desrosj
779a2144fc
Build/Test Tools: Correct JavaScript files in the 4.4 branch.
...
In [46498], some JavaScript files were unintentionally changed. This restores those files to their correct state.
Partially reverts [46498].
See #52367 .
Built from https://develop.svn.wordpress.org/branches/4.4@50018
git-svn-id: http://core.svn.wordpress.org/branches/4.4@49719 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-25 20:15:21 +00:00
whyisjake
9a0b89f7a8
Backporting several bug fixes.
...
- Query: Remove the static query property.
- HTTP API: Protect against hex interpretation.
- Filesystem API: Prevent directory travelersals when creating new folders.
- Administration: Ensure that admin referer nonce is valid.
- REST API: Send a Vary: Origin header on GET requests.
- Customizer: Properly sanitize background images.
Backports [46474], [46475], [46476], [46477], [46478], [46483], [46485] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@46498
git-svn-id: http://core.svn.wordpress.org/branches/4.4@46295 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-14 19:09:23 +00:00
Dion Hulse
e462191652
External Libraries: Remove unnecessary / obsoleted MediaElement.js files.
...
Merges [42478] to the 4.4 branch.
Fixes #42720 for 4.4.
Built from https://develop.svn.wordpress.org/branches/4.4@42482
git-svn-id: http://core.svn.wordpress.org/branches/4.4@42311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-01-16 08:09:32 +00:00
Dominik Schilling
2603a8b4d6
TinyMCE: Improve the previews for shortcodes.
...
Merge of [41395] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@41439
git-svn-id: http://core.svn.wordpress.org/branches/4.4@41272 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 12:43:37 +00:00
Dominik Schilling
6b08998219
Editor: Prevent adding `javascript:` and `data:` URLs through the inline link dialog.
...
Merge of [41393] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@41404
git-svn-id: http://core.svn.wordpress.org/branches/4.4@41237 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 10:18:31 +00:00
Pascal Birchler
9f7f4e5848
Media: Simplify upload error message construction.
...
Merges [40736] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@40740
git-svn-id: http://core.svn.wordpress.org/branches/4.4@40598 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-16 18:03:01 +00:00
Nikolay Bachiyski
f3907c1da9
External Libraries: Update plupload from upstream
...
Built from https://develop.svn.wordpress.org/branches/4.4@37381
git-svn-id: http://core.svn.wordpress.org/branches/4.4@37347 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-06 18:00:51 +00:00
Dominik Schilling
b1e244d828
External Libraries: Update MediaElement.js from upstream.
...
Merge of [37370] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@37372
git-svn-id: http://core.svn.wordpress.org/branches/4.4@37338 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-06 17:53:28 +00:00
Pascal Birchler
eb51235b19
Embeds: Improve how iframes are loaded after being initially hidden.
...
Use a more accessible way to initially hide the iframe. After that, only display an iframe when it was successfully loaded.
Merge of [36648] and [36708] to the 4.4 branch.
Fixes #35894 .
Built from https://develop.svn.wordpress.org/branches/4.4@37093
git-svn-id: http://core.svn.wordpress.org/branches/4.4@37060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-30 10:57:27 +00:00
Gary Pendergast
3331f83d78
Emoji: Fix the diversity emoji check in Safari.
...
When the browser test for diversity emoji was added in [36160], it included a workaround for Chrome not being able to compare Uint8ClampedArray objects directly, by converting them to a string. Unfortunately, Safari doesn't support the Uint8ClampedArray.toString() method correctly, so the test was incorrectly failing in Safari.
Merge of [37028] to the 4.4 branch.
Fixes #36266 .
Built from https://develop.svn.wordpress.org/branches/4.4@37090
git-svn-id: http://core.svn.wordpress.org/branches/4.4@37057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-29 02:19:28 +00:00
Gary Pendergast
f9fa129053
Emoji: Add some extra IE11 compatibility.
...
IE 11's implementation of MutationObserver is buggy. It unnecessarily splits text nodes when it encounters a HTML template interpolation symbol ( "{{", for example ). So, we join the text nodes back together as a work-around.
Merge of [36817] and [36981] to the 4.4 branch.
Fixes #35977 .
Built from https://develop.svn.wordpress.org/branches/4.4@37089
git-svn-id: http://core.svn.wordpress.org/branches/4.4@37056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-29 02:02:51 +00:00
Dion Hulse
487580f7c4
Emoji: Work around a `mod_security` rule which prevents pages with 4 or more instances of `String.fromCharCode(` from being served.
...
Merges [36359] to the 4.4 branch.
Fixes #35412 .
Built from https://develop.svn.wordpress.org/branches/4.4@36410
git-svn-id: http://core.svn.wordpress.org/branches/4.4@36377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-27 10:11:28 +00:00
Andrew Ozz
c9c10c4752
Media: when inserting an attachment in the editor and it is not an image, ensure the link is set to something else than `none`.
...
Props eherman24, azaozz.
Fixes #35153 for 4.4.1.
Built from https://develop.svn.wordpress.org/branches/4.4@36167
git-svn-id: http://core.svn.wordpress.org/branches/4.4@36133 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-04 00:41:26 +00:00
Gary Pendergast
410109ca49
Emoji: Add Emoji Diversity support, and fall back to twemoji if the browser doesn't support diverse emoji.
...
Merge of [36126] and [36160] to the 4.4 branch.
See #33592 .
Built from https://develop.svn.wordpress.org/branches/4.4@36161
git-svn-id: http://core.svn.wordpress.org/branches/4.4@36127 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-03 04:42:23 +00:00
Dion Hulse
a048514d43
Admin: fix repositioning of notices when the first header is not an immediate children of `.wrap`.
...
Merges [36134] to the 4.4 branch.
Props afercia, DvanKooten.
Fixes #35047 .
Built from https://develop.svn.wordpress.org/branches/4.4@36144
git-svn-id: http://core.svn.wordpress.org/branches/4.4@36110 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-02 03:32:23 +00:00
Andrew Nacin
9834e9993a
Embeds: Enforce, via unit tests, the no-ampersand rule for wp-embed.js.
...
fixes #34698 .
Built from https://develop.svn.wordpress.org/trunk@35762
git-svn-id: http://core.svn.wordpress.org/trunk@35726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-04 05:46:25 +00:00
Scott Taylor
8cf8e2c66d
WP oEmbed: validate the `secret` send via `postMessage` in `wp.receiveEmbedMessage`. Also, compare `window` instances.
...
In the data sent to us from the embedded iframe by postMessage(), the secret value is being used directly in a document.querySelectorAll() call without first being validated or escaped.
In theory, this could lead to some broken embeds.
Props mdawaffe.
Fixes #34831 .
Built from https://develop.svn.wordpress.org/trunk@35761
git-svn-id: http://core.svn.wordpress.org/trunk@35725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-03 20:17:25 +00:00
Andrew Ozz
50a5fbb269
Editor: remove wpLink dependency on jQuery UI.
...
Props afercia.
Fixes #34716 .
Built from https://develop.svn.wordpress.org/trunk@35728
git-svn-id: http://core.svn.wordpress.org/trunk@35692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-22 19:27:26 +00:00
Gary Pendergast
603d3c0013
Embeds: Remove `&` characters from the inline embed JS.
...
Older versions of WordPress will convert those `&` characters to `&`, which makes for some non-functional JS. If folks are running an older release, let's not make their lives more difficult than it already is.
Props pento, peterwilsoncc.
See #34698 .
Built from https://develop.svn.wordpress.org/trunk@35708
git-svn-id: http://core.svn.wordpress.org/trunk@35672 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-19 23:06:26 +00:00
Scott Taylor
f1d0763785
Comments: after [35593], extend support to IE8 and improve checking for elements hidden with CSS
...
Props afercia.
Fixes #29974 .
Built from https://develop.svn.wordpress.org/trunk@35675
git-svn-id: http://core.svn.wordpress.org/trunk@35639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-18 19:15:28 +00:00
Ella Iseulde Van Dorpe
72f09b29df
TinyMCE 4.2.8 update
...
Changelog: http://www.tinymce.com/develop/changelog/?ctrl=version&act=view&pr_id=1&vr_id=889
(No plugin, theme, skin or test changes)
Fixes #34671 and #34720 .
Built from https://develop.svn.wordpress.org/trunk@35658
git-svn-id: http://core.svn.wordpress.org/trunk@35622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-17 23:19:01 +00:00
Gary Pendergast
9974c9b18d
Emoji: Ensure twemoji kicks in on certain DOM mutations.
...
Twemoji will replace the `img` with the emoji character, in the event that the image fails to load. We deliberately avoid trying to change that emoji character when it's changed back. We do need to replace emoji characters that are changed by something other than Twemoji, which this rectifies.
Fixes #34640 .
Built from https://develop.svn.wordpress.org/trunk@35637
git-svn-id: http://core.svn.wordpress.org/trunk@35601 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-14 09:52:29 +00:00
Gary Pendergast
6381e168b7
Pinking Shears: Remove some errant non-breaking spaces from a few JavaScript files.
...
Props francoisb.
Fixes #34658 .
Built from https://develop.svn.wordpress.org/trunk@35627
git-svn-id: http://core.svn.wordpress.org/trunk@35591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-12 12:04:27 +00:00
Andrew Ozz
7e1c68ea78
TinyMCE:
...
- Fix the inline toolbar on images in iOS, move it out of the way so the default inline toolbar is not over it.
- Fix selecting images on touch in the editor (iOS Safari fails to select them most of the time).
Fixes #34557 .
Built from https://develop.svn.wordpress.org/trunk@35607
git-svn-id: http://core.svn.wordpress.org/trunk@35571 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-11 03:27:25 +00:00
Gary Pendergast
d3f30288e9
Emoji: Use twemoji in browsers that don't support Unicode 8 emoji.
...
Some less advanced browsers are yet to add support for the important advances made in Unicode 8. Let's make ensure that their users can experience emoji in their full glory.
See #33592 .
Built from https://develop.svn.wordpress.org/trunk@35606
git-svn-id: http://core.svn.wordpress.org/trunk@35570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-11 02:25:25 +00:00
Andrew Ozz
93fa052e49
TinyMCE: prevent resize handles in newer IE when inserting a wpView.
...
Fixes #29400 .
Built from https://develop.svn.wordpress.org/trunk@35602
git-svn-id: http://core.svn.wordpress.org/trunk@35566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-10 19:33:26 +00:00
Andrew Ozz
8b3c5fb300
TinyMCE: always remove trailing `<br>` added by WebKit browsers to the clipboard.
...
Fixes #34642 .
Built from https://develop.svn.wordpress.org/trunk@35597
git-svn-id: http://core.svn.wordpress.org/trunk@35561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-10 04:32:25 +00:00
Gary Pendergast
1f24f52673
Emoji: Add some new flags, and a handful from Unicode 8.0.
...
Including the following that should be used as often as possible:
U+1F1E6 U+1F1FA Flag for Australia
U+1F3CF Cricket Bat and Ball
U+1F32F Burrito
See #33592 .
Built from https://develop.svn.wordpress.org/trunk@35596
git-svn-id: http://core.svn.wordpress.org/trunk@35560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-10 03:35:25 +00:00
Andrea Fercia
e6e4496822
Comments: in `comment_form()` when replying to a comment ensure to set focus on the first focusable form element, regardless of what that form element is.
...
Props azaozz.
See #29974 .
Built from https://develop.svn.wordpress.org/trunk@35593
git-svn-id: http://core.svn.wordpress.org/trunk@35557 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-10 00:43:26 +00:00
Andrew Ozz
42a955a89b
TinyMCE: update the keyboard shortcuts for the link dialog in the `wplink` plugin. Fixes Ctrl + Alt + A on MacOS.
...
Fixes #34636 .
Built from https://develop.svn.wordpress.org/trunk@35589
git-svn-id: http://core.svn.wordpress.org/trunk@35553 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-09 21:32:28 +00:00
Gary Pendergast
a2349a2377
Embeds: Fix support for embedding in non-WordPress sites.
...
This moves the last of the iframe message code from PHP to JavaScript, so it can be included in any site, without needing to rely on any of WordPress' internal behaviour.
Props swissspidy.
Fixes #34451 .
Built from https://develop.svn.wordpress.org/trunk@35577
git-svn-id: http://core.svn.wordpress.org/trunk@35541 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-09 00:08:27 +00:00
Andrew Ozz
9fb7dcc30d
TinyMCE: update to 4.2.7. Changelog: http://www.tinymce.com/develop/changelog/?ctrl=version&act=view&pr_id=1&vr_id=888
...
Fixes #34620 .
Built from https://develop.svn.wordpress.org/trunk@35574
git-svn-id: http://core.svn.wordpress.org/trunk@35538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-08 02:32:26 +00:00
Scott Taylor
175064637f
Administration: when hiding the login modal and unbind the auth check, also unbind the heartbeat auth check.
...
Props nofearinc.
Fixes #28962 .
Built from https://develop.svn.wordpress.org/trunk@35568
git-svn-id: http://core.svn.wordpress.org/trunk@35532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-07 16:22:25 +00:00
Scott Taylor
e649fabb6a
Accessibility: add missing `alt` attributes to a gaggle of `<img>`s.
...
Props afercia.
Fixes #34583 .
Built from https://develop.svn.wordpress.org/trunk@35567
git-svn-id: http://core.svn.wordpress.org/trunk@35531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-07 16:12:27 +00:00
Dominik Schilling
a3d58b3fbe
Build Tools: Update the `preserveComments` option for `uglify:jqueryui`.
...
Uglify2 doesn't support the value "some" anymore. Replace it with the `/^!/` regex which produces the same output as before.
See https://build.trac.wordpress.org/changeset/35502 and https://build.trac.wordpress.org/changeset/35528 .
Fixes #34177 .
Built from https://develop.svn.wordpress.org/trunk@35564
git-svn-id: http://core.svn.wordpress.org/trunk@35528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-07 12:37:26 +00:00
Aaron Jorbin
d60ca2f758
Bump grunt-contrib-uglify to 0.10.0
...
This includes an update to the underlying version of uglify which causes all of the JS to be modified.
See #34177
Built from https://develop.svn.wordpress.org/trunk@35538
git-svn-id: http://core.svn.wordpress.org/trunk@35502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-05 17:47:30 +00:00
Andrea Fercia
d7485cf10b
WP oEmbed: Improve the Sharing dialog accessibility.
...
Improves ARIA attributes, focus handling, and constrains tabbing within the modal dialog.
Fixes #34484 .
Built from https://develop.svn.wordpress.org/trunk@35492
git-svn-id: http://core.svn.wordpress.org/trunk@35456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-03 15:49:27 +00:00
Scott Taylor
382d455235
WP oEmbed: Improve height attribute sanitization
...
Props afercia, swissspidy.
Fixes #34527 .
Built from https://develop.svn.wordpress.org/trunk@35478
git-svn-id: http://core.svn.wordpress.org/trunk@35442 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-31 20:39:25 +00:00
Gary Pendergast
21393df10e
Embeds: Add fallbacks for IE7-9.
...
Older IE versions need just that little bit of extra tender care to keep them going.
Props peterwilsoncc, swissspidy, pento.
Fixes #34204 .
Built from https://develop.svn.wordpress.org/trunk@35466
git-svn-id: http://core.svn.wordpress.org/trunk@35430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-31 04:38:25 +00:00
Gary Pendergast
368e5f9fc3
Embeds: Provide a cached text fallback.
...
Sometimes, embedded sites might suffer from less than 100% uptime. Instead of leaving the embedding site with a big blank space where the embed should be, let's fall back to a link to the embedded post, so there's at least some context for the post.
Fixes #34462 .
Built from https://develop.svn.wordpress.org/trunk@35437
git-svn-id: http://core.svn.wordpress.org/trunk@35401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-29 23:11:24 +00:00
Scott Taylor
f507751a40
Thickbox: spinner should disappear when loading is done.
...
Props niklasbr, afercia.
Fixes #33311 .
Built from https://develop.svn.wordpress.org/trunk@35418
git-svn-id: http://core.svn.wordpress.org/trunk@35382 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-28 18:19:26 +00:00
Sergey Biryukov
ae58f104cb
Embeds: Rename TinyMCE `wpoembed` plugin to `wpembed`.
...
Props swissspidy.
Fixes #34272 .
Built from https://develop.svn.wordpress.org/trunk@35397
git-svn-id: http://core.svn.wordpress.org/trunk@35361 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-26 14:50:26 +00:00
Andrea Fercia
930a688e17
Customizer: remove the `title` attribute from the Preview html element while loading.
...
Props mehulkaklotar.
Fixes #33250 .
Built from https://develop.svn.wordpress.org/trunk@35391
git-svn-id: http://core.svn.wordpress.org/trunk@35355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-25 15:14:26 +00:00
Andrew Ozz
4cdddd401a
TinyMCE:
...
- Sanitize and render HTML in captions when showing a gallery preview (wpView).
- Encode/escape HTML entered in the text field in the wpLink dialog.
Props iseulde, kraftbj, jnylen0, shawarkhan.
Fixes #32616 .
Built from https://develop.svn.wordpress.org/trunk@35341
git-svn-id: http://core.svn.wordpress.org/trunk@35307 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-21 20:38:26 +00:00
Helen Hou-Sandí
28c77bec72
RIP `#21759b`, the old WordPress Blue.
...
The final lingering instances were all for hidden accessibility helper text.
fixes #34388 .
Built from https://develop.svn.wordpress.org/trunk@35340
git-svn-id: http://core.svn.wordpress.org/trunk@35306 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-21 18:36:28 +00:00
Andrew Ozz
3451251548
TinyMCE: update to 4.2.6. Changelog: http://www.tinymce.com/develop/changelog/?ctrl=version&act=view&pr_id=1&vr_id=887 .
...
Fixes #34331 .
Built from https://develop.svn.wordpress.org/trunk@35306
git-svn-id: http://core.svn.wordpress.org/trunk@35272 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-20 22:06:24 +00:00
Ella Iseulde Van Dorpe
9845e08340
TinyMCE: Drag and drop link with image
...
Make sure images don't loose their link after drag and drop.
Fixes #28272 .
Built from https://develop.svn.wordpress.org/trunk@35261
git-svn-id: http://core.svn.wordpress.org/trunk@35227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-18 11:05:23 +00:00
Ella Iseulde Van Dorpe
47e364de42
Admin: fix repositioning notices
...
Fixes #34294 .
Props afercia.
Built from https://develop.svn.wordpress.org/trunk@35238
git-svn-id: http://core.svn.wordpress.org/trunk@35204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-17 07:04:26 +00:00
Sergey Biryukov
a908d2d4b1
Embeds: Rename files, functions, and hooks added in [34903] to make it more clear what is oEmbed-specific and what isn't.
...
See https://core.trac.wordpress.org/ticket/34272#comment:7 for full list of renamed functions and hooks.
Props swissspidy.
Fixes #34272 .
Built from https://develop.svn.wordpress.org/trunk@35235
git-svn-id: http://core.svn.wordpress.org/trunk@35201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-17 01:21:25 +00:00
Ella Iseulde Van Dorpe
bafdd96ebf
TinyMCE: add lang attribute
...
This is needed to make `hyphens: auto;` work correctly.
Fixes #32555 .
Built from https://develop.svn.wordpress.org/trunk@35217
git-svn-id: http://core.svn.wordpress.org/trunk@35183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-16 10:11:27 +00:00