of mock plugin data in auto-updates test.
Follow-up to [48584].

See #50662.
Built from https://develop.svn.wordpress.org/trunk@48587


git-svn-id: http://core.svn.wordpress.org/trunk@48349 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 20:13:05 +00:00
desrosj 231d21ebcd Site Health: Pass all expected parameters to `auto_update_{$type}`.
This prevents fatal errors when other hooked functions are expecting both parameters. 

Props dd32, desrosj, audrasjb, pbiron.
Fixes #50662.
Built from https://develop.svn.wordpress.org/trunk@48584


git-svn-id: http://core.svn.wordpress.org/trunk@48346 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 19:03:04 +00:00
John Blackbourn 124972f2c6 Docs: Further corrections and improvements to various inline docblocks.
See #49572
Built from https://develop.svn.wordpress.org/trunk@48576


git-svn-id: http://core.svn.wordpress.org/trunk@48338 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 07:39:02 +00:00
Sergey Biryukov 88e046f1e8 Site Health: Fix some typos in the test for plugin and theme auto-updates.
Follow-up to [48548], [48558], [48559].

See #50662.
Built from https://develop.svn.wordpress.org/trunk@48560


git-svn-id: http://core.svn.wordpress.org/trunk@48322 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-22 00:17:04 +00:00
Sergey Biryukov c6034be779 Site Health: Correct inverted logic for themes in the test for plugin and theme auto-updates.
Follow-up to [48548], [48558].

See #50662.
Built from https://develop.svn.wordpress.org/trunk@48559


git-svn-id: http://core.svn.wordpress.org/trunk@48321 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-22 00:15:02 +00:00
Sergey Biryukov 93bf0c3b83 Site Health: Add the test for plugin and theme auto-updates to `WP_Site_Health::get_tests()`.
This ensures that the test actually runs.

Follow-up to [48548].

See #50662.
Built from https://develop.svn.wordpress.org/trunk@48558


git-svn-id: http://core.svn.wordpress.org/trunk@48320 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-22 00:07:02 +00:00
whyisjake 9d2b92be26 Site Health: Add tests to check for potential issues with plugin and theme auto-updates.
Fixes #50662.
Props desrosj, audrasjb.

Built from https://develop.svn.wordpress.org/trunk@48548


git-svn-id: http://core.svn.wordpress.org/trunk@48310 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 17:07:05 +00:00
Sergey Biryukov 1c52ad8d3f Site Health: Move `post_max_size` and `upload_max_filesize` out of a translatable string in file upload checks.
Simplify some other strings, use a consistent format for translator comments.

Follow-up to [48535].

See #50038.
Built from https://develop.svn.wordpress.org/trunk@48539


git-svn-id: http://core.svn.wordpress.org/trunk@48301 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 15:53:04 +00:00
Sergey Biryukov bec9fa5010 Site Health: Remove `parse_ini_size()`, use the existing `wp_convert_hr_to_bytes()` function instead.
Follow-up to [48535].

See #50038.
Built from https://develop.svn.wordpress.org/trunk@48538


git-svn-id: http://core.svn.wordpress.org/trunk@48300 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 15:40:03 +00:00
whyisjake 73a8fb4cc3 Site Health: Include new tests to check for the ability to upload files.
Several new checks:

* `max_file_uploads`
* `file_uploads`
* `post_max_size`
* `upload_max_filesize`
* `upload_max`
* `max_file_uploads`

In addition, new function `parse_ini_size()` that converts shorthand byte strings to bytes. Useful for size comparisons.

Fixes #50038.
Props dd32, donmhico, JavierCasares, SergeyBiryukov, ayeshrajans, Clorith, ipstenu, sabernhardt, whyisjake.

Built from https://develop.svn.wordpress.org/trunk@48535


git-svn-id: http://core.svn.wordpress.org/trunk@48297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 15:21:02 +00:00
John Blackbourn 5eb3f0ffcb Docs: Improve docs for arguments that accept a numerically indexed array of associative arrays.
See #49572
Built from https://develop.svn.wordpress.org/trunk@48475


git-svn-id: http://core.svn.wordpress.org/trunk@48244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-14 12:10:05 +00:00
John Blackbourn 4ff1233e75 Docs: Correct and improve inline docs for parameters that accept a callback function.
See #49572
Built from https://develop.svn.wordpress.org/trunk@48473


git-svn-id: http://core.svn.wordpress.org/trunk@48242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-14 11:56:04 +00:00
Sergey Biryukov 054610e276 Text Changes: Remove use of "normal" in user-facing output.
This clarifies some messages referring to Site Health checks and maintenance mode, and makes them more accurate.

Props dartiss.
Fixes #50549.
Built from https://develop.svn.wordpress.org/trunk@48287


git-svn-id: http://core.svn.wordpress.org/trunk@48056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-03 21:59:03 +00:00
Sergey Biryukov c892c420b7 Docs: Miscellaneous DocBlock corrections.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48198


git-svn-id: http://core.svn.wordpress.org/trunk@47967 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-28 11:53:04 +00:00
Sergey Biryukov 56342b8e8f Docs: Replace "AJAX" with "Ajax" in DocBlocks and comments, per the spelling glossary.
Props mukesh27, sabernhardt, SergeyBiryukov.
Fixes #50064.
Built from https://develop.svn.wordpress.org/trunk@48168


git-svn-id: http://core.svn.wordpress.org/trunk@47937 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-25 12:43:07 +00:00
desrosj 4b60af1a6a General: Remove “whitelist” and “blacklist” in favor of more clear and inclusive language.
“The WordPress open source community cares about diversity. We strive to maintain a welcoming environment where everyone can feel included.”

With this commit, all occurrences of “whitelist” and “blacklist” (with the single exception of the `$new_whitelist_options` global variable) are removed. A new ticket has been opened to explore renaming the `$new_whitelist_options` variable (#50434).

Changing to more specific names or rewording sentences containing these terms not only makes the code more inclusive, but also helps provide clarity. These terms are often ambiguous. What is being blocked or allowed is not always immediately clear. This can make it more difficult for non-native English speakers to read through the codebase.

Words matter. If one contributor feels more welcome because these terms are removed, this was worth the effort.

Props strangerstudios, jorbin, desrosj, joemcgill, timothyblynjacobs, ocean90, ayeshrajans, davidbaumwald, earnjam.
See #48900, #50434.
Fixes #50413.
Built from https://develop.svn.wordpress.org/trunk@48121


git-svn-id: http://core.svn.wordpress.org/trunk@47890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-22 17:26:13 +00:00
Sergey Biryukov a576a13246 Docs: Remove an empty line between `@param` and `@return` tags, per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48102


git-svn-id: http://core.svn.wordpress.org/trunk@47871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 11:18:09 +00:00
Sergey Biryukov d528d7a044 Site Health: Use `WP_Theme::parent()` in the inactive themes test as a more reliable check that the parent theme exists.
This is also more consistent with the other instances of directly referencing `WP_Theme::parent()` properties or methods in core.

Props mukesh27, juanlopez4691, davidbaumwald, afragen, SergeyBiryukov.
Fixes #49934.
Built from https://develop.svn.wordpress.org/trunk@47815


git-svn-id: http://core.svn.wordpress.org/trunk@47591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-18 04:38:10 +00:00
Sergey Biryukov 9782eb82ad Site Health: Display the original PHP memory limit on Site Health Info screen.
This ensures that if the limit has been modified for admin screens by `wp_raise_memory_limit()`, the original value is displayed along with the current value.

Props Clorith, espiat, zodiac1978, SergeyBiryukov.
Fixes #49329.
Built from https://develop.svn.wordpress.org/trunk@47762


git-svn-id: http://core.svn.wordpress.org/trunk@47538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-05 18:58:09 +00:00
Sergey Biryukov 5371e3fd62 Site Health: Avoid a PHP notice in `WP_Site_Health::wp_cron_scheduled_check()` if async test response does not contain the expected result.
Additionally, avoid a PHP notice in `::get_test_php_version()` if the minimum recommended version of PHP could not be determined.

Props schlessera, oakesjosh.
Fixes #49943.
Built from https://develop.svn.wordpress.org/trunk@47628


git-svn-id: http://core.svn.wordpress.org/trunk@47403 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-27 22:01:08 +00:00
Sergey Biryukov 92538d89ee Site Health: Detect an active PHP session as a possible reason for HTTP requests timing out.
PHP sessions created by a `session_start()` function call may interfere with REST API and loopback requests.

An active session should be closed by `session_write_close()` before making any HTTP requests.

Props matthieumota, netweblogic, Clorith, afragen, vjik, SergeyBiryukov.
Fixes #47320.
Built from https://develop.svn.wordpress.org/trunk@47585


git-svn-id: http://core.svn.wordpress.org/trunk@47360 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-16 08:20:09 +00:00
Sergey Biryukov 764a1761aa Site Health: Correct markup in `::get_test_php_extensions()` and `::get_test_background_updates()` description.
These tests output an unordered list, which doesn't need to be wrapped in a paragraph tag.

Additionally, pass an empty string as an `actions` parameter in `::get_test_php_default_timezone()`, for consistency with other tests.

Props afercia.
See #48948.
Built from https://develop.svn.wordpress.org/trunk@47528


git-svn-id: http://core.svn.wordpress.org/trunk@47303 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-29 03:46:06 +00:00
Sergey Biryukov cf75b95197 Site Health: Run the first scheduled site health check a day after the initial site setup.
This reduces the chance of displaying incorrect results due to running the check too early in first time setup scenarios.

Props Clorith, garrett-eclipse, roytanck, joostdevalk.
Fixes #49577.
Built from https://develop.svn.wordpress.org/trunk@47456


git-svn-id: http://core.svn.wordpress.org/trunk@47243 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-14 16:36:07 +00:00
desrosj 447536a0e6 Site Health: Display the REST API test error codes correctly.
This change fixes an issue where the error codes associated with failed REST API tests are not being printed to the screen. In addition, the square brackets have been replaced with parentheses for consistency, and the error code (which is much less useful to end-users than the error message itself) has been moved to the end of the line.

This also clarifies the associated translator comments.

Props afercia, desrosj.
Fixes #49426.
Built from https://develop.svn.wordpress.org/trunk@47306


git-svn-id: http://core.svn.wordpress.org/trunk@47106 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-18 16:48:06 +00:00
Sergey Biryukov 055af2b506 Site Health: Improve the wording for PHP update recommendations.
Props Clorith, grafruessel, sathyapulse, wpgurudev, garrett-eclipse, marybaum, xkon, SergeyBiryukov.
Fixes #48716.
Built from https://develop.svn.wordpress.org/trunk@47254


git-svn-id: http://core.svn.wordpress.org/trunk@47054 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 00:41:05 +00:00