sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
36,264 Commits 2 Branches 473 Tags 137 MiB
Commit Graph

7517 Commits

Author SHA1 Message Date
Andrew Ozz 69466c4e92 jQuery: Backport the patch from jQuery 3.4.0. 
Merges [45342] to the 4.7 branch.

Props MikeNGarrett, peterwilsoncc, azaozz.
Fixes #47020.

git-svn-id: https://develop.svn.wordpress.org/branches/4.7@46025 602fd350-edb4-49c9-b593-d223f7449a82
 2019-09-04 18:44:36 +00:00
Jonathan Desrosiers 7d32848c55 Fix for URL sanitization in `wp_kses_bad_protocol_once()`. 
Merges [45997] to the 4.7 branch.

Props irsdl, sstoqnov, whyisjake.

git-svn-id: https://develop.svn.wordpress.org/branches/4.7@46007 602fd350-edb4-49c9-b593-d223f7449a82
 2019-09-04 18:19:30 +00:00
Sergey Biryukov 84cf56f966 Improve handling the existing `rel` attribute in `wp_rel_nofollow_callback()`. 
Merges [45990] to the 4.7 branch.
Props xknown, sstoqnov.

git-svn-id: https://develop.svn.wordpress.org/branches/4.7@45996 602fd350-edb4-49c9-b593-d223f7449a82
 2019-09-04 17:47:51 +00:00
Sergey Biryukov 57f85ba712 Improve URL validation in `wp_validate_redirect()`. 
Merges [45971] to the 4.7 branch.
Props vortfu, whyisjake, peterwilsoncc.

git-svn-id: https://develop.svn.wordpress.org/branches/4.7@45977 602fd350-edb4-49c9-b593-d223f7449a82
 2019-09-04 17:10:39 +00:00
Jake Spurlock 707096e9e0 Remove _convert_urlencoded_to_entities() from the get_the_content() callback. 
Merges [45937] to the 4.7 branch.

Props vortfu, whyisjake, peterwilsoncc


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@45954 602fd350-edb4-49c9-b593-d223f7449a82
 2019-09-04 16:36:52 +00:00
Gary Pendergast 8ce540c75a WordPress 4.7.13 
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@44872 602fd350-edb4-49c9-b593-d223f7449a82
 2019-03-13 01:12:46 +00:00
Sergey Biryukov 1961df533b Comments: Improve comment content filtering. 
Merges [44842] to the 4.7 branch.

git-svn-id: https://develop.svn.wordpress.org/branches/4.7@44847 602fd350-edb4-49c9-b593-d223f7449a82
 2019-03-12 22:35:52 +00:00
Sergey Biryukov ba357da827 Formatting: Improve `rel="nofollow"` handling in comments. 
Merges [44833] to the 4.7 branch.

git-svn-id: https://develop.svn.wordpress.org/branches/4.7@44838 602fd350-edb4-49c9-b593-d223f7449a82
 2019-03-12 22:21:44 +00:00
Jeremy Felt bf9a7a79cc Bump 4.7 branch to version 4.7.12. 
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@44080 602fd350-edb4-49c9-b593-d223f7449a82
 2018-12-13 02:11:39 +00:00
Peter Wilson ea84b9bad8 Multisite: Validate activation links. 
Merges [44048] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@44054 602fd350-edb4-49c9-b593-d223f7449a82
 2018-12-13 01:38:24 +00:00
Ian Dunn a3fc848cb6 KSES: Make the URI attributes DRY. 
This commit introduces the `wp_kses_uri_attributes` function and filter. The function centralizes the list of attributes, in order to prevent inconsistency, and the filter provides a way for plugins to customize the attributes.

Merges [44014] and [44017] to the `4.7` branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@44027 602fd350-edb4-49c9-b593-d223f7449a82
 2018-12-13 00:43:21 +00:00
Peter Wilson e4b7c0bf40 Multisite: Improve messaging for previously activated users. 
Ensure activation of a site is not attempted multiple times and users are shown the correct message if they follow the link a second time.

Merges [44021] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@44026 602fd350-edb4-49c9-b593-d223f7449a82
 2018-12-13 00:39:23 +00:00
Gary Pendergast 3cdf982fff KSES: Conditionally remove the `<form>` element from `$allowedposttags`. 
To avoid backwards compatibility issues, `<form>` is re-added if a custom filter has added the `<input>` or `<select>` elements to `$allowedposttags`.

Merges [43994] to the 4.7 branch.



git-svn-id: https://develop.svn.wordpress.org/branches/4.7@44000 602fd350-edb4-49c9-b593-d223f7449a82
 2018-12-12 23:24:50 +00:00
Jeremy Felt efd9885803 Media: Improve verification of MIME file types. 
Merges [43988] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@43991 602fd350-edb4-49c9-b593-d223f7449a82
 2018-12-12 23:04:17 +00:00
Aaron D. Campbell 3e822cbf1c Bump 4.7 branch to version 4.7.11 
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@43409 602fd350-edb4-49c9-b593-d223f7449a82
 2018-07-05 16:10:24 +00:00
John Blackbourn 824d5b6bd3 Media: Limit thumbnail file deletions to the same directory as the original file. 
Merges [43393] into the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@43395 602fd350-edb4-49c9-b593-d223f7449a82
 2018-07-05 14:50:26 +00:00
Aaron D. Campbell c993a967e6 Bump 4.7 branch to version 4.7.10 
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@42935 602fd350-edb4-49c9-b593-d223f7449a82
 2018-04-03 20:26:02 +00:00
Dominik Schilling (ocean90) 3700a18382 Template: Make sure the version string is correctly escaped for use in attributes. 
Merge of [42893] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@42919 602fd350-edb4-49c9-b593-d223f7449a82
 2018-04-03 16:05:30 +00:00
Dominik Schilling (ocean90) 278641ebbc Meta: Simplify the delete all meta query in `delete_metadata()`. 
Merge of [42913] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@42914 602fd350-edb4-49c9-b593-d223f7449a82
 2018-04-03 15:40:58 +00:00
Dominik Schilling (ocean90) 42b1dd5acc HTTP: Don't treat `localhost` as same host by default. 
Merge of [42894] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@42910 602fd350-edb4-49c9-b593-d223f7449a82
 2018-04-03 15:34:45 +00:00
Dion Hulse 7ec2dc809d Bump the 4.7 branch to 4.7.9. 
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@42496 602fd350-edb4-49c9-b593-d223f7449a82
 2018-01-16 21:38:55 +00:00
Dion Hulse 698a3fb29c External Libraries: Remove unnecessary / obsoleted MediaElement.js files. 
Merges [42478] to the 4.7 branch.
Fixes #42720 for 4.7.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@42479 602fd350-edb4-49c9-b593-d223f7449a82
 2018-01-16 08:05:00 +00:00
John Blackbourn e80bdf5116 Bump 4.7 branch to 4.7.8. 
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@42318 602fd350-edb4-49c9-b593-d223f7449a82
 2017-11-29 18:57:45 +00:00
John Blackbourn 87ac33af45 Hardening: Remove the ability to upload JavaScript files for users who do not have the `unfiltered_html` capability. 
Merges [42261] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@42275 602fd350-edb4-49c9-b593-d223f7449a82
 2017-11-29 16:19:42 +00:00
John Blackbourn 662033dc14 Hardening: Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds. 
Merges [42260] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@42274 602fd350-edb4-49c9-b593-d223f7449a82
 2017-11-29 16:18:56 +00:00
John Blackbourn 2700e8e672 Hardening: Add escaping to the language attributes used on `html` elements. 
Merges [42259] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@42273 602fd350-edb4-49c9-b593-d223f7449a82
 2017-11-29 16:17:04 +00:00
John Blackbourn 2844aa499e Users: Correct the value of the `lang` attribute in the admin area. 
This corrects the value when the user's language is set to `English (United States)` but the site language is not.

Props ocean90, afercia

See #42242

Merges [42220] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@42263 602fd350-edb4-49c9-b593-d223f7449a82
 2017-11-29 16:05:10 +00:00
Dion Hulse eeb633b797 WPDB: Check that `AUTH_SALT` is not empty, Fix a PHP notice when `AUTH_SALT` is undefined. 
Props jsonfry, mkomar, pento.
Merges [42119] and [42120] to the 4.7 branch.
Fixes #42431 and #42401 for 4.7.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@42231 602fd350-edb4-49c9-b593-d223f7449a82
 2017-11-27 01:07:45 +00:00
Gary Pendergast 0c987581fe Bump 4.7 branch to version 4.7.7. 
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@42070 602fd350-edb4-49c9-b593-d223f7449a82
 2017-10-31 13:12:09 +00:00
Gary Pendergast 16a56fae1f Database: Restore numbered placeholders in `wpdb::prepare()`. 
[41496] removed support for numbered placeholders in queries send through `wpdb::prepare()`, which, despite being undocumented, were quite commonly used.

This change restores support for numbered placeholders (as well as a subset of placeholder formatting), while also adding extra checks to ensure the correct number of arguments are being passed to `wpdb::prepare()`, given the number of placeholders.

Merges [41662], [42056] to the 4.7 branch.
See #41925.



git-svn-id: https://develop.svn.wordpress.org/branches/4.7@42058 602fd350-edb4-49c9-b593-d223f7449a82
 2017-10-31 12:33:25 +00:00
Dominik Schilling (ocean90) 065a0ac2f4 Bump 4.7 branch to version 4.7.3. 
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@41510 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 19:50:22 +00:00
Aaron D. Campbell c134dea3b6 Database: Hardening to bring `wpdb::prepare()` inline with documentation. 
`wpdb::prepare()` supports %s, %d, and %F as placeholders in the query string. Any other non-escaped % will be escaped.

Merges [41496] to 4.7 branch.



git-svn-id: https://develop.svn.wordpress.org/branches/4.7@41498 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 18:11:46 +00:00
Aaron D. Campbell 48d3ca8825 Database: Don’t trigger `_doing_it_wrong()` for null values in `wpdb::prepare()`. 
While `wpdb::prepare()` does not support null values (see #12819) they still appear in the wild like in the WordPress Importer and other plugins.

Merges [41483] to 4.7 branch.



git-svn-id: https://develop.svn.wordpress.org/branches/4.7@41485 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 16:18:58 +00:00
Aaron D. Campbell 66f675be1c Database: Hardening for `wpdb::prepare()` 
Previously if you passed an array of values for placeholders, additional values could be passed as well. Now additional values will be ignored.

Merges [41470] to 4.7 branch.



git-svn-id: https://develop.svn.wordpress.org/branches/4.7@41472 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 14:58:49 +00:00
Aaron D. Campbell 61c059d708 oEmbed: Add extra hardening around allowed HTML for improved sandboxing. 
Merges [41448] to 4.7 branch.




git-svn-id: https://develop.svn.wordpress.org/branches/4.7@41451 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 13:47:30 +00:00
Dominik Schilling (ocean90) f97c9838d5 TinyMCE: Improve the previews for shortcodes. 
Merge of [41395] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@41436 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 12:40:10 +00:00
Dominik Schilling (ocean90) 55f0d1aeb1 Customize: Ensure valid themes in the preview. 
Merge of [41397] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@41430 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 11:49:40 +00:00
Dominik Schilling (ocean90) dd44bf6b4c Editor: Prevent adding `javascript:` and `data:` URLs through the inline link dialog. 
Merge of [41393] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@41401 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 10:14:45 +00:00
Aaron D. Campbell 20b5d4a4e0 Post-4.7.5 version bump for 4.7 branch. 
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40770 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-16 23:00:35 +00:00
Aaron D. Campbell 7719ada25f Bump 4.7 branch to version 4.7.5. 
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40748 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-16 21:47:01 +00:00
Pascal Birchler f5bc3b5a12 Media: Simplify upload error message construction. 
Merges [40736] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40737 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-16 17:59:37 +00:00
Pascal Birchler f54b1461ac REST API: JS Client - Enable connecting to multiple endpoints. 
Enable connecting to multiple wp-api `endpoints`. Calling `wp.api.init` with a new `apiRoot` will parse the new endpoint's schema and store a new set of models and collections. A collection of 
connected endpoints is stored in `wp.api.endpoints`.

Props lucasstark.
Fixes #39683.

Merges [40364] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40735 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-16 16:34:22 +00:00
Dominik Schilling (ocean90) 85bc8c5dc3 Customize: Ignore invalid customization sessions. 
Merge of [40704] to the 4.7 branch.

git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40705 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-16 12:13:07 +00:00
Pascal Birchler 8c2038b21f Adjust post meta checks 
Merges [40692] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40693 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-16 08:47:33 +00:00
Pascal Birchler 8a28180db9 Improve redirect handling 
Merges[40689] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40690 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-16 08:39:47 +00:00
Pascal Birchler 40ece6751b Whitelist post arguments in XML-RPC 
Merges [40677] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40678 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-16 08:16:13 +00:00
Boone Gorges a82fe2b598 Restore support for taxonomy 'args' override when querying object terms. 
[7520] introduced an undocumented feature whereby developers could
register a custom taxonomy with an 'args' parameter, consisting of
an array of config params that, when present, override corresponding
params in the `$args` array passed to `wp_get_object_terms()` when
using that function to query for terms in the specified taxonomy.

The `wp_get_object_terms()` refactor in [38667] failed to respect
this secret covenant, and the current changeset atones for the
transgression.

Ports [40513] to the 4.7 branch.

Props danielbachhuber.
Fixes #40496.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40514 602fd350-edb4-49c9-b593-d223f7449a82
 2017-04-21 19:18:00 +00:00
Pascal Birchler 97f31221c1 Post-4.7.4 version bump for 4.7 branch. 
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40509 602fd350-edb4-49c9-b593-d223f7449a82
 2017-04-20 18:53:04 +00:00
Pascal Birchler 986f929a4d Bump 4.7 branch to version 4.7.4. 
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40487 602fd350-edb4-49c9-b593-d223f7449a82
 2017-04-20 16:20:22 +00:00
Andrew Ozz 16b1859218 TinyMCE: Fix cursor position after updating a wpview node. Fix hiding the inline toolbar on editor blur. 
Props iseulde, azaozz.

Merges [40481] to the 4.7 branch.
Fixes #40480.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40482 602fd350-edb4-49c9-b593-d223f7449a82
 2017-04-19 22:17:25 +00:00