WordPress/wp-includes
Ryan Boren ffac99eadc * Introduce wp_kses_allowed_html() which accepts a context string and returns an array of allowed tags.
* Remove explicit declarations of class, id, style, and title from $allowedposttags
 * Dynamicallly add global attributes to every tag for the 'post' context
 * No longer calls wp_kses_array_lc() every time wp_kses() runs. Instead it runs once if CUSTOM_TAGS is true. Plugins directly passing a custom allowed_html array will no longer get the lc treatment. Keep an eye out for problems with this.
 * wp_kses_data() and wp_filter_kses() pass current_filter() for the $allowed_html argument to wp_kses().
 * wp_kses_allowed_html() handles being passed a filter name for a context. If the filter is not a recognized one it defaults to using $allowedtags as was done before for wp_kses_data() and wp_filter_kses().
 * wp_kses_allowed_html() recognizes user_description and pre_user_description out of the box. For these it takes $allowedtags and inserts rel attribute support.
 * wp_kses_allowed_html() allows plugins to override the return values for the default contexts and support arbitrary contexts via a wp_kses_allowed_html filter.
 * wp_kses_hook() can now pass a string context for $allowed_html to the pre_kses filter. We might have to pass the result of wp_kses_allowed_html() instead if it turns out that plugins are digging in $allowed_html.

fixes #17977
see #20210


git-svn-id: http://core.svn.wordpress.org/trunk@21790 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-10 16:19:54 +00:00
..
SimplePie Update to SimplePie 1.3. props rmccue. 2012-08-28 17:24:33 +00:00
Text Update Text_Diff. Props simek. Fixes #9467 2010-02-19 01:25:26 +00:00
css Make browser text-selections ignore attachment views. see #21390. 2012-09-07 22:15:52 +00:00
images Flip Admin Bar search icon, props empireoflight and lessbloat, fixes #20033 2012-08-30 21:18:07 +00:00
js Use icons for non-image attachments in the new media modal. see #21836, #21390, #21808. 2012-09-07 21:27:07 +00:00
pomo Avoid 'Only variables should be passed by reference' warnings. Props SergeyBiryukov. see #18975 2011-10-27 20:00:09 +00:00
theme-compat Introduce get_edit_user_link(). Props scribu, georgestephanis, johnbillion. fixes #14787 see #20307 2012-07-30 18:30:03 +00:00
admin-bar.php Use get_post() instead of global $post. 2012-09-04 16:29:28 +00:00
atomlib.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
author-template.php Use get_post() instead of global $post. 2012-09-04 16:29:28 +00:00
bookmark-template.php Bunch of PHPDoc corrections and cleanups. props c3mdigital. props SergeyBiryukov. fixes #21149 2012-07-09 05:03:53 +00:00
bookmark.php Use wp_cache_add() instead of wp_cache_set() when priming the object term cache in update_object_term_cache(). Pass the real post_type to clean_object_term_cache() instead of hard-coding post. Call clean_object_term_cache() from clean_bookmark_cache(). Props leewillis77. fixes #19690 2012-01-11 21:26:18 +00:00
cache.php Introduce wp_cache_switch_to_blog() and WP_Object_Cache::switch_to_blog() as a lighter/faster way to switch the cache to a new blog id. 2012-08-02 18:31:14 +00:00
canonical.php Also switch back the @uses annotation for [21215]. props duck_. see #20484. see #16639 2012-07-05 20:09:28 +00:00
capabilities.php Move the optimization done to get_user_by() in [21376] higher up the stack, into map_meta_cap() and is_super_admin(). 2012-08-20 21:58:34 +00:00
category-template.php Use get_post() instead of global $post. 2012-09-04 16:29:28 +00:00
category.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
class-IXR.php Specify the encoding in IXR_Server::output(). Props solarissmoke, sergey.s.betke@novgaro.ru, SergeyBiryukov. fixes #4794 2012-08-15 20:12:00 +00:00
class-feed.php Stabilize how WordPress hooks into SimplePie to implement transient caching. 2012-08-29 00:25:52 +00:00
class-http.php Fix typo in HTTP docblock. props ocean90. fixes #21215. 2012-07-20 15:09:11 +00:00
class-json.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
class-oembed.php Fix oEmbed when the provider only supports XML responses. 2012-09-03 21:42:24 +00:00
class-phpass.php Fix typos in documentation (wp-includes/[a-h]). See #18560. 2011-09-03 16:02:41 +00:00
class-phpmailer.php Do not pass mail() a fourth argument when safe_mode is in effect. 2012-06-26 03:54:17 +00:00
class-pop3.php Update pop3 class. Props aaroncampbell. fixes #17064 2011-04-21 20:40:32 +00:00
class-simplepie.php Use ABSPATH . WPINC rather than dynamically building the include path. see #21183. 2012-08-28 17:27:18 +00:00
class-smtp.php Upgrade PHPMailer to 5.2.1. Props MattyRob. fixes #19887 2012-02-07 16:13:51 +00:00
class-snoopy.php Fix some encoding issues. props hakre, fixes #14735. 2010-10-27 09:54:17 +00:00
class-wp-admin-bar.php Remove the @return for WP_Admin_Bar::remove_node(). props scribu. fixes #20906. 2012-08-24 17:34:52 +00:00
class-wp-ajax-response.php Specify the charset in WP_Ajax_Response::send(). Props sergey.s.betke@novgaro.ru, SergeyBiryukov. fixes #19448 2012-08-15 18:17:21 +00:00
class-wp-atom-server.php Improve API usage in wp-app.php for post operations and attachment deletion. Proper cap checks. Unregister put_file and delete_file as core itself doesn't provide for file replacement. 2012-09-04 20:57:36 +00:00
class-wp-customize-control.php Avoid fatal error in the customizer when the current theme doesn't support custom headers. Props c3mdigital. fixes #21515 2012-08-10 20:15:06 +00:00
class-wp-customize-manager.php phpdoc for Customizer classes and methods. Props bananastalktome. see #21303 2012-07-26 21:45:33 +00:00
class-wp-customize-section.php phpdoc for Customizer classes and methods. Props bananastalktome. see #21303 2012-07-26 21:45:33 +00:00
class-wp-customize-setting.php phpdoc for Customizer classes and methods. Props bananastalktome. see #21303 2012-07-26 21:45:33 +00:00
class-wp-editor.php Use get_post() instead of global $post. 2012-09-04 16:29:28 +00:00
class-wp-error.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
class-wp-http-ixr-client.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
class-wp-theme.php URL encode the stylesheet directory values passed to WP_Theme's get_stylesheet_directory_uri() and get_template_directory_uri(). props SergeyBiryukov, see #21749. 2012-09-03 23:57:43 +00:00
class-wp-walker.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
class-wp-xmlrpc-server.php Fix typo in phpdoc for wp_newPost(). Props alyssonweb. fixes #21798 2012-09-05 15:36:59 +00:00
class-wp.php Allow home page of multisite (subdir install) sites to resolve regardless of capitalization, as they already do for URLs other than the home page. props SergeyBiryukov. fixes #16200 2012-07-05 13:50:24 +00:00
class.wp-dependencies.php Have wp_script_is() and wp_style_is() accept 'enqueued', as it reads better than 'queue' and is consistent with 'registered'. fixes #21741. 2012-08-30 18:57:57 +00:00
class.wp-scripts.php Allow protocol-relative URLs when registering/enqueueing scripts and styles. 2012-06-28 20:18:38 +00:00
class.wp-styles.php Allow protocol-relative URLs when registering/enqueueing scripts and styles. 2012-06-28 20:18:38 +00:00
comment-template.php Use get_post() instead of global $post. 2012-09-04 16:29:28 +00:00
comment.php Use get_post() instead of bare SQL in do_trackbacks(). see #21309 2012-08-23 20:43:47 +00:00
compat.php Restore compat for json_decode and json_encode. fixes #18015 for trunk. 2011-07-06 23:33:05 +00:00
cron.php Introduce cron_request filter. Props ikailo. fixes #13449 2012-07-20 15:15:22 +00:00
default-constants.php s/inval/intval/. props PeteMall. see #14889. 2012-06-28 20:24:50 +00:00
default-filters.php If the DB upgrade hasn't yet been run, assume the Link Manager is disabled. Important for multisite installs. props ryan. see #21307. 2012-08-16 23:09:40 +00:00
default-widgets.php Hide the link manager from the UI on upgrade, if the site has no links. New DB option, link_manager_enabled. 2012-08-13 16:18:42 +00:00
deprecated.php Use get_post() instead of global $post. 2012-09-04 16:29:28 +00:00
feed-atom-comments.php Use get_search_query() in feed-rss2-comments.php. Props SergeyBiryukov. fixes #21365 2012-07-25 18:04:17 +00:00
feed-atom.php Use html_type for alternate link elements in atom feeds, as done in atom comment feeds. props niallkennedy. fixes #21305. 2012-07-20 15:08:45 +00:00
feed-rdf.php Add the generator element in feeds through the {rss2|atom|rdf|rss|opml}_head hooks. Fixes #6947 props sivel. 2010-02-13 16:45:16 +00:00
feed-rss.php Use the site's locale for the feed language. Provides the same result as language_attributes(). Removes the rss_language option. fixes #13440. see #5517. 2012-01-29 19:56:33 +00:00
feed-rss2-comments.php Use get_search_query() in feed-rss2-comments.php. Props SergeyBiryukov. fixes #21365 2012-07-25 18:04:17 +00:00
feed-rss2.php Use the_content_feed() when looking for zero-length post content for RSS2 feeds. Now you can have blank posts with content generated by the_content filters. props SergeyBiryukov. fixes #15604 2012-07-09 03:33:01 +00:00
feed.php Use set_url_scheme(). Props johnbillion, MarcusPope. see #19037 #20759 2012-08-30 13:33:00 +00:00
formatting.php Properly delimit URLs by \r, \n, \t *or* a space in sanitize_trackback_urls(). Fixes multiple trackback URL usage. props SergeyBiryukov, fixes #21624 for trunk. 2012-09-04 03:36:19 +00:00
functions.php Add get-attachment and query-attachments Ajax handlers. props koopersmith. see #21390. 2012-08-31 02:58:51 +00:00
functions.wp-scripts.php Have wp_script_is() and wp_style_is() accept 'enqueued', as it reads better than 'queue' and is consistent with 'registered'. fixes #21741. 2012-08-30 18:57:57 +00:00
functions.wp-styles.php Have wp_script_is() and wp_style_is() accept 'enqueued', as it reads better than 'queue' and is consistent with 'registered'. fixes #21741. 2012-08-30 18:57:57 +00:00
general-template.php Use get_post() instead of global $post. 2012-09-04 16:29:28 +00:00
http.php API for allowing cross origin resource sharing. 2012-05-15 18:46:03 +00:00
kses.php * Introduce wp_kses_allowed_html() which accepts a context string and returns an array of allowed tags. 2012-09-10 16:19:54 +00:00
l10n.php Load the admin MO file on repair.php. props SergeyBiryukov. see #21039 for trunk. 2012-06-25 20:00:31 +00:00
link-template.php Use get_post() instead of global $post. 2012-09-04 16:29:28 +00:00
load.php Don't include functions.php in wp_load_translations_early() 2012-09-04 02:38:37 +00:00
locale.php Add a translator's comment. see #19924. 2012-02-06 19:43:26 +00:00
media.php Prevent img elements in the media modal from being draggable. see #21390. 2012-09-07 22:09:40 +00:00
meta.php Add NOT EXISTS to meta queries, allowing you to query for the non-existence of a meta key. 2012-06-29 19:59:29 +00:00
ms-blogs.php Restore blog_option_* filter. see #21459 2012-08-23 16:04:39 +00:00
ms-default-constants.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
ms-default-filters.php Multisite: Make it easy to replace or augment the over-quota message displayed when you try and upload new media and you have reached your quota. 2012-07-10 13:33:44 +00:00
ms-deprecated.php Undeprecate *_blog_option() by popular demand. Put them back in ms-blogs.php since direct inclusion of ms-blogs.php/ms-functions.php is unforntunately common. 2012-08-08 17:11:15 +00:00
ms-files.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
ms-functions.php Use set_url_scheme(). Props johnbillion, MarcusPope. see #19037 #20759 2012-08-30 13:33:00 +00:00
ms-load.php Introduce wp_load_translations_early(), which can be used before the locale is properly loaded in order to translate early error strings. Internationalize setup-config.php -- translators no longer have a reason to modify this file. fixes #18180. 2012-01-26 20:34:27 +00:00
ms-settings.php Resurrect the switched global. Some are still using it. see #21459 2012-08-22 03:34:00 +00:00
nav-menu-template.php Use set_url_scheme(). Props johnbillion, MarcusPope. see #19037 #20759 2012-08-30 13:33:00 +00:00
nav-menu.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
option.php Call filters for default option values only as needed to reduce number of filter calls. Props Ott042. see #20448 2012-05-14 17:00:13 +00:00
pluggable-deprecated.php Update @deprecated. Props scribu. see #18333 2011-08-05 18:44:43 +00:00
pluggable.php Make sure that we always generate random numbers correctly even if the PHP build is slightly broken and truncates large integers. 2012-08-31 09:45:50 +00:00
plugin.php Revert [21287] until #21169 goes through. see #21321. 2012-07-21 20:24:21 +00:00
post-template.php Restore in get_the_excerpt(). Props c3mdigital. fixes #21797 2012-09-05 19:54:08 +00:00
post-thumbnail-template.php Add $wp_query parameter to update_post_thumbnail_cache(). props scribu. see #19949, fixes that ticket for 3.4. 2012-04-30 15:55:57 +00:00
post.php Use wp_cache_add() in wp_mime_type_icon(). fixes #21835. 2012-09-07 21:10:43 +00:00
query.php Allow orderby=post__in, which uses the explicit order you provided in the post__in parameter. fixes #13729. props jakemgold, Otto42. 2012-09-06 19:01:21 +00:00
registration-functions.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
registration.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
rewrite.php Reinstate paged rewrite rules for the post permalink structure. 2012-09-03 22:06:28 +00:00
rss-functions.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
rss.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
script-loader.php First pass at integrating featured images with the new media workflow. 2012-09-06 08:49:35 +00:00
shortcodes.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
taxonomy.php Allow easy registration of taxonomy columns on post (and custom post type) list table screens. 2012-09-08 03:18:36 +00:00
template-loader.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
template.php Remove reference to a global eliminated long ago. props tamlyn, fixes #20668. 2012-05-24 07:06:13 +00:00
theme.php URL encode the theme stylesheet passed into wp_customize_url(). see #21749. 2012-09-03 23:58:30 +00:00
update.php Fix string offset PHP 5.4 error by normalizing $user_count to always be an integer. props ericmann. see #20966 for trunk. 2012-06-25 19:40:16 +00:00
user.php Update phpdoc for count_many_users_posts(). Props willmot. fixes #21640 2012-09-04 21:07:27 +00:00
vars.php TinyMCE: better exclusion of Opera mobile, fixes #21416 2012-07-30 19:40:52 +00:00
version.php Compress scripts/styles: -3.5-21751. 2012-09-04 21:59:25 +00:00
widgets.php One newline is enough. 2012-01-05 20:10:39 +00:00
wlwmanifest.xml Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
wp-db.php Basic support for the mysql_connect() new_link and client_flags arguments. props Otto42, fixes #19324. 2012-08-24 17:44:21 +00:00
wp-diff.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00