Commit Graph

210 Commits

Author SHA1 Message Date
Gary Pendergast fe837d19a7 Docs: Fix the `@param` type for `wp_make_plugin_file_tree()`.
`$plugin_editable_files` is an `array`, not a `string`.

Props subrataemfluence.
Fixes #45593.


Built from https://develop.svn.wordpress.org/trunk@44464


git-svn-id: http://core.svn.wordpress.org/trunk@44295 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-08 06:02:51 +00:00
desrosj 4818f7e3f7 Administration: Update default fallback color for SVG icons.
Currently, when an SVG is used as a menu icon, the color is inconsistent with the other, default dashicons and the contrast ratio does not meet the minimum requirement for accessibility.

This updates the base color for the default `fresh` color scheme to ensure consistency and proper contrast.

Props swift, dschalk.
Fixes #44209.
Built from https://develop.svn.wordpress.org/trunk@44353


git-svn-id: http://core.svn.wordpress.org/trunk@44183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-20 19:01:48 +00:00
desrosj 38d1e7233d Block Editor: Show privacy help notice on Privacy Policy page.
When editing a page set to be the Privacy Policy page, display a help notice
containing a link to the Privacy Policy guide.

Merges [43920] to trunk.

Fixes #45057.
Built from https://develop.svn.wordpress.org/trunk@44291


git-svn-id: http://core.svn.wordpress.org/trunk@44121 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-18 16:14:49 +00:00
desrosj 03262a191f Block Editor: Refresh nonces used by `wp.apiFetch`.
Adds heartbeat nonces refreshing support to `wp.apiFetch` requests.

Props pento, adamsilverstein, dd32, desrosj, youknowriad.

Merges [43939] into trunk.

Fixes #45113. 
Built from https://develop.svn.wordpress.org/trunk@44275


git-svn-id: http://core.svn.wordpress.org/trunk@44105 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-17 19:28:51 +00:00
Gary Pendergast 4739b8147b Upgrade/Install: Convert `Sample Page`, `Hello World`, and `Privacy Policy` to block content.
Merges [43820,43912] from the 5.0 branch to trunk.

Props desrosj, garrett-eclipse, danielbachhuber, dd32, ocean90.
Fixes #45151.


Built from https://develop.svn.wordpress.org/trunk@44168


git-svn-id: http://core.svn.wordpress.org/trunk@43998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-14 05:43:52 +00:00
Sergey Biryukov f7ba175491 Docs: Correct `@since` value for `_wp_privacy_statuses()`.
Fix typo in `@since` entry for `WP_Privacy_Policy_Content:add()`.

Props dimadin.
Fixes #44915.
Built from https://develop.svn.wordpress.org/trunk@43638


git-svn-id: http://core.svn.wordpress.org/trunk@43467 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-13 10:20:24 +00:00
Sergey Biryukov c714ad082d Docs: Correct parameter type for `WP_Privacy_Policy_Content::notice()`.
Props burhandodhy.
Fixes #44877.
Built from https://develop.svn.wordpress.org/trunk@43609


git-svn-id: http://core.svn.wordpress.org/trunk@43438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-03 14:15:25 +00:00
Gary Pendergast 56c162fbc9 Coding Standards: Upgrade WPCS to 1.0.0
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.

This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script. 
- Auto-fixable coding standards issues will now cause Travis failures.

Fixes #44600.


Built from https://develop.svn.wordpress.org/trunk@43571


git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-17 01:51:36 +00:00
Sergey Biryukov 172aa4aa3e Privacy: Enable pagination screen options for privacy requests list tables.
Props birgire, pbiron.
Fixes #44025.
Built from https://develop.svn.wordpress.org/trunk@43486


git-svn-id: http://core.svn.wordpress.org/trunk@43313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 16:04:24 +00:00
Sergey Biryukov 4faf05ca6a Privacy: Change `@since` entry for `_wp_privacy_settings_filter_draft_page_titles()` added in [43376] to 4.9.8.
See #44100.
Built from https://develop.svn.wordpress.org/trunk@43454


git-svn-id: http://core.svn.wordpress.org/trunk@43281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 13:48:25 +00:00
Andrew Ozz 7e9be993e6 Privacy: append `(Draft)` to draft page titles in the page drop-down on the Privacy Settings screen.
Props allendav, desrosj.
Fixes #44100.
Built from https://develop.svn.wordpress.org/trunk@43376


git-svn-id: http://core.svn.wordpress.org/trunk@43204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:42:29 +00:00
John Blackbourn 0aa2902436 Security: Harden the random aspect of the hash used for user profile and admin email address changes.
Props BjornW

Fixes #43771

Built from https://develop.svn.wordpress.org/trunk@43367


git-svn-id: http://core.svn.wordpress.org/trunk@43195 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:38:43 +00:00
Sergey Biryukov 593848e9dc Docs: Correct inline comment added in [43361] for consistency with other comments.
See #44142.
Built from https://develop.svn.wordpress.org/trunk@43363


git-svn-id: http://core.svn.wordpress.org/trunk@43191 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:37:00 +00:00
Sergey Biryukov d35f9813f1 Docs: Add missing `@return` value for `save_mod_rewrite_rules()` and `iis7_save_url_rewrite_rules()`.
See #44142.
Built from https://develop.svn.wordpress.org/trunk@43362


git-svn-id: http://core.svn.wordpress.org/trunk@43190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:36:35 +00:00
Sergey Biryukov 40cfcfc222 Privacy: Make sure `wp_add_privacy_policy_content()` does not cause a fatal error by unintentionally flushing rewrite rules outside of the admin context.
Add a `_doing_it_wrong()` message describing the correct usage of the function.

Props kraftbj, azaozz, SergeyBiryukov, YuriV.
Fixes #44142.
Built from https://develop.svn.wordpress.org/trunk@43361


git-svn-id: http://core.svn.wordpress.org/trunk@43189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:36:09 +00:00
Sergey Biryukov 947a12f2b2 Privacy: Fix typo in default privacy policy text.
Props garetharnold, abdullahramzan.
Fixes #44166.
Built from https://develop.svn.wordpress.org/trunk@43350


git-svn-id: http://core.svn.wordpress.org/trunk@43178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:31:31 +00:00
Andrew Ozz 8c06c2c662 Privacy: only remove the "Suggested text has changed" bubble when an admin visits the Privacy Policy Guide screen.
Fixes #44063.
Built from https://develop.svn.wordpress.org/trunk@43269


git-svn-id: http://core.svn.wordpress.org/trunk@43098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-14 17:52:21 +00:00
Andrew Ozz 242e6eea46 Privacy: fix markup for the table of contents on privacy policy guide screen.
Props ocean90, azaozz.
Fixes #44056.
Built from https://develop.svn.wordpress.org/trunk@43265


git-svn-id: http://core.svn.wordpress.org/trunk@43094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-14 16:46:23 +00:00
Andrew Ozz b5564c8646 Privacy: fix the "Privacy Policy Guide updated" message and add a link to the guide.
Props birgire, azaozz.
Fixes #44057.
Built from https://develop.svn.wordpress.org/trunk@43263


git-svn-id: http://core.svn.wordpress.org/trunk@43092 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-14 16:21:21 +00:00
Dominik Schilling 2d4311e32e Privacy: Remove `is-dismissible` class from notice when privacy info has changed.
The notice isn't dismissible as it only gets removed once you visit the privacy guide, see #44057 and #44063.

Fixes #44065.

Built from https://develop.svn.wordpress.org/trunk@43261


git-svn-id: http://core.svn.wordpress.org/trunk@43090 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-14 15:55:21 +00:00
Andrew Ozz a75b113bed Privacy: fix two typos in `WP_Privacy_Policy_Content::get_default_content()`.
Props dlh.
Fixes #44050.
Built from https://develop.svn.wordpress.org/trunk@43249


git-svn-id: http://core.svn.wordpress.org/trunk@43078 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-13 11:15:21 +00:00
Andrew Ozz b82fed1806 Privacy: require `manage_privacy_options` capability for showing `WP_Privacy_Policy_Content::notice()`.
Props ocean90.
Fixes #44055.
Built from https://develop.svn.wordpress.org/trunk@43248


git-svn-id: http://core.svn.wordpress.org/trunk@43077 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-13 11:04:21 +00:00
Andrew Ozz 5c5a527d96 Privacy: exclude the wrapper from the default policy content.
Fixes #44048.
Built from https://develop.svn.wordpress.org/trunk@43242


git-svn-id: http://core.svn.wordpress.org/trunk@43071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-11 15:07:21 +00:00
iandunn 8af721fff8 Privacy: Replace intrusive policy update notice with menu bubbles.
Previously, when a plugin updated its suggested privacy policy text, an admin notice was shown on all screens in the Administration Panels. That was done in order to make sure that administrators were aware of it, so that they could update their policy if needed. That was a very heavy-handed and intrusive approach, though, which leads to a poor user experience, and notice fatigue. 

An alternative approach is to use bubble notifications in the menu, similar to when plugins have updates that need to be installed. That still makes it obvious that something needs the administrator's attention, but is not as distracting as a notice.

The notice will still appear on the Privacy page, though, since it is relevant to that screen, and provides an explanation of why the bubble is appearing.

Props azaozz, xkon, iandunn.
Fixes #43954. See #43953.

Built from https://develop.svn.wordpress.org/trunk@43223


git-svn-id: http://core.svn.wordpress.org/trunk@43052 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 19:52:21 +00:00
Sergey Biryukov 47e6c2f9ec Privacy: Make the help hint for Privacy Policy page more translatable and accessible.
Props tobifjellner.
See #43980.
Built from https://develop.svn.wordpress.org/trunk@43206


git-svn-id: http://core.svn.wordpress.org/trunk@43035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 23:12:21 +00:00
Andrew Ozz 35d5911ae8 Privacy: fixes for the privacy policy guide and suggested content:
- Separate the guide text form the suggested policy text.
- Add table of content for easier navigation.
- Move the content to tools.php (prevents the settings menu of being open).
- Add a link to the guide from the Privacy settings screen.

Props melchoyce, azaozz.
See #43980.
Built from https://develop.svn.wordpress.org/trunk@43203


git-svn-id: http://core.svn.wordpress.org/trunk@43032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 20:51:23 +00:00
Andrew Ozz 3099f4d9ed Privacy: outputting the privacy policy guide and suggested content to a new page instead of a postbox.
Props melchoyce, azaozz.
See #43980.
Built from https://develop.svn.wordpress.org/trunk@43184


git-svn-id: http://core.svn.wordpress.org/trunk@43013 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-08 23:45:21 +00:00
Sergey Biryukov f055261a05 Privacy: Remove stray closing tag in `WP_Privacy_Policy_Content::get_default_content()`, fix typo in `@return` tag.
Props dlh, tobifjellner.
Fixes #43951.
Built from https://develop.svn.wordpress.org/trunk@43170


git-svn-id: http://core.svn.wordpress.org/trunk@42999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-04 01:56:22 +00:00
Andrew Ozz 58b2e6e143 Privacy: use `sprintf()` in translations.
Props birgire.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43150


git-svn-id: http://core.svn.wordpress.org/trunk@42979 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 18:25:21 +00:00
Andrew Ozz 7d4429b2c8 Privacy: fix typos and inconsistencies in the default suggested text.
Props macbookandrew.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43148


git-svn-id: http://core.svn.wordpress.org/trunk@42977 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 17:42:22 +00:00
Andrew Ozz c5d13c5934 Privacy: change how the default text for privacy policy is added:
- Insert both the text and tutorial in new policy pages and highlight is brightly in the editor.
- Show only the suggested text in the policy postbox.

Props melchoyce, azaozz.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43146


git-svn-id: http://core.svn.wordpress.org/trunk@42975 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 17:13:21 +00:00
Andrew Ozz 0d2eb27a5d Privacy: do not fold a single section in the privacy policy poxtbox.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43126


git-svn-id: http://core.svn.wordpress.org/trunk@42955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 22:10:21 +00:00
Andrew Ozz 237df3367b Privacy: only fold the sections in the privacy policy poxtbox when more than one.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43052


git-svn-id: http://core.svn.wordpress.org/trunk@42881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 09:48:21 +00:00
Andrew Ozz d1ab641d16 Privacy: edits and improvements for the default text for a privacy policy.
Props idea15, allendav.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43048


git-svn-id: http://core.svn.wordpress.org/trunk@42877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-30 21:06:21 +00:00
Andrew Ozz c21c4e25b3 Privacy: add default text for a privacy policy. First run.
Props xkon, idea15, allendav, azaozz.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43044


git-svn-id: http://core.svn.wordpress.org/trunk@42873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-30 14:47:21 +00:00
Andrew Ozz 41a82d6078 Privacy: add better docs for `wp_add_privacy_policy_content()` and `WP_Privacy_Policy_Content::add()`.
See #43620.
Built from https://develop.svn.wordpress.org/trunk@43003


git-svn-id: http://core.svn.wordpress.org/trunk@42832 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-25 18:10:21 +00:00
Andrew Ozz 11e315ca23 Make the string `WordPress` translatable.
Props mnelson4.
See #43620.
Built from https://develop.svn.wordpress.org/trunk@42999


git-svn-id: http://core.svn.wordpress.org/trunk@42828 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-24 21:23:21 +00:00
Andrew Ozz 891deab7c5 Privacy: make the sections in the suggested privacy policy text postbox foldable. Add Read More/Read Less buttons. Fix copying of the suggested text by pressing the button.
Props melchoyce, xkon, azaozz.
See #43620.
Built from https://develop.svn.wordpress.org/trunk@42992


git-svn-id: http://core.svn.wordpress.org/trunk@42821 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-19 12:39:21 +00:00
Andrew Ozz 8d9e4937f8 Fix typo in 'wp_get_default_privacy_policy_content' filter.
Props claudiu.
See #43620.
Built from https://develop.svn.wordpress.org/trunk@42985


git-svn-id: http://core.svn.wordpress.org/trunk@42814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-17 21:09:20 +00:00
Andrew Ozz 3108d2ffb2 Privacy: add a postbox that is shown when editing the privacy policy page, and where plugins and core will output suggested content and additional privacy info. First run.
Props melchoyce, azaozz.
See #43620.
Built from https://develop.svn.wordpress.org/trunk@42980


git-svn-id: http://core.svn.wordpress.org/trunk@42809 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-16 08:53:20 +00:00
John Blackbourn b13e73d05c Docs: Document more parameters and properties using typed array notation.
See #41756

Built from https://develop.svn.wordpress.org/trunk@42875


git-svn-id: http://core.svn.wordpress.org/trunk@42705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-25 18:10:32 +00:00
John Blackbourn d7025e7787 Security: Loosen the admin referrer policy header value to allow the referring host to be sent from the admin area in all cases.
This allows referrer-restricted content from third parties (such as images and fonts) to continue working in the admin area.

Props aranwer104, qcmiao

Fixes #43285

Built from https://develop.svn.wordpress.org/trunk@42830


git-svn-id: http://core.svn.wordpress.org/trunk@42660 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-12 10:57:35 +00:00
Dominik Schilling 666e203f31 Administration: Remove unnecessary capitalization when referencing to plugin/theme editors.
Fixes #43072.
Built from https://develop.svn.wordpress.org/trunk@42757


git-svn-id: http://core.svn.wordpress.org/trunk@42587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-26 19:35:30 +00:00
Gary Pendergast aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
Sergey Biryukov 1a5adcf722 Rewrite Rules: Correct the logic in `extract_from_markers()` after [41928].
Props stodorovic.
Fixes #42579. See #39920.
Built from https://develop.svn.wordpress.org/trunk@42199


git-svn-id: http://core.svn.wordpress.org/trunk@42029 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-16 13:25:50 +00:00
Konstantin Obenland 65c1468ff5 File Editors: Account for network admin use
Fixes a bug where files couldn't be accessed in multisite installs.

Props flixos90, westonruter.
Fixes #42420.


Built from https://develop.svn.wordpress.org/trunk@42115


git-svn-id: http://core.svn.wordpress.org/trunk@41944 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-03 18:51:49 +00:00
Sergey Biryukov 0f06f90341 Rewrite Rules: Remove redundant `if` condition in `extract_from_markers()`.
Props Dency, yahil, appchecker.
Fixes #39920.
Built from https://develop.svn.wordpress.org/trunk@41928


git-svn-id: http://core.svn.wordpress.org/trunk@41762 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-18 21:28:46 +00:00
Weston Ruter 0659de4e21 File Editors: Display list of theme/plugin files in scrollable directory tree.
Props WraithKenny, afercia, melchoyce, westonruter.
Amends [41721].
Fixes #24048.

Built from https://develop.svn.wordpress.org/trunk@41851


git-svn-id: http://core.svn.wordpress.org/trunk@41685 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-13 02:39:47 +00:00
John Blackbourn fbd44ee554 Security: Add a referrer policy header to the admin and login screens.
This sets a referrer policy of `same-origin` which adds hardening by preventing a referrer being sent from the admin area or login screens to other origins. This helps prevent unwanted exposure of potentially sensitive information that may be contained within URLs.

This change introduces a new filter, `admin_referrer_policy`, for filtering the referrer policy header value. The header can be disabled if necessary by removing the `wp_admin_headers` action from the `admin_init` and `login_init` hooks.

Props joostdevalk
Fixes #42036

Built from https://develop.svn.wordpress.org/trunk@41741


git-svn-id: http://core.svn.wordpress.org/trunk@41575 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 18:25:46 +00:00
John Blackbourn b52e37f9bf Options, Meta APIs: Require a confirmation link in an email to be clicked when an admin attempts to change the site admin email address.
This adds this previously Multisite-only functionality to single site installations too. This change prevents accidental or erroneous email address changes from potentially locking users out of their site.

Props MatheusGimenez, johnbillion

Fixes #39118

Built from https://develop.svn.wordpress.org/trunk@41254


git-svn-id: http://core.svn.wordpress.org/trunk@41094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-14 20:13:43 +00:00