sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Widgets: Fix previewing embeds in Text widget by allowing `parse-embed` admin ajax requests with an empty `post_ID` just as `WP_oEmbed_Controller::get_proxy_item_permissions_check()` allows. 

As of #34115 if there is no post context the oEmbed will be cached in an `oembed_cache` custom post type, so having a post as context is no longer a requirement for caching.

Props biskobe, westonruter.
See #34115, #40450.
Fixes #40854.


git-svn-id: https://develop.svn.wordpress.org/trunk@41913 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Weston Ruter 2017-10-18 17:39:46 +00:00
parent d4bdbbf542
commit a7c6a25eba
1 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/wp-admin/includes/ajax-actions.php
View File

@ -3005,11 +3005,17 @@ function wp_ajax_query_themes() {
function wp_ajax_parse_embed() {
global $post, $wp_embed;
if ( ! $post = get_post( (int) $_POST['post_ID'] ) ) {
if ( empty( $_POST['shortcode'] ) ) {
wp_send_json_error();
}
if ( empty( $_POST['shortcode'] ) || ! current_user_can( 'edit_post', $post->ID ) ) {
$post_id = isset( $_POST[ 'post_ID' ] ) ? intval( $_POST[ 'post_ID' ] ) : 0;
if ( $post_id > 0 ) {
$post = get_post( $post_id );
if ( ! $post || ! current_user_can( 'edit_post', $post->ID ) ) {
wp_send_json_error();
}
setup_postdata( $post );
} elseif ( ! current_user_can( 'edit_posts' ) ) { // See WP_oEmbed_Controller::get_proxy_item_permissions_check().
wp_send_json_error();
}
@ -3026,8 +3032,6 @@ function wp_ajax_parse_embed() {
}
$parsed = false;
setup_postdata( $post );
$wp_embed->return_false_on_fail = true;
if ( is_ssl() && 0 === strpos( $url, 'http://' ) ) {