WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
WordPress/wp-includes
History
iandunn a2d1cee61d KSES: Make the URI attributes DRY. 
This commit introduces the `wp_kses_uri_attributes` function and filter. The function centralizes the list of attributes, in order to prevent inconsistency, and the filter provides a way for plugins to customize the attributes.

Merges [44014] and [44017] to the `3.7` branch.

Built from https://develop.svn.wordpress.org/branches/3.7@44049


git-svn-id: http://core.svn.wordpress.org/branches/3.7@43879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 		2018-12-13 01:27:08 +00:00
..
ID3 Disable external entities in ID3. 2014-08-06 05:58:19 +00:00
SimplePie SimplePie: Fix use of DOMElement as array. 2013-09-11 04:02:10 +00:00
Text Declare Text_Diff::trimNewlines() as static. Upstream is not back compat. props aaroncampbell. fixes #24372. 2013-05-25 22:10:53 +00:00
certificates Move a certificate higher in the file (end to start) so that PHP 5.2.x (OpenSSL 0.9.8j and earlier) can parse the file correctly. See #25007 2013-09-23 13:59:11 +00:00
css Delete Twenty Fourteen from the 3.7 branch. 2013-10-22 23:56:26 +00:00
images Copy wpspin_light to wp-includes as wpspin.gif. Use it in media views. see #22728. 2012-12-04 16:18:53 +00:00
js External Libraries: Remove unnecessary / obsoleted MediaElement.js files. 2018-01-16 08:16:11 +00:00
pomo Avoid 'Only variables should be passed by reference' warning. fixes #23232. 2013-01-31 01:01:19 +00:00
theme-compat Use site_url() in theme-compat. 2013-10-02 21:17:09 +00:00
admin-bar.php Network Admin toolbar menu: Add Plugins and Themes, remove Visit Network. 2013-08-26 15:22:11 +00:00
atomlib.php Use correct variable in atomlib library, inside an error message. props rlerdorf, see #24110. 2013-05-07 16:37:21 +00:00
author-template.php Inline documentation for hooks in wp-includes/author-template.php. 2013-09-13 19:25:10 +00:00
bookmark-template.php Inline documentation for hooks in wp-includes/bookmark-template.php. 2013-09-20 23:09:09 +00:00
bookmark.php Remove links_recently_updated_time (hardening). 2014-04-03 03:23:10 +00:00
cache.php Always pass integer expirations to cache backends. 2013-09-16 17:43:09 +00:00
canonical.php Spell out duplicate hook locations. 2013-10-22 17:22:11 +00:00
capabilities.php Capabilities: Fall back to the `edit_posts` capability for orphaned comments. 2015-09-09 06:29:09 +00:00
category-template.php 3.7 regression from [25119]: Have in_category() return false when the first argument is empty. 2013-10-26 02:55:08 +00:00
category.php Pinking shears 2013-10-23 14:40:10 +00:00
class-IXR.php Ignore entities in XML-RPC requests. 2014-08-06 17:51:19 +00:00
class-feed.php Inline documentation for hooks in wp-includes/class-feed.php. 2013-10-08 20:07:08 +00:00
class-http.php Pinking shears 2013-10-23 14:40:10 +00:00
class-json.php Patch Services_JSON to use the proper function name and avoid a fatal error. see #24210. 2013-07-08 16:55:34 +00:00
class-oembed.php Inline documentation for hooks in wp-includes/class-oembed.php. 2013-10-07 23:57:10 +00:00
class-phpass.php Prevent high resource usage when hashing large passwords. props mdawaffe, pento 2014-11-20 16:08:09 +00:00
class-phpmailer.php Update PHPMailer to 5.2.22. 2017-01-11 05:28:09 +00:00
class-pop3.php Update pop3 class. Props aaroncampbell. fixes #17064 2011-04-21 20:40:32 +00:00
class-simplepie.php Update SimplePie to 1.3.1. Props rmccue, ocean90. fixes #22321 2012-11-05 14:25:25 +00:00
class-smtp.php Update PHPMailer to 5.2.22. 2017-01-11 05:28:09 +00:00
class-snoopy.php Snoopy: use escapeshellarg instead of escapeshellcmd 2016-03-30 14:16:09 +00:00
class-wp-admin-bar.php Pinking shears 2013-10-23 14:40:10 +00:00
class-wp-ajax-response.php Specify the charset in WP_Ajax_Response::send(). Props sergey.s.betke@novgaro.ru, SergeyBiryukov. fixes #19448 2012-08-15 18:17:21 +00:00
class-wp-customize-control.php Remove /extend/ from URLs to wordpress.org/plugins, /themes, and /mobile, as those are all now top-level. see #24389. 2013-05-22 21:01:57 +00:00
class-wp-customize-manager.php Customize: Ignore invalid customization sessions. 2017-05-16 12:23:10 +00:00
class-wp-customize-section.php Actually display customizer section descriptions in a meaningful way. props obenland, helen. fixes #24392. 2013-08-23 16:18:10 +00:00
class-wp-customize-setting.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
class-wp-editor.php Remove some old backwards compatibility code from TinyMCE. Merge of [32166] to the 3.7 branch. 2015-04-20 12:58:10 +00:00
class-wp-embed.php Backport r33469 and r33470 to 3.7. 2015-07-31 01:46:08 +00:00
class-wp-error.php Correct inline docs for is_wp_error(). props johnbillion. fixes #24637. 2013-06-24 18:23:45 +00:00
class-wp-http-ixr-client.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
class-wp-image-editor-gd.php Improve inline documentation for the `multi_resize()` method in `WP_Image_Editor`, `WP_Image_Editor_GD`, and `WP_Image_Editor_Imagick`. 2013-10-08 17:19:09 +00:00
class-wp-image-editor-imagick.php Improve inline documentation for the `multi_resize()` method in `WP_Image_Editor`, `WP_Image_Editor_GD`, and `WP_Image_Editor_Imagick`. 2013-10-08 17:19:09 +00:00
class-wp-image-editor.php Improve inline documentation for the `multi_resize()` method in `WP_Image_Editor`, `WP_Image_Editor_GD`, and `WP_Image_Editor_Imagick`. 2013-10-08 17:19:09 +00:00
class-wp-theme.php Themes: Fix markup for theme name fallbacks. 2017-01-11 11:13:14 +00:00
class-wp-walker.php Pinking shears 2013-10-23 14:40:10 +00:00
class-wp-xmlrpc-server.php Adjust post meta checks 2017-05-16 08:54:35 +00:00
class-wp.php Ensure wp::send_headers() detects a comments feed when permalinks are disabled and thus the withcomments QV is omitted. This fixes Last-Modified. 2013-10-03 03:15:08 +00:00
class.wp-dependencies.php Inline documentation for WP_Dependencies and _WP_Dependency classes. 2013-09-20 19:54:10 +00:00
class.wp-scripts.php If the script_loader_src filter returns nothing, bail instead of printing <script src="">. 2013-09-16 22:12:09 +00:00
class.wp-styles.php Revert [25202] and enforce that wp_add_inline_style() does not want <style> tags. 2013-10-15 14:35:09 +00:00
comment-template.php Inline documentation for the Walker_Comment class in wp-includes/comment-template.php 2013-09-23 23:29:11 +00:00
comment.php Spell out duplicate hook locations. 2013-10-22 17:22:11 +00:00
compat.php WPDB: When checking that a string can be sent to MySQL, we shouldn't use `mb_convert_encoding()`, as it behaves differently to MySQL's character encoding conversion. 2015-05-06 19:17:09 +00:00
cron.php Cron: Fix a case where a cache inconsistency can cause wp_clear_scheduled_hook() to enter an infinite loop. 2014-04-01 03:40:10 +00:00
date.php Inline documentation for the `WP_Date_Query` class in wp-includes/date.php. 2013-10-21 23:17:09 +00:00
default-constants.php PHP4 compatibility for files loaded before we bail. fixes #25760. 2013-10-29 20:08:08 +00:00
default-filters.php Pass the taxonomy around to relevant nav menu actions to avoid arbitrarily deleting all items with `menu-item-type` of `taxonomy`. Adds unit test for `wp_get_associated_nav_menu_items()`. 2013-08-29 16:45:10 +00:00
default-widgets.php Nav menus: Consistent titles in widgets. 2015-08-03 20:59:07 +00:00
deprecated.php Mark _search_terms_tidy() as deprecated in 3.7. see #7394. 2013-09-28 08:25:09 +00:00
feed-atom-comments.php Spell out duplicate hook locations. 2013-10-22 17:22:11 +00:00
feed-atom.php Inline documentation for hooks in wp-includes/feed-atom.php. 2013-09-20 22:50:10 +00:00
feed-rdf.php Pinking shears 2013-10-23 14:40:10 +00:00
feed-rss.php Pinking shears 2013-10-23 14:40:10 +00:00
feed-rss2-comments.php Pinking shears 2013-10-23 14:40:10 +00:00
feed-rss2.php Inline documentation for hooks in wp-includes/feed-rss2.php. 2013-09-20 22:27:09 +00:00
feed.php Hardening: Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds. 2017-11-29 16:52:10 +00:00
formatting.php Media: Improve handling of extensionless filenames. 2016-06-21 15:02:09 +00:00
functions.php Media: Improve verification of MIME file types. 2018-12-12 23:50:09 +00:00
functions.wp-scripts.php Improve inline documentation for wp-includes/functions.wp-scripts.php. 2013-09-24 02:58:09 +00:00
functions.wp-styles.php Avoid printing a possible HTML element. fixes #24813. 2013-10-16 04:46:10 +00:00
general-template.php Multisite: Improve messaging for previously activated users. 2018-12-13 01:14:07 +00:00
http.php HTTP: Improve detection of valid IP addresses. 2016-03-30 15:54:08 +00:00
kses.php KSES: Make the URI attributes DRY. 2018-12-13 01:27:08 +00:00
l10n.php PHP4 compatibility for files loaded before we bail. fixes #25760. 2013-10-29 20:08:08 +00:00
link-template.php Spell out duplicate hook locations. 2013-10-22 17:22:11 +00:00
load.php Inline documentation for hooks in wp-includes/load.php. 2013-09-16 18:30:10 +00:00
locale.php Remove ultimately unnecessary visibility keyword from a WP_Locale method because this file is included when we bail for PHP 4. props ocean90. fixes #24915. for trunk. 2013-08-01 19:47:36 +00:00
media-template.php Spell out duplicate hook locations. 2013-10-22 17:22:11 +00:00
media.php External Libraries: Disable Flash backend for Plupload 2016-05-06 17:36:10 +00:00
meta.php Return false in update_metadata() and update_metadata_by_mid() when the DB query fails. 2013-09-23 20:31:09 +00:00
ms-blogs.php Use the wpdb method instead of $wpdb->prefix. 2013-09-24 23:41:10 +00:00
ms-default-constants.php Multisite in a subdirectory: For subdomain installs, use a root admin cookie path, not a wp-admin specific one. 2012-12-04 00:51:02 +00:00
ms-default-filters.php Live network counts of users and sites for small networks. 2013-09-25 16:21:09 +00:00
ms-deprecated.php Introduce wp_get_sites(), a long-awaited replacement for get_blog_list(). 2013-09-14 21:13:10 +00:00
ms-files.php Use stripslashes() instead of wp_unslash() in ms-files.php to avoid formatting.php dependency. props devesine, fixes #24374. 2013-05-20 20:20:22 +00:00
ms-functions.php Multisite: Use `wp_rand()` in signup key creation. 2017-01-11 05:36:51 +00:00
ms-load.php Pinking shears 2013-10-23 14:40:10 +00:00
ms-settings.php Resurrect the switched global. Some are still using it. see #21459 2012-08-22 03:34:00 +00:00
nav-menu-template.php Spell out duplicate hook locations. 2013-10-22 17:22:11 +00:00
nav-menu.php Introduce `wp_using_ext_object_cache()` - mimic `wp_suspend_cache_invalidation()` and discourage direct access to `$_wp_using_ext_object_cache`, cleaning up importing of globals in functions and provides function to modify that global. Loads the packaged object cache when an external cache hasn't been loaded or doesn't contain `wp_cache_init()`. 2013-09-06 18:10:09 +00:00
option.php Prefix the notoptions cache key in the multisite site-options group with $wpdb->siteid to avoid collisions. 2014-04-01 04:07:09 +00:00
pluggable-deprecated.php Remove /extend/ from URLs to wordpress.org/plugins, /themes, and /mobile, as those are all now top-level. see #24389. 2013-05-22 21:01:57 +00:00
pluggable.php Strip control characters before validating redirect. 2017-03-06 13:47:09 +00:00
plugin.php Initialize the filter globals. 2013-09-24 19:05:10 +00:00
post-formats.php Allow has_post_format() to accept an array of formats to check. props ericmann. fixes #17320. 2013-07-28 20:48:09 +00:00
post-template.php Admin: Escape attachment name in case it contains special characters 2016-06-21 14:30:09 +00:00
post-thumbnail-template.php Inline documentation for hooks in wp-includes/post-thumbnail-template.php. 2013-09-20 02:51:09 +00:00
post.php Media: Limit thumbnail file deletions to the same directory as the original file. 2018-07-05 15:19:09 +00:00
query.php Query: Ensure that queries work correctly with post type names with special characters. 2017-01-26 13:53:22 +00:00
registration-functions.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
registration.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
revision.php Revisions changes. 2013-07-24 06:08:14 +00:00
rewrite.php Make `url_to_postid()` work for custom post type URLs. Use `get_post_types()` and `get_taxonomies()` instead of directly accessing globals. Adds unit test. 2013-10-02 19:42:09 +00:00
rss-functions.php Don't rely on include_path to include files. 2013-09-25 00:18:11 +00:00
rss.php Inline docs for hooks in MagPie. 2013-09-06 17:19:09 +00:00
script-loader.php External Libraries: Disable Flash backend for Plupload 2016-05-06 17:36:10 +00:00
shortcodes.php Shortcodes: don't allow unclosed HTML elements in attributes 2015-09-14 22:50:08 +00:00
taxonomy.php Taxonomies: make sure taxonomy functions work correctly with taxonomy names with special characters 2016-03-30 17:43:08 +00:00
template-loader.php Inline documentation for hooks in wp-includes/template-loader.php. 2013-10-06 18:41:09 +00:00
template.php Inline documentation for a hooks in wp-includes/template.php. 2013-10-06 19:01:09 +00:00
theme.php Themes: Fix some broken links in the legacy theme preview. 2015-08-04 04:58:12 +00:00
update.php Background Updates: Remove the 7am/7pm background update check. 2016-01-06 13:24:33 +00:00
user.php Invalidate password keys when a user's email changes. 2014-11-20 13:43:09 +00:00
vars.php Pinking shears 2013-10-23 14:40:10 +00:00
version.php Bump 3.7 branch to version 3.7.27 2018-07-05 16:14:30 +00:00
widgets.php Remove temporary 3.8 hooks from the 3.7 branch. 2013-10-22 23:58:10 +00:00
wlwmanifest.xml Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
wp-db.php WPDB: Check that `AUTH_SALT` is not empty, Fix a PHP notice when `AUTH_SALT` is undefined. 2017-11-27 01:15:10 +00:00
wp-diff.php Go back to plain text diffs between revisions instead of attempting partial rendering. 2013-05-07 20:34:58 +00:00