The intention behind this change is to prevent sensitive data in responses for logged in users being cached and available to others, for example via the browser history after the user logs out.
The `no-store` directive instructs caches in the browser or within proxies not to store the response in the cache. This is subtly different from the `no-cache` directive which means the response can be cached but must be revalidated before re-use. WordPress does not use ETag headers by default therefore this does not achieve the same result.
The `private` directive complements the `no-store` directive by specifying that the response contains private information that should not be stored in a public cache. Som
e proxy caches may ignore the `no-store` directive but respect the `private` directive, thus it is included.
The existing `Cache-Control` header for users who are not logged in remains unchanged, and the existing cache prevention directives remain in place for backwards compatib
ility.
Props soulseekah, luehrsen, Dharm1025, markdoliner, rutviksavsani, ayeshrajans, paulkevan, clorith, andy786, johnbillion
Fixes#21938, Fixes#57627
Built from https://develop.svn.wordpress.org/trunk@55968
git-svn-id: http://core.svn.wordpress.org/trunk@55480 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset removes unused parameters and variables, fixes a typo, and improves some docblocks as per documentation standards.
Props upadalavipul, mukesh27, costdev, sabernhardt, hellofromtonya, audrasjb.
Fixes#57397.
Built from https://develop.svn.wordpress.org/trunk@55963
git-svn-id: http://core.svn.wordpress.org/trunk@55475 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Because `update_menu_item_cache` parameter doesn't have any description in this function, the `wp_get_nav_menu_items()` documentation page on DevHub fallbacks
to `get_post()` params descriptions… which fallbacks to `parse_query()`.
In parse_query(), the `update_menu_item_cache` param is set to `false` by default, so `wp_get_nav_menu_items()` ends up with a value of `false` by default,
which is wrong since `wp_get_nav_menu_items()` overrides this parameter to set it to true by default.
This changeset adds `update_menu_item_cache` parameter to `wp_get_nav_menu_items()` docblock, and indicates that it is set to `true` by default.
Follow-up to [53504].
Props audrasjb, matmoe.
Fixes#58468.
See #57840.
Built from https://develop.svn.wordpress.org/trunk@55962
git-svn-id: http://core.svn.wordpress.org/trunk@55474 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the `<body>` element, as a best practice background color and text color should always be set together. This makes it easier to quickly understand the
underlying color scheme.
Props allancole, joyously, samful, sabernhardt, oglekler, ronakganatra, tb1909, ugyensupport.
Fixes#45916.
Built from https://develop.svn.wordpress.org/trunk@55960
git-svn-id: http://core.svn.wordpress.org/trunk@55472 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Change the `label` for `.check-column` inside list tables to a block filling the entire cell. Improves accessibility by increasing the target area for the control.
Props mitchoyoshitaka, lessbloat, sabernhardt, ogleker, tacoverdo, joostdevalk, karmatosed.
Fixes#21516.
Built from https://develop.svn.wordpress.org/trunk@55954
git-svn-id: http://core.svn.wordpress.org/trunk@55466 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset adds a `is_block_theme` property to each theme in the `wp/v2/themes` API response, which uses `WP_Theme::is_block_theme` to determinate whether
the theme is block theme or not.
Props grantmkin, ironprogrammer, zunaid321, azaozz, spacedmonkey, audrasjb, costdev.
Fixes#58123.
Built from https://develop.svn.wordpress.org/trunk@55951
git-svn-id: http://core.svn.wordpress.org/trunk@55463 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `WP_Theme_JSON::append_to_selector()` method was previously used for both appending and prepending which violated the single responsibility principle. It resulted in additional conditionals which also came at a performance cost, particularly because the method is called over 1,000 times during a regular WordPress request.
With the new `WP_Theme_JSON::prepend_to_selector()` method, there are now two distinct methods for the two distinct purposes. The now useless third parameter on `WP_Theme_JSON::append_to_selector()` has been removed (rather than deprecated), which is acceptable given that it is a protected method on a class that is not intended for extensions.
Props bor0, costdev, flixos90, isabel_brison, oandregal, spacedmonkey.
Fixes#58193.
See #58457.
Built from https://develop.svn.wordpress.org/trunk@55950
git-svn-id: http://core.svn.wordpress.org/trunk@55462 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Due to partially duplicated logic for displaying row actions in the Media Library with and without the “Unattached” filter, the “Copy URL” and “Download file” row actions were unintentionally missing with the filter applied.
This commit aims to simplify the logic and bring more consistency to the code.
Includes displaying the “Download file” row action even when the “Trash” filter is applied, giving the user one more chance to download the media file before they delete it.
Follow-up to [8901], [13100], [16227], [16229], [52842], [55198], [55221].
Props kebbet, costdev, pbiron, oglekler, SergeyBiryukov.
Fixes#57890, #57893.
Built from https://develop.svn.wordpress.org/trunk@55949
git-svn-id: http://core.svn.wordpress.org/trunk@55461 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Redirect users visiting the `wp-admin/media.php` file to the media library, `wp-admin/upload.php`. An user facing warning is displayed when the media library is reached via a deprecated link.
Follow up to [55647].
Props jorbin, audrasjb, azaozz, NekoJonez, kebbet, costdev.
Fixes#57612.
Built from https://develop.svn.wordpress.org/trunk@55943
git-svn-id: http://core.svn.wordpress.org/trunk@55455 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Change check to see if the current theme is a block theme, to check the path `/templates/index.html` first over the deprecated path `/block-templates/index.html`.
As this path was deprecated in WP 5.9, it is more likely the block theme would use the current path. This saves a file_exists call which improves performance.
Props nihar007, spacedmonkey.
Fixes#58520.
Built from https://develop.svn.wordpress.org/trunk@55941
git-svn-id: http://core.svn.wordpress.org/trunk@55453 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `usermeta` group was introduced in WP 2.0, but was never actually used in WordPress core.
The `user_meta` group is used instead.
Follow-up to [3011], [15482], [16562], [53823], [53832], [54940].
Props ignatggeorgiev, peterwilsoncc, oglekler, pamprn09, spacedmonkey, SergeyBiryukov.
Fixes#58175.
Built from https://develop.svn.wordpress.org/trunk@55940
git-svn-id: http://core.svn.wordpress.org/trunk@55452 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix an edge case caching issue, where if a developer use the `wp_cache_themes_persistently` filter and is running the site in multisite configuration, it meant block template are incorrectly cached. Block templates are stored in the posts table. But in a multisite configuration, different sites on the multisite could have different block templates stored in there post table. As themes cache group is a global group, it resulted in incorrect values being cached.
Props maniu, spacedmonkey, hellofromTonya, oglekler, mukesh27, joemcgill.
Fixes#57886.
Built from https://develop.svn.wordpress.org/trunk@55939
git-svn-id: http://core.svn.wordpress.org/trunk@55451 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds a check to the start of `copy_dir()` that the destination directory exists and attempts to create it if it does not.
An error is returned if the directory can not be created, either due to a permissions error or the parent directory not existing.
Props caraffande, costdev, zunaid321.
Fixes#41855.
Built from https://develop.svn.wordpress.org/trunk@55938
git-svn-id: http://core.svn.wordpress.org/trunk@55450 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Change the log in link that appears after completing installation so that it does not use the button styling. Links should look like links.
Props xavortm, menakas, afercia, rianrietveld, johnbillion, drw158, joedolson.
Fixes#40470.
Built from https://develop.svn.wordpress.org/trunk@55933
git-svn-id: http://core.svn.wordpress.org/trunk@55445 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Change the button block in Twenty Fourteen to use relative instead of fixed line-height. Prevent visual errors with larger font sizes on the front-end.
Props nidhidhandhukiya, algorithmsunlocks, mayur8991, sabernhardt.
Fixes#58444.
Built from https://develop.svn.wordpress.org/trunk@55932
git-svn-id: http://core.svn.wordpress.org/trunk@55444 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since [54358], a new CSS file classic-themes.css is enqueued on all pages on the front end of themes without `theme.json`. This is a blocking http request, the impact on performance will be affected by network conditions. Inlining this style, stops this blocking request. By adding style data of path to the registered style, the function `wp_maybe_inline_styles` will automatically inline the style for us.
Props spacedmonkey, adamsilverstein.
Fixes#58480.
Built from https://develop.svn.wordpress.org/trunk@55930
git-svn-id: http://core.svn.wordpress.org/trunk@55442 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since WordPress 4.6 introduced just-in-time translation loading, themes and plugins no longer need to manually call `load_theme_textdomain`/`load_plugin_textdomain`, unless they are on a version prior to 4.6.
This change removes the `load_theme_textdomain()` call from Twenty Seventeen and up, since these themes all require at least WordPress 4.7.
On older default themes, `load_theme_textdomain()` is called conditionally depending on the WordPress version.
Props piyushtekwani.
Fixes#58318.
Built from https://develop.svn.wordpress.org/trunk@55929
git-svn-id: http://core.svn.wordpress.org/trunk@55441 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces a new `pre_load_textdomain` filter, which is useful for plugins to develop and test alternative loading/caching strategies for translations. This brings consistency with the existing `pre_load_script_translations` filter for JavaScript translations.
Props ocean90, swissspidy.
Fixes#58035.
Built from https://develop.svn.wordpress.org/trunk@55928
git-svn-id: http://core.svn.wordpress.org/trunk@55440 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Modifies the tests for `get_tag_link()`, `get_term()` and `get_term_field()` to:
- use shared fixtures as possible
- improves variable names
- add `@covers` annotation as required
Props peterwilsoncc, costdev.
See #57841.
Built from https://develop.svn.wordpress.org/trunk@55924
git-svn-id: http://core.svn.wordpress.org/trunk@55436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prevents `wp_set_object_terms()` throwing a deprecation notice in PHP 8.1+ when passing an empty value as the second parameter to clear the terms.
Props audrasjb, chouby, costdev, jrf, peterwilsoncc, prashantbhivsane, sergeybiryukov.
Fixes#57923.
Built from https://develop.svn.wordpress.org/trunk@55921
git-svn-id: http://core.svn.wordpress.org/trunk@55433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Significant restructure of the admin image editor interface, but no new functionality. Reorganize editing buttons into a common region at the top of the editor. Move image rotation tools into a pop-out menu. Add 180 degree rotation option. Add scale button to control group. Move sidebar tools next to the editing canvas to improve visual proximity between action and result. Enlarge editing canvas and crop handles. Separate activating crop functions from applying crop. Add numeric inputs for crop & scale values.
A long term goal is to move undo/redo and cancel/save into the modal title bar, but that is not feasible without significant updates to the modal framework.
Props afercia, karmatosed, nrqsnchz, antpb, chaion07, costdev, peterwilsoncc, antpb, sabernhardt, prashantbhivsane, joedolson.
Fixes#50523.
Built from https://develop.svn.wordpress.org/trunk@55919
git-svn-id: http://core.svn.wordpress.org/trunk@55431 1a063a9b-81f0-0310-95a4-ce76da25c4cd