Andrew Nacin
6894354b9b
Additional checks when evaluating the safety of an HTTP request, to avoid false negatives.
...
* Check if the host is considered a safe redirect host.
* Check if the host is another domain in a multisite installation.
* Add a filter to control this.
This only occurs when the DNS resolution of a domain points elsewhere in an internal network, but only internally (and has its own public IP outside the network). This could be considered a bad configuration.
fixes #24646 .
git-svn-id: https://develop.svn.wordpress.org/trunk@24915 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-31 06:44:57 +00:00
bumpbot
abf081b02a
Compress scripts/styles: 3.7-alpha-24912.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24912 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-31 04:58:59 +00:00
Andrew Nacin
911b0b4fb7
New build of MediaElement.js SWF. see #24183 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24910 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-31 04:38:34 +00:00
Andrew Nacin
61405b9934
Heartbeat: Reduce the heartbeat from 120 sec to 100 sec when the window doesn't have the focus, to be shorter than the post lock expiration window.
...
props azaozz.
fixes #24894 .
git-svn-id: https://develop.svn.wordpress.org/trunk@24908 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-31 03:23:22 +00:00
Michael Adams (mdawaffe)
755d98f7dc
Improved XML handling for oEmbed.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24902 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-30 21:57:27 +00:00
Andrew Nacin
dbe4197dd3
Add missing documentation from [24894]. see #24646 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24895 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-30 18:39:57 +00:00
Andrew Nacin
84255b0e03
Introduce wp_safe_remote_request(). Also wp_safe_remote_head(), wp_safe_remote_get(), wp_safe_remote_post().
...
Reverts [24482].
see #24646 .
git-svn-id: https://develop.svn.wordpress.org/trunk@24894 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-30 15:37:01 +00:00
Dion Hulse
6ceefc0e26
WP_HTTP: PHPDoc updates for WP_Http::handle_redirects(). Props DrewAPicture. Fixes #16889
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24890 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-30 06:47:03 +00:00
Andrew Nacin
d3363d11bf
New build of SWFUpload that ignores URL query strings.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24880 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 19:15:00 +00:00
bumpbot
b3c1e7a5d4
Compress scripts/styles: 3.7-alpha-24877.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24877 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 18:58:59 +00:00
Jon Cave
707bd3ae4a
Fix potential SQLi through improper use of API functions.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24875 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 18:16:47 +00:00
Andrew Nacin
16adf7644b
Reset $wpdb->insert_id on a failed INSERT or REPLACE. See [24459] [24494].
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24872 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 18:14:05 +00:00
Andrew Nacin
5a0e739cc7
Limit pingback response size. fixes #4137 . for trunk.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24871 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 18:00:06 +00:00
Andrew Nacin
241ca959be
Update MediaElement.js SWF file from upstream. Fixes issues with controls. fixes #24183 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24861 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 09:16:02 +00:00
Andrew Nacin
50a1ab0c8e
Update HTML classes in the audio and video shortcodes. props rfair404. fixes #24820 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24857 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 06:51:46 +00:00
bumpbot
9aca968cab
Compress scripts/styles: 3.7-alpha-24851.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24851 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 04:58:59 +00:00
Andrew Nacin
86661dc523
Don't override an existing WP_Error object in wp_authenticate_username_password().
...
props willnorris.
fixes #19714 .
git-svn-id: https://develop.svn.wordpress.org/trunk@24850 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 03:43:22 +00:00
Andrew Nacin
4da2cb6d51
Avoid racing TinyMCE, which avoids the creation of unnecessary autosaves. props azaozz. see #7392 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24849 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 03:37:14 +00:00
Andrew Nacin
949c53cae1
Remove "special" multisite spam check in the authentication API.
...
The spamming of a site no longer directly affects a user of said site.
Moves the spam check to the wp_authenticate filter. Networks in need
of enhanced spam-fighting should leverage this same technique.
Allow is_user_spammy() to accept a WP_User object.
props willnorris, brianhogg.
fixes #24771 . see #19714 .
git-svn-id: https://develop.svn.wordpress.org/trunk@24848 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 03:23:51 +00:00
bumpbot
6bd6a8f136
Compress scripts/styles: 3.7-alpha-24847.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24847 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 02:58:58 +00:00
Dion Hulse
8f4c113718
WP_HTTP: When multiple location headers are specified, use the last specified location url as the redirect location. Fixes #16890
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24846 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 02:11:46 +00:00
Dion Hulse
9ebe1e049b
WP_HTTP: Fsockopen: Respect a specified Host header in the Fsockopen WP_HTTP transport. Fixes #24182
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24845 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 01:47:01 +00:00
Andrew Nacin
685fd7fdea
If wp-login.php is accessed over HTTPS, get_home_url() should not return HTTPS. This is the same assumption we use in the admin.
...
props willnorris.
fixes #16822 .
git-svn-id: https://develop.svn.wordpress.org/trunk@24844 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 01:21:27 +00:00
Dion Hulse
8d07217b58
WP_HTTP: Abstract out the Redirection handling code into it's own method and fix a bunch of redirection edgecases at the same time.
...
Fixes #17588
Fixes 16889
Props wonderboymusic and kovshenin for initial patches
git-svn-id: https://develop.svn.wordpress.org/trunk@24843 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 01:19:54 +00:00
Helen Hou-Sandi
a7de44b373
Set the default internal search value for the link dialog to be the text that is highlighted in the editor. props greuben. fixes #16276 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24841 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 01:01:33 +00:00
bumpbot
a98c1ad91e
Compress scripts/styles: 3.7-alpha-24839.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24839 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 00:58:57 +00:00
Mark Jaquith
3723898d5b
Fix a variable typo in get_post_gallery_images()
.
...
props rodrigosprimo. Fixes #24202 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@24837 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-29 00:52:31 +00:00
Andrew Nacin
6f3d2e4e93
Add description argument to register_taxonomy().
...
props aaronholbrook.
fixes #24808 .
git-svn-id: https://develop.svn.wordpress.org/trunk@24833 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-28 23:01:56 +00:00
Andrew Nacin
828514ac0b
When registering a post type, pass the correct argument for feeds to add_permastruct().
...
props butuzov, johnpbloch.
fixes #23302 .
git-svn-id: https://develop.svn.wordpress.org/trunk@24830 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-28 22:28:18 +00:00
Andrew Nacin
434066573b
Add $taxonomy to edit_terms and edited_terms actions. props SergeyBiryukov, fixes #22542 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24829 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-28 22:15:03 +00:00
Andrew Nacin
e09aaf8cf5
Return an empty stdClass from wp_count_posts() when a nonexistent post type is requested.
...
props johnpbloch.
fixes #24803 .
git-svn-id: https://develop.svn.wordpress.org/trunk@24826 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-28 21:38:00 +00:00
Andrew Nacin
ec1ae2334a
Inline documentation for esc_attr_x() and esc_html_x(). props fjarrett, fixes #24212 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24825 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-28 21:26:10 +00:00
Andrew Nacin
f05e592506
Pass $update to the save_post and wp_insert_post hooks in wp_insert_post(). props ericmann, fixes #21450 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24823 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-28 21:05:25 +00:00
bumpbot
d1a8fdb58b
Compress scripts/styles: 3.7-alpha-24822.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24822 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-28 20:58:51 +00:00
Andrew Ozz
50b8437d59
Add "experimental" to heartbeat phpdoc, fixes #24855 for trunk.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24818 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-28 20:54:48 +00:00
Andrew Nacin
7eda325f58
Allow has_post_format() to accept an array of formats to check. props ericmann. fixes #17320 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24817 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-28 20:48:09 +00:00
Jon Cave
0a7dbdc284
Introduce a new endpoint mask for all archives, fixes #16303 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24812 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-28 19:18:19 +00:00
Michael Adams (mdawaffe)
fc20fc9ebb
Allow HTTPS URL enclosures.
...
Props markjaquith with a patch that predates all WordCamps.
Fixes #2875 .
git-svn-id: https://develop.svn.wordpress.org/trunk@24810 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-28 19:07:43 +00:00
Jon Cave
7b0a5e5240
Drop leading / by retrieving the inner subpattern when matching attachment endpoints.
...
Fixes #22619
git-svn-id: https://develop.svn.wordpress.org/trunk@24809 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-28 19:02:08 +00:00
Michael Adams (mdawaffe)
9de8ab8274
Fix inline docs for posts functions that no longer use $wpdb
.
...
Props jdgrimes, JustinSainton.
git-svn-id: https://develop.svn.wordpress.org/trunk@24807 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-28 18:52:56 +00:00
Andrew Nacin
80b1716bf9
Trunk is now 3.7-alpha.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24806 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-28 18:48:36 +00:00
bumpbot
d42756992c
Compress scripts/styles: 3.6-RC2-24803.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24803 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-27 12:16:23 +00:00
bumpbot
6f5eeb5498
Compress scripts/styles: 3.6-RC2-24801.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24801 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-27 08:58:53 +00:00
Mark Jaquith
9d2e982a79
Parse attrs
before comparing to attachment.attributes
. Small efficiency gain.
...
Props garyc40. Fixes #24753 .
git-svn-id: https://develop.svn.wordpress.org/trunk@24800 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-27 07:09:05 +00:00
Mark Jaquith
a91b02322e
3.6-RC2
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24794 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-24 07:15:05 +00:00
bumpbot
48889c8a8a
Compress scripts/styles: 3.6-RC1-24793.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24793 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-24 06:57:40 +00:00
Mark Jaquith
77873dedcc
Oops. Forgot that we support a PHP version from 2007. Either that or I've been doing a lot of JS.
...
Props kovshenin. See [24789].
git-svn-id: https://develop.svn.wordpress.org/trunk@24792 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-24 06:36:29 +00:00
Andrew Nacin
8a54be6786
jQuery.noConflict(). see [24781]. see #24821 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@24791 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-24 06:33:54 +00:00
Andrew Nacin
5ca8aa7447
Revisions changes.
...
* Eliminates the bloated Revisions meta box in favor of 'Revisions: #' in the publish box.
* Adds ability to compare autosave to current post, when revisions are disabled.
* Makes autosaves stand out visually, including "Restore This Autosave".
Also:
* Adds missing capability check for restoring a revision.
* When no revision matches the post's current modified time, avoid marking an autosave as 'current'.
* Fixes wp_get_post_autosave() to return an autosave even when revisions are disabled.
* Add 'check_enabled' arg to wp_get_post_revisions(); false avoids the wp_revisions_enabled() check.
* Adds a responsive slider that is narrower for fewer versions. props markjaquith.
see #24804 .
git-svn-id: https://develop.svn.wordpress.org/trunk@24790 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-24 06:08:14 +00:00
Mark Jaquith
2b63b67768
Fix some sizing issues with video embeds, and improve video/audio embed shortcode flexibility.
...
* `loop`, `autoplay`, and `preload` are now available via the shortcode. Use them non-annoyingly, please!
* Attributes that pass through the filters are now proper key/value pairs, not an array of `key="value"` strings.
* `preload` defaults to `metadata` for videos. This fixes the vertical video preview and Safari ogv/webm playback issues.
* Wrap a div around video embeds to combat a ME.js issue with responsive width=100% themes. Props kovshenin.
Fixes #24134 , #24798 .
git-svn-id: https://develop.svn.wordpress.org/trunk@24789 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-24 05:52:49 +00:00