Commit Graph

43486 Commits

Author SHA1 Message Date
Peter Wilson e5a1534aee Security: Introduce strings to indicate support status.
Add strings for use in future maintenance/security releases to indicate the security support status of the version of WordPress.

Two strings are introduced:

* indicating the version of WordPress is not receiving security updates, and,
* indicating the version of WordPress will shortly stop receiving security updates.

This change does not make use of the strings, the purpose is to make them available to translators prior to dropping support of selected versions of WordPress.

Props costdev, chesio, robinwpdeveloper, desrosj, rudlinkon, mukesh27, sumitbagthariya16.
Merges [54322] to the 5.7 branch.
See #56532.


Built from https://develop.svn.wordpress.org/branches/5.7@54433


git-svn-id: http://core.svn.wordpress.org/branches/5.7@53992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-10-10 04:53:10 +00:00
desrosj 1feee50c15 WordPress 5.7.7.
Built from https://develop.svn.wordpress.org/branches/5.7@53990


git-svn-id: http://core.svn.wordpress.org/branches/5.7@53549 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-08-30 17:28:10 +00:00
Sergey Biryukov 8b87e45e69 Grouped backports to the 5.7 branch.
- Posts, Post Types: Escape output within `the_meta()`.
- General: Ensure bookmark query limits are numeric.
- Plugins: Escape output in error messages.
- Build/Test Tools: Allow the PHPCS plugin in Composer configuration.

Merges [52412,53958-53960] to the 5.7 branch.
Props tykoted, martinkrcho, xknown, dd32, peterwilsoncc, paulkevan, timothyblynjacobs.

Built from https://develop.svn.wordpress.org/branches/5.7@53966


git-svn-id: http://core.svn.wordpress.org/branches/5.7@53525 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-08-30 15:32:03 +00:00
audrasjb 361bcac2b9 WordPress 5.7.6.
Built from https://develop.svn.wordpress.org/branches/5.7@52893


git-svn-id: http://core.svn.wordpress.org/branches/5.7@52482 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-03-10 22:30:03 +00:00
audrasjb 3c2e859ac7 External Librairies: Update jQuery.query to version 2.2.3.
This updates the "jquery-query" library from version 2.1.7 to 2.2.3.

Props jorbin, peterwilsoncc, xknown, audrasjb, jorgefilipecosta.
Merges [52844] to the 5.7 branch.

Built from https://develop.svn.wordpress.org/branches/5.7@52849


git-svn-id: http://core.svn.wordpress.org/branches/5.7@52438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-03-10 20:51:01 +00:00
jorgefilipecosta 9c065b7134 Update WordPress packages.
Updates the WordPress packages to their most recent patch versions.

Props xknown, sergey, audrasjb.
Built from https://develop.svn.wordpress.org/branches/5.7@52847


git-svn-id: http://core.svn.wordpress.org/branches/5.7@52436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-03-10 20:27:21 +00:00
desrosj 072d23667d WordPress 5.7.5.
Built from https://develop.svn.wordpress.org/branches/5.7@52488


git-svn-id: http://core.svn.wordpress.org/branches/5.7@52080 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-01-06 18:47:02 +00:00
desrosj 5030de2e76 Grouped backports to the 5.7 branch.
- Query: Improve sanitization within `WP_Tax_Query`.
- Query: Improve sanitization within `WP_Meta_Query`.
- Upgrade/Install: Avoid using `unserialize()` unnecessarily.
- Formatting: Correctly encode ASCII characters in post slugs.

Merges [52454-52457] to the 5.7 branch.
Props vortfu, dd32, ehtis, zieladam, whyisjake, xknown, peterwilsoncc, desrosj, iandunn.
Built from https://develop.svn.wordpress.org/branches/5.7@52466


git-svn-id: http://core.svn.wordpress.org/branches/5.7@52058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-01-06 17:56:05 +00:00
desrosj 3ad4c815cd WordPress 5.7.4.
Built from https://develop.svn.wordpress.org/branches/5.7@52114


git-svn-id: http://core.svn.wordpress.org/branches/5.7@51706 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-10 17:06:59 +00:00
desrosj 242bd3b338 HTTP: Remove the DST Root CA X3 certificate expired on September 30, 2021.
> The currently recommended certificate chain as presented to Let’s Encrypt ACME clients when new certificates are issued contains an intermediate certificate (ISRG Root X1) that is signed by an old DST Root CA X3 certificate that expires on 2021-09-30. In some cases the OpenSSL 1.0.2 version will regard the certificates issued by the Let’s Encrypt CA as having an expired trust chain.
> 
> Most up-to-date CA cert trusted bundles, as provided by operating systems, contain this soon-to-be-expired certificate. The current CA cert bundles also contain an ISRG Root X1 self-signed certificate. This means that clients verifying certificate chains can find the alternative non-expired path to the ISRG Root X1 self-signed certificate in their trust store.
> 
> Unfortunately this does not apply to OpenSSL 1.0.2 which always prefers the untrusted chain and if that chain contains a path that leads to an expired trusted root certificate (DST Root CA X3), it will be selected for the certificate verification and the expiration will be reported.

References:
* [https://www.openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpire/ Old Let’s Encrypt Root Certificate Expiration and OpenSSL 1.0.2]
* [https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/ DST Root CA X3 Expiration (September 2021)]

Follow-up to [25224], [25426], [25569], [27307], [30491], [30765], [34283], [35919], [36570], [46094].

Props bradleyt, fierevere, SergeyBiryukov, peterwilsoncc.
Merges [51883] to the 5.7 branch.
Fixes #54207. See #50828.
Built from https://develop.svn.wordpress.org/branches/5.7@52097


git-svn-id: http://core.svn.wordpress.org/branches/5.7@51689 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-10 02:10:01 +00:00
desrosj b06d0d90b4 WordPress 5.7.3.
Built from https://develop.svn.wordpress.org/branches/5.7@51759


git-svn-id: http://core.svn.wordpress.org/branches/5.7@51366 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-08 21:28:58 +00:00
desrosj 709e3315f3 Grouped merges for 5.7.3.
- Update `lodash` to the latest version `4.17.21`.
- Disable some attributes for rich text.

Merges [51426,50941] to the 5.7 branch.
Props ellatrix, peterwilsoncc, get_dave, mcsf, talldanwp, youknowriad, desrosj, nerrad.
Built from https://develop.svn.wordpress.org/branches/5.7@51750


git-svn-id: http://core.svn.wordpress.org/branches/5.7@51358 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-08 21:06:23 +00:00
Sergey Biryukov e3554a9aa7 General: Only use `_jsonp_wp_die_handler()` for JSONP REST API requests.
Props mdawaffe, peterwilsoncc.
Merges [51740] to the 5.7 branch.
Built from https://develop.svn.wordpress.org/branches/5.7@51742


git-svn-id: http://core.svn.wordpress.org/branches/5.7@51350 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-08 17:24:01 +00:00
Sergey Biryukov 9ca0faa204 Upgrade/Install: Update sodium_compat to v1.16.1.
The latest version of sodium_compat includes polyfills for new features slated to land in PHP 8.1:
https://paragonie.com/blog/2021/05/ristretto255-for-php-community

It also fixes a race condition with the autoloader that caused an "undefined constant" error on some systems:
https://github.com/paragonie/sodium_compat/issues/122

A full list of changes in this update can be found on GitHub:
https://github.com/paragonie/sodium_compat/compare/v1.14.0...v1.16.1

Follow-up to [49741].

Props paragoninitiativeenterprises, oxyrealm.
Merges [51002] to the 5.7 branch.
Fixes #53274.
Built from https://develop.svn.wordpress.org/branches/5.7@51171


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-16 17:29:58 +00:00
Sergey Biryukov 82b478b0be External Libraries: Upgrade PHPMailer to version 6.5.0.
Release notes: https://github.com/PHPMailer/PHPMailer/releases/tag/v6.5.0

For a full list of changes in this update, see the PHPMailer GitHub:
https://github.com/PHPMailer/PHPMailer/compare/v6.4.1...v6.5.0

Props ayeshrajans, Synchro.
Merges [51169] to the 5.7 branch.
Fixes #53430.
Built from https://develop.svn.wordpress.org/branches/5.7@51170


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50779 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-16 17:27:02 +00:00
Peter Wilson eae23abd88 Build tools: Use hashed module IDs for minified files.
Further improves webpack configuration for editor files to use hashed module IDs in the compressed (`*.min.js`) production files.

Follow up to [50940].

Props @gziolo.
Merges [51035] to the 5.7 branch.
Fixes #53192.


Built from https://develop.svn.wordpress.org/branches/5.7@51036


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50645 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-27 00:29:10 +00:00
Peter Wilson 5a721be794 Build: Use hashed/deterministic moduleIDs in webpack config
Props peterwilsoncc, desrosj, gziolo.
Merges [50940] in to the 5.7 branch.
Fixes #53192.


Built from https://develop.svn.wordpress.org/branches/5.7@50990


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50599 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-25 05:22:08 +00:00
Peter Wilson 43ac82a96f XML-RPC: Set HTTP status code in accordance with the spec.
When the XML-RPC endpoint is enabled, always return a HTTP `200 OK` status code in accordance with the XML-RPC specification. Continue to return an HTTP `405 Method Not Allowed` status code when the endpoint is disabled.

Props ariskataoka, johnbillion.
Merges [50954] in to the 5.7 branch.
Fixes #52958.


Built from https://develop.svn.wordpress.org/branches/5.7@50989


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50598 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-25 05:21:00 +00:00
Peter Wilson 1cdead833e Menus: Do not auto-set locations for new menus.
Do not auto-set new menus to all vacant locations on the Appearance > Menus screen in the dashboard.

Follow up to [48051].

Props Chouby, audrasjb, davidbaumwald, mukesh27.
Merges [50938] in to the 5.7 branch.
Fixes #52949.

Built from https://develop.svn.wordpress.org/branches/5.7@50988


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50597 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-25 05:19:05 +00:00
Peter Wilson a6d9325574 Help/About: Reduce space below minor release log.
Reduce the size of the space below the maintenance and security release log of the WP 5.7 about page.

Props dhrumil12, audrasjb, sabernhardt, ryelle.
Fixes #53067.


Built from https://develop.svn.wordpress.org/branches/5.7@50937


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50546 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-20 04:08:01 +00:00
Peter Wilson 6688af8108 WordPress 5.7.2 post-release version bump.
Built from https://develop.svn.wordpress.org/branches/5.7@50911


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50520 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-13 01:13:02 +00:00
Peter Wilson b6b214a557 WordPress 5.7.2.
Built from https://develop.svn.wordpress.org/branches/5.7@50869


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50478 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-12 23:11:59 +00:00
Peter Wilson bf12394dbd About page for WordPress 5.7.2.
Built from https://develop.svn.wordpress.org/branches/5.7@50868


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50477 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-12 23:08:00 +00:00
Sergey Biryukov 962a6c6888 External Libraries: Upgrade PHPMailer to version 6.4.1.
Release notes: https://github.com/PHPMailer/PHPMailer/releases/tag/v6.4.1

For a full list of changes in this update, see the PHPMailer GitHub:
https://github.com/PHPMailer/PHPMailer/compare/v6.4.0...v6.4.1

Props ayeshrajans.
Merges [50799] to the 5.7 branch.
Fixes #53114.
Built from https://develop.svn.wordpress.org/branches/5.7@50800


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50409 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-29 20:33:13 +00:00
Peter Wilson 5ba41bd4f0 Post 5.7.1 version bump.
Built from https://develop.svn.wordpress.org/branches/5.7@50758


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50367 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-15 03:33:06 +00:00
Peter Wilson d19b84afba Version bump for 5.7.1.
Built from https://develop.svn.wordpress.org/branches/5.7@50736


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50345 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-15 01:32:02 +00:00
Peter Wilson 42730aa8a9 About page update for 5.7.1.
Props audrasjb.

Built from https://develop.svn.wordpress.org/branches/5.7@50735


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50344 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-15 01:20:05 +00:00
Peter Wilson 1e36365912 Editor: Finalise update of @wordpress npm packages for 5.7.1.
Commit built files stored in repo following package updates.

Props gziolo, noisysocks, isabel_brison, peterwilsoncc.
Follow up to [50719].
Fixes #52912.

Built from https://develop.svn.wordpress.org/branches/5.7@50720


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50329 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-14 23:52:02 +00:00
Peter Wilson ffc9a87780 Editor: Update @wordpress npm packages for 5.7.1.
Update @wordpress npm packages to the latest published versions for the 5.7 branch. This includes block editor bug fixes for WordPress 5.7.1.

Props gziolo, noisysocks, isabel_brison, peterwilsoncc.
Fixes #52912.

Built from https://develop.svn.wordpress.org/branches/5.7@50719


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50328 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-14 23:40:18 +00:00
desrosj 18f802b860 REST API: Allow authors to read their own password protected posts.
Allow authenticated users to read the contents of password protected posts if they have the `edit_post` meta capability for the post.

Merges [50717] to the 5.7 branch.
Props xknown, zieladam, peterwilsoncc, swissspidy, timothyblynjacobs.
Built from https://develop.svn.wordpress.org/branches/5.7@50718


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50327 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-14 23:27:00 +00:00
desrosj c29db9c1e3 External libraries: Include upstream GetID3 fix for PHP 8.
Merges [50714] to the 5.7 branch.
Props jrf, xknown.
Built from https://develop.svn.wordpress.org/branches/5.7@50715


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50324 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-14 23:16:03 +00:00
Sergey Biryukov 5162106aa1 Site Health: Correct test result status for the HTTPS test.
The supported status values for Site Health tests are `good`, `recommended`, and `critical`.

Follow-up to [50660].

Props TimothyBlynJacobs.
Merges [50710] to the 5.7 branch.
Fixes #52783.
Built from https://develop.svn.wordpress.org/branches/5.7@50711


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50320 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-14 13:15:05 +00:00
Peter Wilson bf8239a30c Bundled Themes: Bump versions for WordPress 5.7.1.
Twenty Twenty-One: Bump version to 1.3
Twenty Seventeen: Bump version to 2.7

Props desrosj, mukesh27, peterwilsoncc.
Merges [50708] to the 5.7 branch.
Fixes #52859.


Built from https://develop.svn.wordpress.org/branches/5.7@50709


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50318 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-14 00:00:05 +00:00
Peter Wilson 70c6bb2d83 5.7 branch post 5.7.1 RC1 version bump.
Built from https://develop.svn.wordpress.org/branches/5.7@50691


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50300 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-07 23:33:02 +00:00
Peter Wilson 6689f11a42 5.7 branch is now 5.7.1 RC1.
Built from https://develop.svn.wordpress.org/branches/5.7@50690


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50299 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-07 23:08:09 +00:00
ryelle f5e008b193 Accessibility: Administration: Update various background colors for increased contrast.
This ensures that contrast between text color and background meets the WCAG 2.0 AA recommended value. The following locations were changed:

 - Network List Tables: Use lighter background colors for site status indicator.
 - Nav Menus: Use a lighter background color for invalid menu items.
 - Pointers: Use a darker background for pointer header.
 - Themes: Use darker background on filter button hover.
 - Customizer: Use darker background for selected widget.

Follow-up to [50025], [50571].
Props kebbet, melchoyce, peterwilsoncc.
Merges [50687] to the 5.7 branch.
Fixes #52760.


Built from https://develop.svn.wordpress.org/branches/5.7@50688


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-07 17:44:09 +00:00
Peter Wilson bc8b720e01 Media: Do not lazy load hidden images or embeds.
Improve the check for sourceless or dimensionless media when determining if the lazy loading attribute should be added to iframes and images. Never include the lazy loading attribute on embeds of WordPress posts as the iframe is initially hidden.

Including `loading="lazy"` on initially hidden iframes and images can prevent the media from loading in some browsers.

Props adamsilverstein, fabianpimminger, flixos90, johnbillion, jonkastonka, joyously, peterwilsoncc, SergeyBiryukov, SirStuey, swissspidy.
Merges [50682], [50683] to the 5.7 branch.
Fixes #52768.


Built from https://develop.svn.wordpress.org/branches/5.7@50684


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50293 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-07 01:52:02 +00:00
Peter Wilson fcbd087303 Bundled Themes: Update the “Tested up to” value.
“Tested up to” is not displayed on the theme directory or within the WordPress dashboard, but should be updated to be accurate for anyone reading the theme’s source code.

Follow up to [50508].

Props desrosj.
Merges [50669] to the 5.7 branch.
Fixes #52982.

Built from https://develop.svn.wordpress.org/branches/5.7@50681


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-06 23:56:02 +00:00
Peter Wilson eff1fa7e1e Twenty Twenty-One: Rebuild IE specific editor stylesheet.
This was not updated to include the changes from [50493].

Props desrosj.
Merges [50667] to the 5.7 branch.
Fixes #52981. See #52702.

Built from https://develop.svn.wordpress.org/branches/5.7@50680


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-06 23:54:03 +00:00
Peter Wilson 4a193e9847 Options, Meta APIs: Update default color scheme swatch to match CSS changes.
Update the default/fresh theme color swatch displayed on user profile pages to match CSS changes made during the 5.7 release cycle.

Props audrasjb, desrosj, ninetyninew, ryelle.
Merges [50663] to the 5.7 branch.
Fixes #52750.


Built from https://develop.svn.wordpress.org/branches/5.7@50679


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-06 23:52:03 +00:00
Peter Wilson 6587ec5372 Editor: Update @wordpress npm packages for 5.7.1 RC1.
Update @wordpress npm packages to the latest published versions for the 5.7 branch. This includes block editor bug fixes for WordPress 5.7.1.

Props gziolo, noisysocks, youknowriad.
See #52912.


Built from https://develop.svn.wordpress.org/branches/5.7@50678


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-06 23:50:28 +00:00
desrosj 0a0f6dfb77 Build/Test Tools: Prevent PHPUnit tests on `push` for forks/private mirrors.
The reorganization of the PHPUnit workflow in [50441] unintentionally caused the tests to be run for every `push` event, even for forks and private mirrors.

Previously, the second job required the first one to pass, and the conditional check on the first prevented both from running. Because the first job is no longer required for the second, both jobs must have the appropriate conditional check.

Merges [50670] to the 5.7 branch.
Fixes #52983.
Built from https://develop.svn.wordpress.org/branches/5.7@50671


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50283 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-06 15:26:07 +00:00
Peter Wilson 2c8182fcba Media: Conditionally pass 2nd parameter to `getimagesize()`.
In the wrapper function `wp_getimagesize()` check if the second parameter was passed before sending it to the PHP function `getimagesize()`.

The PHP function has a different execution path depending on the number of parameters passed, this ensures the wrapper function follows the appropriate path.

Follow up to [50552].
Props azaozz, hellofromtonya, Mista-Flo, peterwilsoncc, rinatkhaziev, RogerTheriault, SergeyBiryukov, terriann, whyisjake.
Merges [50586] to the 5.7 branch.
Fixes #52826.

Built from https://develop.svn.wordpress.org/branches/5.7@50662


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50274 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-06 03:44:02 +00:00
Peter Wilson 894f140b12 Script Loader: Escape HTML5 boolean attribute names.
Add escaping of boolean attribute names in `wp_sanitize_script_attributes()` for themes supporting HTML5 script elements.

Props tmatsuur, johnbillion, joyously.
Merges [50575] to the 5.7 branch.
Fixes #52894.

Built from https://develop.svn.wordpress.org/branches/5.7@50661


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50273 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-06 03:42:01 +00:00
Peter Wilson 1d0be627a9 Site Health: Reduce false reports of HTTPS failures.
Reduce severity of failing HTTPS tests from critical to warning. Stop reporting failures if the site is being accessed over HTTPS but `wp_is_https_supported()` indicates a lack of support.

Props annalamprou, AnotherDave, ayeshrajans, bobbingwide, Clorith, dragongate, eatsleepcode, gab81, geoffrey1963, Ipstenu, k3nsai, mmuyskens, nicegamer7, peterwilsoncc, pwallner, SergeyBiryukov, TimothyBlynJacobs, Toru.
Merges [50659] to the 5.7 branch.
Fixes #52783.

Built from https://develop.svn.wordpress.org/branches/5.7@50660


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50272 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-06 03:40:06 +00:00
Sergey Biryukov 551b6260da REST API: Correct `enum` validation for numeric values.
When validating `enum` values as `integer` or `number`, consider a number with a zero fractional part to be equivalent to an integer of the same value.

In `rest_are_values_equal()`, when comparing two values of type `int` or `float` (in any combination), first cast both of them to `float` and then compare.

This matches some test cases from the official JSON Schema test suite.

Follow-up to [50010].

Props yakimun, stefanjoebstl, TimothyBlynJacobs, rachelbaker.
Merges [50653] to the 5.7 branch.
Fixes #52932.
Built from https://develop.svn.wordpress.org/branches/5.7@50656


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50268 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-04 19:13:03 +00:00
Sergey Biryukov 69bfd1ff63 Coding Standards: Move some translator comments to the correct place.
Follow-up to [46273], [50060], [50117].

Merges [50654] to the 5.7 branch.
See #52627.
Built from https://develop.svn.wordpress.org/branches/5.7@50655


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-04 18:34:04 +00:00
Sergey Biryukov 8bda8b2847 KSES: Add `object-position` to the list of safe CSS properties.
This resolves an issue with the Cover block, where the `object-position` property is removed from the content when a non-admin user saves the post, leading to block recovery loop.

Props Mamaduka, aristath.
Merges [50634] to the 5.7 branch.
Fixes #52961.
Built from https://develop.svn.wordpress.org/branches/5.7@50649


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50261 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-02 19:31:06 +00:00
Sergey Biryukov 4fa46b8d14 External Libraries: Upgrade PHPMailer from 6.3.0 to 6.4.0.
6.4.0 reverts a change that made the `mail()` and sendmail transports set the envelope sender if one isn't explicitly provided, as it was causing problems in specific PHP/server configurations.

Release post: https://github.com/PHPMailer/PHPMailer/releases/tag/v6.4.0
Changelog: https://github.com/PHPMailer/PHPMailer/compare/v6.3.0...v6.4.0

Props Synchro, tigertech, ayeshrajans, galbaras, audrasjb, SergeyBiryukov, desrosj, ocean90.
Merges [50628] to the 5.7 branch.
Fixes #52822.
Built from https://develop.svn.wordpress.org/branches/5.7@50630


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-04-01 13:01:06 +00:00
davidbaumwald 35592e1ffa Privacy: Print screen reader text for the "Copy suggested policy text..." action button.
This change switches out sprintf for printf on the "Copy suggested policy text from..." button screen reader text. Also, wrap the actual button text in a <span aria-hidden="true"> to prevent both the button text and the screen reader text from being spoken.

Props mukesh27, SergeyBiryukov, sabernhardt, desrosj.
Merges [50585] to the 5.7 branch.
Fixes #52891.
Built from https://develop.svn.wordpress.org/branches/5.7@50609


git-svn-id: http://core.svn.wordpress.org/branches/5.7@50222 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-03-26 20:32:04 +00:00