In r41727 the ability to sanitise and validate objects from JSON schema was added, with a whitelist approach. It was decided we should pass through all non-registered properties to reflect the behaviour of the root object in register_rest_route. To prevent arbitrary extra data via setting objects, we force additionalProperties to false in the settings endpoint.
See #38583.
git-svn-id: https://develop.svn.wordpress.org/trunk@42000 602fd350-edb4-49c9-b593-d223f7449a82
"Developers" excludes the various major contributors in non-developer roles, so let's update this term to be more inclusive.
See #41022.
git-svn-id: https://develop.svn.wordpress.org/trunk@41998 602fd350-edb4-49c9-b593-d223f7449a82
Fixes a bug where menu assignements couldn't be changed when previewing a theme.
Also removes an unnecessary call to menu mapping after a theme switch from the customizer and makes sure the locations option is always written, for good measure.
Props westonruter.
See #39692.
git-svn-id: https://develop.svn.wordpress.org/trunk@41995 602fd350-edb4-49c9-b593-d223f7449a82
Explicitly define `gutters` in base `defaultSettings` to improve merges of multiple calls to `wp_enqueue_code_editor()`.
Props westonruter, georgestephanis for testing.
Amends [41974].
See #12423.
git-svn-id: https://develop.svn.wordpress.org/trunk@41992 602fd350-edb4-49c9-b593-d223f7449a82
Previously attempted in [40256], which caused the test for decoded curly quotes to fail in some environments.
`$_SERVER['REQUEST_URI']` contains the encoded URI, so this version removes the failing tests and only checks for encoded curly quotes.
Props joostdevalk, lancewillett, SergeyBiryukov.
Fixes#20383.
git-svn-id: https://develop.svn.wordpress.org/trunk@41991 602fd350-edb4-49c9-b593-d223f7449a82
Fixes the issue with plugins not being able to use the `kses_allowed_protocols` filter if `esc_url()` was called too early.
Props turtlepod, SergeyBiryukov.
Fixes#36033.
git-svn-id: https://develop.svn.wordpress.org/trunk@41990 602fd350-edb4-49c9-b593-d223f7449a82
Adds checks throughout to allow for `wp_new_comment()` returning a `WP_Error` instance.
Updates the docs for the `pre_comment_approved` filter to include that it can be passed an error.
Props enrico.sorcinelli, ryotsun.
Fixes#39730.
git-svn-id: https://develop.svn.wordpress.org/trunk@41980 602fd350-edb4-49c9-b593-d223f7449a82
Also remove `enum` for validating allowed templates to allow plugins to dynamically supply their own templates for specific posts, even when they are not in the theme.
Props TimothyBlynJacobs, jnylen0, swissspidy.
Fixes#39996.
git-svn-id: https://develop.svn.wordpress.org/trunk@41979 602fd350-edb4-49c9-b593-d223f7449a82
Reverting this for 4.9. It will be added back in a future version of WordPress. This doesn't mean that you shouldn't be trying Gutenberg, just that it isn't ready for a call out to a larger audience. But if you are the type to read commit messages, https://github.com/WordPress/gutenberg could use your pull requests and comments on issues.
Reverts [41931] [41900] [41896] [41895]
See #41316
git-svn-id: https://develop.svn.wordpress.org/trunk@41978 602fd350-edb4-49c9-b593-d223f7449a82
By moving the `wporg` conditional inside the method body, the filter drawer can be overridden without having to also override the entire section template.
Props celloexpressions.
Closes#42212.
git-svn-id: https://develop.svn.wordpress.org/trunk@41973 602fd350-edb4-49c9-b593-d223f7449a82
The customizer and the theme installer use `visibility: hidden` on the body when
they open full-overlays screens. The FTP credentials modal needs a visibility
property set back to `visible` to be visible over those overlays.
Props purnendu.
Fixes#42205.
git-svn-id: https://develop.svn.wordpress.org/trunk@41972 602fd350-edb4-49c9-b593-d223f7449a82
Moves defintion of ajax request in `WP_Ajax_UnitTestCase` to `setUp()` method to account for hooks being reset as part of `tearDown()`.
Props matthias.thiel for report.
Fixes#41561.
git-svn-id: https://develop.svn.wordpress.org/trunk@41970 602fd350-edb4-49c9-b593-d223f7449a82
This allows for automated scripts & test suites to handle the failure of the test suite easier.
Props danielbachhuber
Fixes#41916
git-svn-id: https://develop.svn.wordpress.org/trunk@41966 602fd350-edb4-49c9-b593-d223f7449a82
When media is uploaded to a post, the upload directory is set according to the date of the post, so that the media URLs in the post match when the post was published.
A page is a slightly different beast, pages often live for years, and are regularly updated to stay relevant. This change causes media uploaded to pages to use the upload date to determine the upload directory.
Fixes#10752.
git-svn-id: https://develop.svn.wordpress.org/trunk@41964 602fd350-edb4-49c9-b593-d223f7449a82
This filter allows the data being sent for core update checks to be controlled for privacy concerns.
Props toscho, MattyRob, swissspidy, pento.
Fixes#16778.
git-svn-id: https://develop.svn.wordpress.org/trunk@41962 602fd350-edb4-49c9-b593-d223f7449a82
Update the `CodeEditorControl`'s `codemirror` deferred to be set before calling the parent class's `initialize` method. Since the `ready` method may be called directly by `initialize` it may be too late to add a new `Deferred` to the control's `deferred` property after calling the base control class's `initialize`.
Amends [41958].
See #41897.
git-svn-id: https://develop.svn.wordpress.org/trunk@41960 602fd350-edb4-49c9-b593-d223f7449a82
CodeMirror gets initialized once the control's containing section is expanded. The deferred will be rejected if user preference for syntax highlighting is disabled.
Also move jsdoc from `wp.customize.Control` to intended `wp.customize.Control#initialize()`.
See #41897, #12423.
git-svn-id: https://develop.svn.wordpress.org/trunk@41958 602fd350-edb4-49c9-b593-d223f7449a82
Allow `CodeEditorControl` to be instantiated with a `editor_settings` param which is merged with `wp.codeEditor.defaultSettings`.
Also:
* Turn redundant "CSS Code" control label into screen reader text for Additional CSS.
* Remove `code-editor` as script dependency for `custom-html-widgets` since enqueueing is determined by `wp_enqueue_code_editor()`.
* Remove useless exporting of `code_type` param to JS in `WP_Customize_Code_Editor_Control`.
* Add `disabled` class to Custom HTML widget's Save button when linting errors are present.
* Remove redundant `span` inside CodeEditorControl's `label`.
See #41897, #12423, #41872.
git-svn-id: https://develop.svn.wordpress.org/trunk@41957 602fd350-edb4-49c9-b593-d223f7449a82
* Introduce a `widget_{$id_base}_instance_schema` filter for plugins to add new properties to a media widget's instance schema.
* Pass all of a gallery widget's instance props to the gallery media frame, not just the ones that core supports.
See #32417, #41914.
Fixes#42285.
git-svn-id: https://develop.svn.wordpress.org/trunk@41951 602fd350-edb4-49c9-b593-d223f7449a82
