The Content-Disposition and Content-MD5 headers allow for easier file uploading across domains by using a File/Blob object directly. The X-WP-Nonce header is allowed for making cross-origin and same-origin authenticated requests consistent.
Additionally a filter is introduced, "rest_allowed_cors_headers", to simplify the process of allowing additional request headers.
Props rmccue, TimothyBlynJacobs.
Fixes#41696.
Built from https://develop.svn.wordpress.org/trunk@48452
git-svn-id: http://core.svn.wordpress.org/trunk@48221 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [48069] the Block Renderer was changed to register a single route for all dynamic blocks. Validation was dynamically applied based on the requested block, but sanitization was not. This commit adds the same sanitization back to the block attributes.
Props manooweb.
Fixes#50620. See #48079.
Built from https://develop.svn.wordpress.org/trunk@48437
git-svn-id: http://core.svn.wordpress.org/trunk@48206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If a bool/float/int is passed into wp_slash it will be coerced into a string.
This changes the behavior to only slash strings. At the same time, handles recursion a little nicer by calling array_map for arrays.
Fixes#42195, #24106.
Props johnbillion, andizer, jrf, ryotasakamoto, SergeyBiryukov, donmhico, TobiasBg, markoheijnen, ryan, nacin, devesine, whyisjake.
Built from https://develop.svn.wordpress.org/trunk@48433
git-svn-id: http://core.svn.wordpress.org/trunk@48202 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since sanitize title is largely used for html attributes, or post slugs, make note that accents will be removed and that the string will be limited to alphanumeric characters, underscores, and dashes.
Fixes#33756.
Props ericlewis, swissspidy, wonderboymusic, psdtohtmlguru, DrewAPicture, SergeyBiryukov, sjmur, gma992, shulard, ebinnion, whyisjake.
Built from https://develop.svn.wordpress.org/trunk@48432
git-svn-id: http://core.svn.wordpress.org/trunk@48201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Metadata that is stored on newlines has the possibility of missing values, so rather then coercing values, we can check for them and then implicity set the values.
Fixes#33591.
Props jonnybot, stevenkword, vtieu, birgire, SergeyBiryukov, davidbaumwald, rebasaurus, whyisjake.
Built from https://develop.svn.wordpress.org/trunk@48429
git-svn-id: http://core.svn.wordpress.org/trunk@48198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Remove duplicate variables and DocBlocks.
* Add missing description for the `$mode` global.
* Use sentence case for "Compact view" and "Extended view" labels.
Follow-up to [48398], [48423].
Props afercia, Offereins, SergeyBiryukov.
See #49715.
Built from https://develop.svn.wordpress.org/trunk@48424
git-svn-id: http://core.svn.wordpress.org/trunk@48193 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Restore the `$mode` global for backward compatibility.
* Remove redundant check, as `$mode` is already set at this point, and already defaults to `list` via `get_user_setting()`'s second argument.
* Use sentence case for "View mode" and "Extended view" labels.
Follow-up to [48398].
See #49715.
Built from https://develop.svn.wordpress.org/trunk@48423
git-svn-id: http://core.svn.wordpress.org/trunk@48192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improve speed and reduce the memory footprint when loading posts with many revisions.
* Use a direct query in `wp_get_post_autosave` to avoid loading all revisions.
* Query for IDs vs full objects in `register_and_do_post_meta_boxes`.
Props pdfernhout, johnnyb, miqrogroove, ocean90, senatorman, DBrumbaugh10Up, martijn-van-der-kooij, pavelevap, mackensen, mikeyarce, whyisjake.
Fixes#34560.
Built from https://develop.svn.wordpress.org/trunk@48422
git-svn-id: http://core.svn.wordpress.org/trunk@48191 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In addition, add the `wp_admin_viewport_meta()` function, paired to the `admin_viewport_meta` filter to control attributes of the meta tag.
Fixes#47369.
Props BettyJJ, mukesh27, SergeyBiryukov, ajayghaghretiya1, msaggiorato, talldanwp, davidbaumwald, donmhico, audrasjb.
Built from https://develop.svn.wordpress.org/trunk@48412
git-svn-id: http://core.svn.wordpress.org/trunk@48181 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `register_meta()` API now officially supports specifying a default metadata value. When `get_metadata()` is called for a meta key that does not yet exist for the object, this default value will be returned instead of an empty string.
A new function is introduced `get_metadata_raw` to retrieve the raw metadata value from the database, without applying the registered default.
Props spacedmonkey, flixos90, rmccue, kadamwhite, mnelson4, johnbillion, chrisvanpatten, TimothyBlynJacobs.
Fixes#43941.
Built from https://develop.svn.wordpress.org/trunk@48402
git-svn-id: http://core.svn.wordpress.org/trunk@48171 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Because of changes to how PHP handles arrays used in `foreach()` loops in PHP >= 7.0, [48397] resulted in a failing test for PHP 5.6.
This calls `reset()` after using the `$results` array in the `foreach()` to ensure the array is treated the same and as expected.
Props azaozz, desrosj, SergeyBiryukov, xknown.
See #50448.
Built from https://develop.svn.wordpress.org/trunk@48401
git-svn-id: http://core.svn.wordpress.org/trunk@48170 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This will prevent the options renamed for 5.5.0 from being converted twice. If a new update routine is added before 5.5 is released, the option values would be erased for anyone running `trunk` or nightlies without this change.
Props azaozz, desrosj, SergeyBiryukov, whyisjake.
Fixes#50413.
Built from https://develop.svn.wordpress.org/trunk@48400
git-svn-id: http://core.svn.wordpress.org/trunk@48169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This provides additional context to code running on this hook, including which plugin or theme update will be downloaded. It also brings consistency to this filter with others throughout the upgrade process.
Props obliviousharmony, desrosj.
Fixes#49686.
Built from https://develop.svn.wordpress.org/trunk@48399
git-svn-id: http://core.svn.wordpress.org/trunk@48168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change adds a throttle mechanism to plugin and theme auto-update failure emails using similar logic to the email sent for a Core auto-update.
The first time a plugin or theme auto-update fails, the package and `new_version` will be tracked in the `auto_plugin_theme_update_emails` option. An email for this specific update attempt will not be resent.
However, if this update fails again and non-repeat failures or successful updates are also present, then the failure information will be included in that email (an email needs to be sent for the new events regardless).
Props johnbillion, arpitgshah, desrosj, audrasjb, pbiron, earnjam.
Fixes#50448.
Built from https://develop.svn.wordpress.org/trunk@48397
git-svn-id: http://core.svn.wordpress.org/trunk@48166 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes the usage of `wp_localize_script()` for passing translations to the script and instead adds the translatable strings in the script directly through the use of `wp.i18n` and its utilities.
Props swissspidy, ocean90.
See #20491.
Fixes#50605.
Built from https://develop.svn.wordpress.org/trunk@48396
git-svn-id: http://core.svn.wordpress.org/trunk@48165 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes the usage of `wp_localize_script()` for passing translations to the script and instead adds the translatable strings in the script directly through the use of `wp.i18n` and its utilities.
Props swissspidy, ocean90.
See #20491.
Fixes#50604.
Built from https://develop.svn.wordpress.org/trunk@48395
git-svn-id: http://core.svn.wordpress.org/trunk@48164 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes the usage of `wp_localize_script()` for passing translations to the script and instead adds the translatable strings in the script directly through the use of `wp.i18n` and its utilities.
Props swissspidy, ocean90.
See #20491.
Fixes#50603.
Built from https://develop.svn.wordpress.org/trunk@48394
git-svn-id: http://core.svn.wordpress.org/trunk@48163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes the usage of `wp_localize_script()` for passing translations to the script and instead adds the translatable strings in the script directly through the use of `wp.i18n` and its utilities.
Props swissspidy, ocean90.
See #20491.
Fixes#50602.
Built from https://develop.svn.wordpress.org/trunk@48392
git-svn-id: http://core.svn.wordpress.org/trunk@48161 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes the usage of `wp_localize_script()` for passing translations to the scripts and instead adds the translatable strings in the scripts directly through the use of `wp.i18n` and its utilities.
Props swissspidy, ocean90.
See #20491.
Fixes#50601.
Built from https://develop.svn.wordpress.org/trunk@48391
git-svn-id: http://core.svn.wordpress.org/trunk@48160 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Follow-up to [47598]:
- further improves the spacing after [47598] by better scoping the CSS to avoid layout glitches for custom widgets
- changes the RSS widget form to wrap the checkboxes in one single paragraph
Ideally, multiple related checkboxes and radio buttons should be grouped within a fieldset element with a legend. This will be addressed in a new Trac ticket.
Props mukesh27, SergeyBiryukov, sabernhardt.
Fixes#49228.
Built from https://develop.svn.wordpress.org/trunk@48389
git-svn-id: http://core.svn.wordpress.org/trunk@48158 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes the usage of `$scripts->add_inline_script()` for passing translations to the script and instead adds the translatable strings in the script directly through the use of `wp.i18n` and its utilities.
Fixes#50600.
Built from https://develop.svn.wordpress.org/trunk@48387
git-svn-id: http://core.svn.wordpress.org/trunk@48156 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes the usage of `wp_localize_script()` for passing translations to the script and instead adds the translatable strings in the script directly through the use of `wp.i18n` and its utilities.
Props swissspidy, ocean90.
See #20491.
Fixes#50599.
Built from https://develop.svn.wordpress.org/trunk@48385
git-svn-id: http://core.svn.wordpress.org/trunk@48154 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes the usage of `wp_localize_script()` for passing translations to the script and instead adds the translatable strings in the script directly through the use of `wp.i18n` and its utilities.
Props swissspidy, ocean90.
See #20491.
Fixes#50597.
Built from https://develop.svn.wordpress.org/trunk@48384
git-svn-id: http://core.svn.wordpress.org/trunk@48153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes the usage of `wp_localize_script()` for passing translations to the script and instead adds the translatable strings in the script directly through the use of `wp.i18n` and its utilities.
Props swissspidy, ocean90.
See #20491.
Fixes#50596.
Built from https://develop.svn.wordpress.org/trunk@48383
git-svn-id: http://core.svn.wordpress.org/trunk@48152 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- improves focus management by moving focus to the notices, if any, or to the first "tabbable" element
- this avoids a focus loss and helps Braille-only and screen magnification users to be aware of the messages
- adds an ARIA role `alert` to all the notices
- uses `wp.a11y.speak()` to announce messages to assistive technology
- this way, all visual users will see the messages while assistive technology users will get an audible message
- uses `wp.i18n` for translatable strings in `wp-admin/js/image-edit.js`
Props anevins, ryanshoover, antpb, SergeyBiryukov, afercia.
See #20491.
Fixes#47147.
Built from https://develop.svn.wordpress.org/trunk@48375
git-svn-id: http://core.svn.wordpress.org/trunk@48144 1a063a9b-81f0-0310-95a4-ce76da25c4cd
So far, it has been possible to rearrange into a new order the post boxes (also known as "widgets" on the Dashboard and "meta boxes" on the Edit post page) only by using a pointing device, for example a mouse.
This change adds new controls and functionality to allow the boxes to be rearranged also with the keyboard. Additionally, audible messages are sent to the admin ARIA live region to notify screen reader users of the reorder action result.
Props joedolson, anevins, antpb, audrasjb, xkon, MarcoZ, karmatosed, afercia.
Fixes#39074.
Built from https://develop.svn.wordpress.org/trunk@48373
git-svn-id: http://core.svn.wordpress.org/trunk@48142 1a063a9b-81f0-0310-95a4-ce76da25c4cd
For a number of years, WordPress has been using a `#00a0d2` blue shade for the links `:hover` state. This blue shade doesn't have a sufficient color contrast with the various (too many) background colors used in the admin interface.
The new `#006799` blue shade is part of the official WordPress color palette and does have a sufficient color contrast with most of the admin backgrounds.
Props ryokuhi, audrasjb, joedolson, mapk.
See #47682.
Built from https://develop.svn.wordpress.org/trunk@48368
git-svn-id: http://core.svn.wordpress.org/trunk@48137 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change removes the disabled state from the admin scheme specific styles.
Fixes#48709.
Props drw158, SergeyBiryukov, afercia, kennethroberson5556, melchoyce, joedolson, valentinbora, audrasjb, larrach, nrqsnchz, youknowriad.
Built from https://develop.svn.wordpress.org/trunk@48360
git-svn-id: http://core.svn.wordpress.org/trunk@48129 1a063a9b-81f0-0310-95a4-ce76da25c4cd