`autop()` can sometimes get confused and not clean up stray `<p>` or `</p>` tags inside block level elements, which produces sub-optimal HTML. While browsers can generally handle it, there's no need to make things harder for them if we don't have to.
Props pento, ayubi, pbearne, jond, azaozz, 1994rstefan, dionysous, MikeHansenMe, jorbin, miqrogroove, niallkennedy.
Fixes#27350.
git-svn-id: https://develop.svn.wordpress.org/trunk@45585 602fd350-edb4-49c9-b593-d223f7449a82
Add a new `terms_pre_query` filter which returns null by default. Return a non-null value to bypass WordPress's default `get_terms` queries.
Props jarocks, boonebgorges, spacedmonkey.
Fixes#41246.
git-svn-id: https://develop.svn.wordpress.org/trunk@45584 602fd350-edb4-49c9-b593-d223f7449a82
Inline `<svg>`s should generally work, as browsers should just ignore `<p>` or `<br/>` tags that shouldn't be inside the `<svg>`. To keep things neat, however, it's better not add them in the first place.
Props jared_smith, nacin, pento.
Fixes#9437.
git-svn-id: https://develop.svn.wordpress.org/trunk@45577 602fd350-edb4-49c9-b593-d223f7449a82
The previous assertion was always valid because we assumed it returned a single object,
while in reality it was returning an array.
Props hideokamoto.
Fixes#47622.
git-svn-id: https://develop.svn.wordpress.org/trunk@45575 602fd350-edb4-49c9-b593-d223f7449a82
It can be tricky to know when `wpautop()` should add `<p>` tags, but one thing we can be certain about is that they really shouldn't be anywhere near `<hr>` tags.
Now they aren't.
Props solarissmoke, MattyRob, pento.
Fixes#14674.
git-svn-id: https://develop.svn.wordpress.org/trunk@45574 602fd350-edb4-49c9-b593-d223f7449a82
The web has gotten so much faster since `human_time_diff()` was created, we need to be able to measure time differences with much finer granularity. Now, we can.
Props johnjamesjacoby, pento.
Fixes#35655.
git-svn-id: https://develop.svn.wordpress.org/trunk@45573 602fd350-edb4-49c9-b593-d223f7449a82
- Adds a local environment based on docker
- Adds the e2e tests setup
- Adds a "Hello World" e2e test to serve as a template
Props gziolo, herregroen, mcsf.
Fixes#45165.
git-svn-id: https://develop.svn.wordpress.org/trunk@45570 602fd350-edb4-49c9-b593-d223f7449a82
Smilies in ignored tags are not supposed to be converted to emoji, but this can malfunction if the tag has attributes. For example, the Preformatted block with add a `class` to the `<pre>` tag.
Props pento, jikamens.
Fixes#47489.
git-svn-id: https://develop.svn.wordpress.org/trunk@45569 602fd350-edb4-49c9-b593-d223f7449a82
Introduces the faux primitive capability `view_site_health_checks` available to single site admins and multisite super-admin to view the site health page within the admin.
The capability is mapped to the `install_plugins` capability without being dependent on the file system being writable. This fixes a bug where the feature couldn't be used by sites unable to write to the file system or managed through version control.
The capability is granted on the `user_has_cap` filter.
Props birgire, Clorith, palmiak, peterwilsoncc, spacedmonkey.
Fixes#46957.
git-svn-id: https://develop.svn.wordpress.org/trunk@45507 602fd350-edb4-49c9-b593-d223f7449a82
This introduces three new strings that can be used to control the maximum length of automatically generated excerpts for posts, comments, and draft post previews in the dashboard. Optionally combined with the existing word count type control this allows languages which include many multibyte characters to specify more appropriate maximum excerpt lengths.
Props miyauchi, birgire, johnbillion
Fixes#44541
git-svn-id: https://develop.svn.wordpress.org/trunk@45505 602fd350-edb4-49c9-b593-d223f7449a82
The existing `"grunt": "grunt"` script in `package.json` allows for the use of `npm run grunt ...` which uses the local `grunt` binary in the project's `node_modules`.
Fixes#47380
git-svn-id: https://develop.svn.wordpress.org/trunk@45445 602fd350-edb4-49c9-b593-d223f7449a82
Use of `date()` in core depends on PHP timezone set to UTC and not changed by third party code (which cannot be guaranteed).
`gmdate()` is functionally equivalent, but is not affected by PHP timezone setting: it's always UTC, which is the exact behavior the core needs.
Props nielsdeblaauw, Rarst.
Fixes#46438. See #44491.
git-svn-id: https://develop.svn.wordpress.org/trunk@45424 602fd350-edb4-49c9-b593-d223f7449a82
Restore `$previousweekday` global usage in `the_weekday_date()`, so it could still be used simultaneously with `the_date()`.
Partially reverts [45378].
See #47354.
git-svn-id: https://develop.svn.wordpress.org/trunk@45379 602fd350-edb4-49c9-b593-d223f7449a82
* Make `the_date()` always apply the the filter and return a value.
* Use `is_new_day()` in `the_weekday_date()`.
* Add a unit test for `the_weekday_date()`.
Fixes#47354.
git-svn-id: https://develop.svn.wordpress.org/trunk@45378 602fd350-edb4-49c9-b593-d223f7449a82
Allow `flex`, `flex-grow`, `flex-shrink` and `flex-basis` to be used in inline CSS. As of WordPress 5.3 the block editor is expected to use `flex-basis` inline to set the width in the column block.
Props aduth.
Fixes#47281.
See #37248.
git-svn-id: https://develop.svn.wordpress.org/trunk@45363 602fd350-edb4-49c9-b593-d223f7449a82
The sodium_compat library can be very slow for certain operations on 32-bit architectures, which can lead to web server timeouts while attempting to verify an update. This adds a runtime speed check to skip signature verification on systems that would otherwise time out. Includes simple unit tests.
Props dd32, paragoninitiativeenterprises.
See #47186.
git-svn-id: https://develop.svn.wordpress.org/trunk@45345 602fd350-edb4-49c9-b593-d223f7449a82
`get_available_post_mime_types()` uses a query that's extremely slow on sites with lots of posts. The original fix can be revisited after those performance issues are tackled.
See #43658.
git-svn-id: https://develop.svn.wordpress.org/trunk@45270 602fd350-edb4-49c9-b593-d223f7449a82
Fixes:
- Parsing of blocks in the second half of post_content.
- Outputting malformed HTML when `the_content( null, true )` or `<!--noteaser-->` is used.
Props lukecarbis, garrett-eclipse, birgire.
Fixes#46471.
git-svn-id: https://develop.svn.wordpress.org/trunk@45261 602fd350-edb4-49c9-b593-d223f7449a82
Simplify overall code structure by passing the required format to the helper function.
Clarify functionality by renaming `get_last_build_date` to `get_feed_build_date`.
Props pento, spacedmonkey.
Fixes#4575.
git-svn-id: https://develop.svn.wordpress.org/trunk@45247 602fd350-edb4-49c9-b593-d223f7449a82
Currently, there are a number of scenarios where `is_block_editor()` (and `WP_Screen::is_block_editor`) would incorrectly indicate block editor support at different points of the loading process. Most notably, checking `is_block_editor` when hooking into the `current_screen` action will always result in `false`, even when the block editor is being loaded. This is because `is_block_editor` is not set to `true` until `edit-form-blocks.php` is included.
This change adds logic to `WP_Screen` to ensure the accuracy of `is_block_editor` on block editor pages earlier in the load process.
While edit screens will now be accurate 100% of the time from `current_screen` on, there are still a few edge cases where `is_block_editor` could contain an incorrect value when creating a new post.
Because a `WP_Post` object is a required parameter for the `replace_editor` filter and `use_block_editor_for_post()` function, `WP_Screen` will fall back to the value returned by `use_block_editor_for_post_type()` for the post being created. To eliminate these edge cases, the `use_block_editor_for_post_type` filter can be used to return the appropriate boolean value to indicate support.
Props Chouby, desrosj, aduth, johnbillion.
Fixes#46195.
git-svn-id: https://develop.svn.wordpress.org/trunk@45224 602fd350-edb4-49c9-b593-d223f7449a82
While currently a recovery link is only made available via the admin email address, this will be expanded in the future. In order to accomplish that, the mechanisms to store and validate recovery keys must support multiple keys to be valid at the same time.
This changeset adds that support, adding an additional token parameter which is part of a recovery link in addition to the key. A key itself is always associated with a token, so the two are only valid in combination. These associations are stored in a new `recovery_keys` option, which is regularly cleared in a new Cron hook, to prevent potential cluttering from unused recovery keys.
This changeset does not have any user-facing implications otherwise.
Props pbearne, timothyblynjacobs.
Fixes#46595. See #46130.
git-svn-id: https://develop.svn.wordpress.org/trunk@45211 602fd350-edb4-49c9-b593-d223f7449a82
An admin may download an export to check that it's all correct, but this action shouldn't mark the request as complete.
Props garrett-eclipse, JoshuaWold, birgire.
Fixes#44644.
git-svn-id: https://develop.svn.wordpress.org/trunk@45148 602fd350-edb4-49c9-b593-d223f7449a82
This expands upon `rel="noopener"` being previously added to links in the content.
Props audrasjb, welcher.
Fixes#43290.
git-svn-id: https://develop.svn.wordpress.org/trunk@45141 602fd350-edb4-49c9-b593-d223f7449a82
When `do_blocks()` is run, it sets up some special handling of the `wpautop` filter, as we don't want `wpautop` to run on block content, but we do want it to be available for subsequent runs of `the_content`, which may be happening on non-block content.
As we set this up before rendering dynamic blocks, however, a dynamic block choosing to run `the_content` will cause unintentially structural deficiences in this particular recursive block tower.
Moving this handling to after dynamic blocks are rendered makes our tower lean a little less.
Props aldavigdis, pento.
Fixes#45495.
git-svn-id: https://develop.svn.wordpress.org/trunk@45139 602fd350-edb4-49c9-b593-d223f7449a82
Fix off-by-one error in pixel color checks for rotate and flip image tests.
Change to using PNG with single pixel to ensure that errors are caught in the future, rather than lost in JPEG noise.
Props Fuegas, mikeschroder.
Fixes#46073.
git-svn-id: https://develop.svn.wordpress.org/trunk@45067 602fd350-edb4-49c9-b593-d223f7449a82
Making incorrect assumptions about microdata used in a theme results in invalid markup.
The attribute can still be added using the `get_custom_logo` or `wp_get_attachment_image_attributes` filter, but it should not be added by default.
Props henry.wright, tfrommen, afercia, markcallen, zodiac1978.
Fixes#37305.
git-svn-id: https://develop.svn.wordpress.org/trunk@45028 602fd350-edb4-49c9-b593-d223f7449a82
Similar to the `posts_pre_query` filter for WP_Query added in #36687. These filters lets you short circuit the queries to return your own results.
Add a new filter `sites_pre_query` - which returns null by default. Return a non-null value to bypass WordPress's default `get_sites` queries.
Developers should note that filtering functions that require pagination information are encouraged to set the `found_sites` property of the `WP_Site_Query` object, passed to the filter by reference. If `WP_Site_Query` does not perform a database query, it will not have enough information to generate these values itself.
Add a new filter `networks_pre_query` - which returns null by default. Return a non-null value to bypass WordPress's default `get_networks` queries.
Developers should note that filtering functions that require pagination information are encouraged to set the `found_networks` property of the `WP_Network_Query` object, passed to the filter by reference. If `WP_Network_Query` does not perform a database query, it will not have enough information to generate these values itself.
Props spacedmonkey.
Fixes#45749.
git-svn-id: https://develop.svn.wordpress.org/trunk@44983 602fd350-edb4-49c9-b593-d223f7449a82
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes#46130, #44458.
git-svn-id: https://develop.svn.wordpress.org/trunk@44973 602fd350-edb4-49c9-b593-d223f7449a82
* `is_privacy_policy()` template tag
* `privacy-policy.php` template
* `.privacy-policy` body class
* `.menu-item-privacy-policy` menu item class
Props garrett-eclipse, birgire, xkon, Clorith.
Fixes#44005.
git-svn-id: https://develop.svn.wordpress.org/trunk@44966 602fd350-edb4-49c9-b593-d223f7449a82
Only try to access `term_id` once `$parent_term` is known to be a `WP_Term`.
Props dlh, earnjam.
Fixes#44983.
git-svn-id: https://develop.svn.wordpress.org/trunk@44965 602fd350-edb4-49c9-b593-d223f7449a82
This allows post exists checks scoped to a specific post type.
Props sgarza, birgire, swissspidy.
Fixes#37406.
git-svn-id: https://develop.svn.wordpress.org/trunk@44959 602fd350-edb4-49c9-b593-d223f7449a82
Displaying the correct build date in feeds is as important today as it was twelve years ago when this ticket was opened.
Fix an issue where all feeds in WordPress showed the same date for their last build date (the datapoint is `lastBuildDate`, `updated` or `dc:date` depending on the feed type).
Introduce a new `get_last_build_date` filter to adjust the date used for `lastBuildDate`. Developers who previously filtered `get_lastcommentmodified` to alter feed dates should use this filter instead.
* `get_last_build_date` extracts the latest post (or comment) in the current WP_Query object.
* In all feed templates, use `get_last_build_date` vs `get_lastpostmodified( 'GMT' );`.
Props stevenkword, spacedmonkey, ryanshoover, mauteri, nacin, jorbin, MikeNGarrett, Denis-de-Bernardy, peaceablewhale.
Fixes#4575.
git-svn-id: https://develop.svn.wordpress.org/trunk@44948 602fd350-edb4-49c9-b593-d223f7449a82
In the media library gird view, properly limit the media attachment filter to available mime types, matching the list view.
Props itzmekhokan.
Fixes#43658.
git-svn-id: https://develop.svn.wordpress.org/trunk@44947 602fd350-edb4-49c9-b593-d223f7449a82
Screen reader users rely on the iframe title attribute to describe the contents of iframes. A meaningful title attribute allows to quickly identify the iframe content, so users can determine which iframe to enter and explore in detail or skip if desired.
Note: this is the only case where a title attribute is required for compliance with the W3C Web Content Accessibility Guidelines (WCAG).
- checks for oEmbed response of type `video` or `rich`
- checks if they use an iframe
- fetches the title (if any) from the oEmbed response
- adds the title to the embed iframe
Props bamadesigner, TomHarrigan, swissspidy, jrf, afercia.
Fixes#40245.
git-svn-id: https://develop.svn.wordpress.org/trunk@44942 602fd350-edb4-49c9-b593-d223f7449a82
This changeset introduces `$post` parameters to `get_the_content()` and
`wp_trim_excerpt()`. When a `$post` object is passed to one of these functions,
the functions will operate on the data from that object, rather than from the
post globals (`$authordata`, `$page`, etc). This ensures that the functions work
in a predictable manner when used outside of the regular post loop.
The global-mismatch problem is surfaced in cases where `get_the_excerpt()` is
called outside of the post loop, on posts that don't have a defined excerpt. In
these cases, the post globals - used to generate a fallback excerpt - may refer
to the incorrect object, resulting in PHP notices or other unpredictable
behavior. See #36934 for a related issue.
Props spacedmonkey, kraftbj, Shital Patel.
Fixes#42814.
git-svn-id: https://develop.svn.wordpress.org/trunk@44941 602fd350-edb4-49c9-b593-d223f7449a82
This changeset ensures `$request->set_url_params()` is called while fulfilling OPTIONS requests, where previously it was skipped because OPTIONS requests short-circuit the logic in `dispatch` which handles this setup for other request methods. Omitting the URL parameters prevented the Allow header from being set.
Props killua99, noisysocks.
Fixes#45753.
git-svn-id: https://develop.svn.wordpress.org/trunk@44933 602fd350-edb4-49c9-b593-d223f7449a82
- adds a visually hidden text to give context to the lyrics
- the text is `Quote from Hello Dolly song, by Jerry Herman:`
- adds a `lang` HTML attribute (when the admin language is not English) to better support assistive technologies
- adds a `dir` HTML attribute to better support the LTR English lyrics with RTL languages
- CSS adjustments
Props audrasjb, SergeyBiryukov, danieltj, birgire, karmatosed, desrosj, afercia.
Fixes#43632.
git-svn-id: https://develop.svn.wordpress.org/trunk@44929 602fd350-edb4-49c9-b593-d223f7449a82
Improves the logic in `wp_schedule_single_event()` to ensure an identical event is not scheduled within ten minutes.
This moves the logic for checking for identical events to be self contained rather than relying on `wp_next_scheduled()` as this fails to account for events with a past timestamp when wp-cron fails to trigger or for multiple identical events being scheduled already.
Props bodohugobarwich.
Fixes#44818.
git-svn-id: https://develop.svn.wordpress.org/trunk@44917 602fd350-edb4-49c9-b593-d223f7449a82
When dealing with personal data exports and erasure requests, it is important to have a log of all the requests for a specific person. This is often required to confirm when and how many times requests were completed and fulfilled properly.
This change allows a new request to be created after a previous data request has reached completed status (`request-completed`) instead of requiring admins to delete or re-initiate the existing request. The latter approach removes the historical log of requests for that user when creating a new request.
Full unit tests for the `wp_create_user_request()` function are also included.
Props garrett-eclipse, cc0a, birgire, desrosj.
Fixes#44707.
git-svn-id: https://develop.svn.wordpress.org/trunk@44906 602fd350-edb4-49c9-b593-d223f7449a82
Many users found the attachment URL field confusing: it says "URL" so it may appear like a field meant to paste a URL into.
Also, the Alt text field is the most important one in terms of content, while the Title field needs to be de-emphasized.
- changes the URL field label to "Copy link"
- moves the alt text field to the top as first field
- avoids to set initial focus on the alt text field
- adds an explanatory text with a link pointing to the W3C "alt decision tree" tutorial
- adds `aria-describedby` to target the explanatory text
- adjusts the CSS accordingly
- updates the QUnit index.html file
Props melchoyce, audrasjb, afercia.
Fixes#41612.
git-svn-id: https://develop.svn.wordpress.org/trunk@44900 602fd350-edb4-49c9-b593-d223f7449a82
Previously, only `a` and `br` tags were allowed in the `value` table cell for each field included in the HTML file generated when a user is exporting their personal data. Instead of relying on a hardcoded list of allowed tags, the `wp_kses()` call in `wp_privacy_generate_personal_data_export_group_html()` will now fallback to the default list of allowed tags (which includes `i`, `strong`, `em`, and other basic HTML formatting tags).
Also, a new context of `personal_data_export` will now be passed to the `wp_kses()` call. As a result, the list of HTML tags and attributes allowed in the export file can now be filtered using the `wp_kses_allowed_html` filter and checking for the `personal_data_export` context.
Fixes#44044.
Props tz-media, desrosj, pento, birgire, garrett-eclipse.
git-svn-id: https://develop.svn.wordpress.org/trunk@44824 602fd350-edb4-49c9-b593-d223f7449a82
Restores `public`, `archived`, `mature`, `spam`, `deleted`, `lang_id`, and `WPLANG` to the `$meta` data passed to `wpmu_new_blog`. This hook was deprecated in 5.1.0, but code using it still relies on this data.
Props david.binda, pbiron.
Fixes#46351.
git-svn-id: https://develop.svn.wordpress.org/trunk@44805 602fd350-edb4-49c9-b593-d223f7449a82
`<button>` elements are natively interactive, supported by any assistive technology, and must be used instead of non-semantic, non-accessible `<div>` elements.
Also, this change aligns the Media Widgets and the Customizer site icon and site logo controls with the design pattern used in the new Block Editor for similar controls.
Props ramonopoly, welcher, afercia.
Fixes#43151.
git-svn-id: https://develop.svn.wordpress.org/trunk@44796 602fd350-edb4-49c9-b593-d223f7449a82
The `test_detects_cannot_create_index()` and `tests_detects_cannot_write_html()` test methods are prone to failure under certain configurations, as discovered by the hosts reporting back the test suite results. This removes those two methods until a better approach to testing those scenarios can be created.
Partial revert of [44786].
See #44233.
git-svn-id: https://develop.svn.wordpress.org/trunk@44792 602fd350-edb4-49c9-b593-d223f7449a82
A PHPUnit configuration file with more than one `<php>` tag causes a validation error in PHPUnit versions 7.x. There are currently 2 in the `tests/phpunit/multisite.xml` file, which appears to be accidentally introduced in [29954].
Fixes#46414.
git-svn-id: https://develop.svn.wordpress.org/trunk@44790 602fd350-edb4-49c9-b593-d223f7449a82