App Passwords rely on the Authorization header to transport the Basic Auth credentials. For Apache web servers, WordPress automatically includes a RewriteRule to populate the value for servers running in CGI or FastCGI that wouldn't ordinarily populate the value.
This tests if the header is being filled with the expected values. For Apache users, we direct the user to visit the Permalinks settings to flush their permalinks. For all other users, we direct them to a help document on developer.wordpress.org.
Props Clorith, marybaum, TimothyBlynJacobs.
Fixes#51638.
Built from https://develop.svn.wordpress.org/trunk@49334
git-svn-id: http://core.svn.wordpress.org/trunk@49095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This stems from longer translations on the User table, but this will apply to any posts column in a list table. Hyphenation should typically just apply to the column header, as the cell contents are just a count.
This does appear to have some browser inconsistencies, so may need further adjustment in the future.
Props audrasjb, justinahinon.
Fixes#50838.
Built from https://develop.svn.wordpress.org/trunk@49317
git-svn-id: http://core.svn.wordpress.org/trunk@49079 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Make form inputs stacked instead of inline.
- Provide a visible label for the app name.
- Add screen reader text to dismiss button.
- Make "Revoke" button label more descriptive.
- Use aria-disabled instead of disabled to avoid focus loss.
- Display password in a readonly input to assist copy and paste.
- Remove large sections of italic text.
- Use `.form-wrap` and `.form-field` to give consistent form styling.
- Improve labeling and placeholder text.
Props alexstine, georgestephanis, afercia, TimothyBlynJacobs.
Fixes#51580.
Built from https://develop.svn.wordpress.org/trunk@49294
git-svn-id: http://core.svn.wordpress.org/trunk@49056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates `core_auto_updates_settings()` to account for the new `beta` and `rc` values for the `WP_AUTO_UPDATE_CORE` constant.
Additionally, recognize these new values as acceptable in Site Health tests.
Follow-up to [48804], [49245], [49254].
Fixes#51319. See #50907.
Built from https://develop.svn.wordpress.org/trunk@49292
git-svn-id: http://core.svn.wordpress.org/trunk@49054 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, any `input` or `select` inside of a `.form-invalid` wrapper would get the red border highlighting, including submit buttons which was not visually correct. This now only applies to form elements with a class of `.form-required` inside of the `.form-invalid` wrapper. It also continues to apply the border to elements with both classes (`.form-invalid.form-required`) as that is how some of the admin markup is structured.
Plugin authors may need to do the same sort of class application seen in this commit, i.e. add `.form-required` to certain form elements.
Props sabernhardt, dilipbheda, helen.
Fixes#50686.
Built from https://develop.svn.wordpress.org/trunk@49283
git-svn-id: http://core.svn.wordpress.org/trunk@49045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Apps may now optionally include an `app_id` parameter when directing the user to the Authorize Application screen. This allows for instances of an application to be identified and potentially revoked or blocked.
Props TimothyBlynJacobs, georgestephanis.
Fixes#51583.
Built from https://develop.svn.wordpress.org/trunk@49276
git-svn-id: http://core.svn.wordpress.org/trunk@49038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the user edit screen improve handling and clarify language: rename the "Generate Password" and "Show password" buttons to "Set New Password". Clicking it always generates a password. Also: improve inline code comments and descriptions.
Props afercia, bookdude13, michaelarestad, pento.
Fixes#42852.
Built from https://develop.svn.wordpress.org/trunk@49248
git-svn-id: http://core.svn.wordpress.org/trunk@49010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `WP_AUTO_UPDATE_CORE` constant now supports `beta` and `rc` values.
This makes it possible for sites to opt-in to updating to RC (or beta) releases without having to install a plugin, or run on a development version.
Props dd32, knutsp.
Fixes#51319.
Built from https://develop.svn.wordpress.org/trunk@49245
git-svn-id: http://core.svn.wordpress.org/trunk@49007 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows for customizing the arguments used to generate the Quick Edit authors drop-down.
Additionally, pass the `$bulk` argument to the `quick_edit_dropdown_pages_args` filter, for consistency.
Props Mista-Flo, garrett-eclipse, hellofromTonya.
Fixes#47685.
Built from https://develop.svn.wordpress.org/trunk@49238
git-svn-id: http://core.svn.wordpress.org/trunk@49000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows Site Health tests to check if the current environment type is set to `development` or `local`.
Use the new method:
* In HTTPS tests, instead of a hardcoded check for `localhost`.
* In `WP_DEBUG` and `WP_DEBUG_DISPLAY` tests, to set the status to `recommended` instead of `critical`.
Props dkotter, Clorith, DavidAnderson, joyously, knutsp, afragen, SergeyBiryukov.
Fixes#47058.
Built from https://develop.svn.wordpress.org/trunk@49237
git-svn-id: http://core.svn.wordpress.org/trunk@48999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change adds additional logic to catch HTTP failures that do not return a `WP_Error` object (for example, a wp-json REST API error error).
This also fixes instances where REST API callbacks performed from cron do not work due to a lack of authentication by introducing a direct callback route that asynchronous tests can register.
Props dd32, clorith, timothyblynjacobs.
Fixes#51547.
Built from https://develop.svn.wordpress.org/trunk@49232
git-svn-id: http://core.svn.wordpress.org/trunk@48994 1a063a9b-81f0-0310-95a4-ce76da25c4cd