The cover image block uses the `url()` function in its inline CSS, to show the cover image. KSES didn't allow this, causing the block to not save correctly for Author and Contributor users. As KSES does already check each attribute name against an allowed list, we're able to add an extra check for certain attributes to be able to use the `url()` function, too.
Merges [43781] from the 5.0 branch to core.
Props peterwilsoncc, azaozz, pento, dd32.
Fixes#45067.
git-svn-id: https://develop.svn.wordpress.org/trunk@44136 602fd350-edb4-49c9-b593-d223f7449a82
Introduces new `determine_locale()` function for deciding the proper locale to use for a response. Default value is `get_user_locale()` in the admin, and `get_locale()` on the frontend. Because REST API requests are considered frontend requests, `?_locale=user` can be used to render the response in the user's locale.
Also updates `wp-login.php?wp_lang` implementation to benefit from this abstraction.
Merges [43776] from the 5.0 branch to trunk.
Props flixos90, mnelson4, swissspidy, TimothyBlynJacobs.
Fixes#44758.
git-svn-id: https://develop.svn.wordpress.org/trunk@44134 602fd350-edb4-49c9-b593-d223f7449a82
When meta boxes are registered, they can use the `__back_compat_meta_box` and `__block_editor_compatible_meta_box` flags, to show whether this registration just exists for if the classic editor is loaded, and whether this meta box is compatible with the block editor.
When a meta box marks itself as incompatible with the block editor, and `WP_DEBUG` is enabled, a warning will show inside that meta box in the classic editor.
As all core meta boxes have been recreated in the block editor, they can be marked with the `__back_compat_meta_box` flag.
Merges [43779] from the 5.0 branch to trunk.
See #45112.
git-svn-id: https://develop.svn.wordpress.org/trunk@44132 602fd350-edb4-49c9-b593-d223f7449a82
To allow the block editor to render meta boxes, it needs to collect information about how those meta boxes are registered, and format it for the block editor to make use of.
Merges [43778] from the 5.0 branch to trunk.
See #45112.
git-svn-id: https://develop.svn.wordpress.org/trunk@44131 602fd350-edb4-49c9-b593-d223f7449a82
This method allows checking (or setting) whether the block editor is loading on the current screen.
Merges [43777] from the 5.0 branch to trunk.
See #45037.
git-svn-id: https://develop.svn.wordpress.org/trunk@44130 602fd350-edb4-49c9-b593-d223f7449a82
`WP_Text_Diff_Renderer_Table` is used to generate the diff view in revisions, but there were some cases that could cause it to take excessive amounts of time to run.
Some noteable cases include:
- When a large number of new lines were inserted in the middle of the post from one revision to the next.
- When both revisions contain >100 lines.
- When either revision contains a lot of long lines.
In one extreme test case, the diff view took over a minute to generate. With this change, it now takes less than a second.
Merges [43775] from the 5.0 branch to trunk.
Fixes#35667.
git-svn-id: https://develop.svn.wordpress.org/trunk@44129 602fd350-edb4-49c9-b593-d223f7449a82
PHPUnit 3.6.x requires `exclude` and `file` paths to be relative to the checkout root.
PHPUnit 4.0.0+ requires the paths to be relative to the configuration file.
Merges [43774] from the 5.0 branch to trunk.
See #45131.
git-svn-id: https://develop.svn.wordpress.org/trunk@44128 602fd350-edb4-49c9-b593-d223f7449a82
The `block_version` denotes which version of Blocks the `post_content` contains. Introduces new `block_version()` function for versioning Blocks.
Merges [43770] from the 5.0 branch to trunk.
Props danielbachhuber, birgire.
Fixes#43887.
git-svn-id: https://develop.svn.wordpress.org/trunk@44127 602fd350-edb4-49c9-b593-d223f7449a82
- Adds `WP_REST_Autosaves_Controller` which extends `WP_REST_Revisions_Controller`.
- Autosaves endpoint is registered for all post types except attachment because even post types without revisions enabled are expected to autosave.
- Because setting the `DOING_AUTOSAVE` constant pollutes the test suite, autosaves tests are run last. We may want to improve upon this later.
Also, use a truly impossibly high number in User Controller tests. The number `100`, (or `7777` in `trunk`), could be valid in certain test run configurations. The `REST_TESTS_IMPOSSIBLY_HIGH_NUMBER` constant is impossibly high for this very reason.
Finally, Skip Autosaves controller test for multisite. There's a PHP 5.2 edge case where paths calculated differently, possibly caused by differing version of PHPUnit.
Props adamsilverstein, aduth, azaozz, danielbachhuber, rmccue, danielbachhuber.
Merges [43767], [43768], [43769] to trunk.
See #45132, #45131.
Fixes#45128, #43316.
git-svn-id: https://develop.svn.wordpress.org/trunk@44126 602fd350-edb4-49c9-b593-d223f7449a82
This function helps perform multiple REST API requests, for the purpose of preloading data into a page.
Props pento.
Merges [43763] to trunk.
See #45110.
git-svn-id: https://develop.svn.wordpress.org/trunk@44123 602fd350-edb4-49c9-b593-d223f7449a82
`use_block_editor_for_post()` and `use_block_editor_for_post_type()` determine if the block editor should be loaded.
`get_block_categories()` and `get_block_editor_server_block_settings()` provide data be included while the block editor is loading.
Props pento.
Merges [43762] to trunk.
See #45110.
git-svn-id: https://develop.svn.wordpress.org/trunk@44122 602fd350-edb4-49c9-b593-d223f7449a82
They're now returned by a new function, `wp_get_code_editor_settings()`, so they can be reused by the block editor.
Props pento.
Merges [43761] to trunk.
Fixes#45127.
git-svn-id: https://develop.svn.wordpress.org/trunk@44121 602fd350-edb4-49c9-b593-d223f7449a82
As the block editor adds its own `<p>` tags, disabling the wpautop stops the classic editor from removing them.
Props pento.
Merges [43758] to trunk.
See #45113.
git-svn-id: https://develop.svn.wordpress.org/trunk@44120 602fd350-edb4-49c9-b593-d223f7449a82
After [43738], TinyMCE would be loaded earlier than before, which makes filters run at a different time relative to the loading of TinyMCE. Fix this by calling `wp_print_scripts` at the location where TinyMCE would previously be inserted as a `<script>` tag in the page.
Also, an TinyMCE translation related `<script>` that was mistakenly removed in [44115].
Props azaozz, omarreiss, swisspidy, atimmer.
Merges [43753], [43754] to trunk.
Fixes#45065.
git-svn-id: https://develop.svn.wordpress.org/trunk@44119 602fd350-edb4-49c9-b593-d223f7449a82
Posts containing blocks are now correctly handled when displaying on the front end, including dynamic blocks and nested blocks.
Props pento.
Merges [43752] to trunk.
See #45109.
git-svn-id: https://develop.svn.wordpress.org/trunk@44118 602fd350-edb4-49c9-b593-d223f7449a82
The `WP_Block_Parser` class, and the accompanying `parse_blocks()` helper function, can be used to parse an array of blocks out of a content string.
`WP_Block_Parser` is copied from the `@wordpress/block-serialization-default-parser` package. To ensure it stays in sync with the JavaScript parser, changes should be implemented in the package first, then the package version should be upgraded to include the changes.
Props pento.
Merges [43751] to trunk.
See #45109.
git-svn-id: https://develop.svn.wordpress.org/trunk@44116 602fd350-edb4-49c9-b593-d223f7449a82
Adjusts the packages registration after [43723]:
Combine the different registration functions into one `wp_default_packages` function. To reach this goal move the prefix logic into a function so it can be called from different locations. Use a static variable there to prevent duplicate inclusion of `version.php`.
Call this function from the `wp_default_scripts` action by registering it as a default filter.
Combine some of the logic in `_WP_Editors::print_tinymce_scripts` into `wp_register_tinymce_scripts`. The logic to force an uncompressed TinyMCE script file stays in `_WP_Editors::force_uncompressed_tinymce` because that logic is very specific to the classic editor.
The script handle `wp-tinymce` is now a dependency of the editor script handle. In combination with the previous item, this makes the classic editor work.
Adjust the syntax of the script paths to be more consistent with other WordPress code.
Always use "production" mode for the media files to prevent people from inadvertently committing development files.
Props pento, omarreiss, atimmer.
Merges [43738] into trunk.
Fixes#45065.
git-svn-id: https://develop.svn.wordpress.org/trunk@44115 602fd350-edb4-49c9-b593-d223f7449a82
This allows the packages to be consumed by plugins and core itself.
The code has been based on the work done in the Gutenberg plugin.
We've added an array with all the packages and the vendor packages to
loop through. This sets a convention so all packages will be
registered in the same way. This array can eventually be generated by
a webpack plugin.
We need to register TinyMCE explicitly. Previously TinyMCE was used
by inserting custom `<script>` tags into the relevant admin pages.
This is not suitable for the new editor, so we need to explicitly
register TinyMCE. We could, in the future, refactor the custom
`<script>` tags to use the registered TinyMCE script instead.
Polyfills are inserted into the page only when necessary using
`document.write`.
Props omarreiss, herregroen, youknowriad, gziolo, atimmer.
Merges [43723] to trunk.
Fixes#45065.
git-svn-id: https://develop.svn.wordpress.org/trunk@44114 602fd350-edb4-49c9-b593-d223f7449a82
When comparing the old and new values for a meta key being set, ensure both values are sanitized using the same logic so that equal values match.
props boonebgorges, dcavins, MattGeri, pilou69, TimothyBlynJacobs, kadamwhite.
Merges [43740] to trunk.
Fixes#42069.
git-svn-id: https://develop.svn.wordpress.org/trunk@44113 602fd350-edb4-49c9-b593-d223f7449a82
We decided to split the media webpack config into it's own file. The
main webpack config then combines this file with the packages config.
Include vendor scripts by copying them. We copy the minified files if
they are available. If they aren't available we minify the original
files ourselves.
Props omarreiss, herregroen, gziolo, youknowriad, netweb, adamsilverstein.
Merges [43719] to trunk.
See #45065.
git-svn-id: https://develop.svn.wordpress.org/trunk@44112 602fd350-edb4-49c9-b593-d223f7449a82
* Minification is done by uglify, so disable that in the media build.
* The webpack boilerplate has changed, which explains the changes in the build files.
* ModuleConcatenationPlugin is enable by default for production builds so we don't have to specify that ourselves.
Merge notes: In `trunk` uglify isn't run on the media files after webpack, so webpack does need to do that. Newer webpack versions use `terser-webpack-plugin` as the default minification. Use the `uglifyjs-webpack-plugin` plugin to maintain the same behavior as before. We can look into terser as a minifier later.
Merges [43688] to trunk.
See #45065.
git-svn-id: https://develop.svn.wordpress.org/trunk@44111 602fd350-edb4-49c9-b593-d223f7449a82
Because the existing `post_updated_messages` filter can be modified dynamically based on post state, it's unreliable to use with REST API clients. Instead, these new labels give clients stateless equivalents.
Merges [43744] from the 5.0 branch to trunk.
Props earnjam.
Fixes#45101.
git-svn-id: https://develop.svn.wordpress.org/trunk@44110 602fd350-edb4-49c9-b593-d223f7449a82
These helper functions allow easy access to the global block registry.
Merges [43743] from the 5.0 branch to trunk.
See #45109.
git-svn-id: https://develop.svn.wordpress.org/trunk@44109 602fd350-edb4-49c9-b593-d223f7449a82
These are the foundational classes allowing blocks to be registered and used throughout WordPress.
This commit also includes the `has_block()` and `has_blocks()` functions, which are required for unit testing these classes.
Merges [43742] from the 5.0 branch to trunk.
Props adamsilverstein, danielbachhuber, desrosj.
Fixes#45097.
See #45109.
git-svn-id: https://develop.svn.wordpress.org/trunk@44108 602fd350-edb4-49c9-b593-d223f7449a82
Introduces a `WP_REST_Search_Controller` class which registers a `/wp/v2/search` endpoint. Search types are handled by extending `WP_REST_Search_Handler`. The default search type is `WP_REST_Post_Search_Handler` but can be filtered by plugins or a theme.
Merges [43739,43741] from the 5.0 branch to trunk.
Props danielbachhuber, flixos90, pento, rmccue, joehoyle.
Fixes#39965.
git-svn-id: https://develop.svn.wordpress.org/trunk@44107 602fd350-edb4-49c9-b593-d223f7449a82
Ensure activation of a site is not attempted multiple times and users are shown the correct message if they follow the link a second time.
git-svn-id: https://develop.svn.wordpress.org/trunk@44021 602fd350-edb4-49c9-b593-d223f7449a82
The existing `rest_insert_*` actions are fired before meta and additional fields are updated. These new `rest_after_*` actions fire after all write operations have completed.
Props timothyblynjacobs, danielbachhuber.
Merges [43737] to trunk.
Fixes#42864.
git-svn-id: https://develop.svn.wordpress.org/trunk@43987 602fd350-edb4-49c9-b593-d223f7449a82
In [43087], we improved REST API performance by only rendering the fields specified in the request. Similarly, any fields registered with `register_rest_field()` should only be rendered when included in `?_fields=`.
Props dlh, danielbachhuber.
Merges [43736] to trunk.
Fixes#45099.
git-svn-id: https://develop.svn.wordpress.org/trunk@43986 602fd350-edb4-49c9-b593-d223f7449a82
In order to correctly render parts of its UI, the new editor needs to be aware of the active theme's post-formats and post-thumbnails support. This data is exposed by querying for the active theme on a new /wp/v2/themes endpoint for sufficiently privileged users.
Merges [43734], [43735] to trunk.
props desrosj.
Fixes#45016.
git-svn-id: https://develop.svn.wordpress.org/trunk@43985 602fd350-edb4-49c9-b593-d223f7449a82
Allow low-privileged users to use the ARIA attributes `aria-describedby`, `aria-details`, `aria-label`, `aria-labelledby` and `aria-hidden`.
Merges [43731] to trunk.
Props mattheu, swissspidy, rianrietveld, afercia, GaryJ.
See #30421.
git-svn-id: https://develop.svn.wordpress.org/trunk@43984 602fd350-edb4-49c9-b593-d223f7449a82
Because WP REST API requests aren't identified until `parse_request`, it's impractical to reference the `REST_REQUEST` constant in `wp_debug_mode()`. Instead, it's more helpful to assume that a request wanting a JSON response probably doesn't want PHP errors breaking the response.
Merges [43730] to trunk.
Props chrisl27, duanestorey, earnjam.
Fixes#44534.
git-svn-id: https://develop.svn.wordpress.org/trunk@43983 602fd350-edb4-49c9-b593-d223f7449a82
Object type-specific actions that should happen before or after modification of metadata have so far been part of the respective wrapper functions. By using action and filter hooks, this changeset ensures they are always executed, even when calling the lower-level Meta API functions directly, which the REST API does as a prime example.
Merges [43729] to trunk.
Props flixos90, spacedmonkey.
Fixes#44467.
git-svn-id: https://develop.svn.wordpress.org/trunk@43982 602fd350-edb4-49c9-b593-d223f7449a82
Add global support for HTML attributes prefixed `data-` for authors and contributors, as required by the new editor.
Merges [43727] to trunk.
Props azaozz, peterwilsoncc.
Fixes#33121.
git-svn-id: https://develop.svn.wordpress.org/trunk@43981 602fd350-edb4-49c9-b593-d223f7449a82
In order for clients to present permalink previews, the REST API must share the computed results of get_sample_permalink(). These two values are now exposed as permalink_template and generated_slug for public, viewable post types, but only for context=edit.
Merges [43720] to trunk.
Props danielbachhuber, rahulsprajapati.
Fixes#45017.
git-svn-id: https://develop.svn.wordpress.org/trunk@43980 602fd350-edb4-49c9-b593-d223f7449a82
An authorized request with the read_private_posts capability for a post type should be able to GET /wp/v2/posts for posts of status=private. This query is further sanity-checked by WP_REST_Posts_Controller->check_read_permission(), which is unchanged.
Props rachelbaker, soulseekah, twoelevenjay.
Moves [43694] from the 5.0 branch to trunk.
Fixes#43701.
git-svn-id: https://develop.svn.wordpress.org/trunk@43979 602fd350-edb4-49c9-b593-d223f7449a82
Updates package dependencies to more modern versions, also adds .nvmrc and package-lock.json as followups to [43683] and [43571].
Merge notes: trunk already had an identical .nvmrc. package-lock.json exists in trunk, but has some changes based on the dependency updates.
Props jorbin.
Merges [43684], [43685] and [43686] to trunk.
See #44600.
Fixes#45064.
git-svn-id: https://develop.svn.wordpress.org/trunk@43977 602fd350-edb4-49c9-b593-d223f7449a82
Fix errors introduced in [43973] due to Jorbin not running the correct tag of wpcs.
Unprops jorbin.
git-svn-id: https://develop.svn.wordpress.org/trunk@43976 602fd350-edb4-49c9-b593-d223f7449a82
Travis now supports PHP7.3 without workarounds, so let's remove the workarounds.
Merges [43726] to trunk.
See #44771.
git-svn-id: https://develop.svn.wordpress.org/trunk@43975 602fd350-edb4-49c9-b593-d223f7449a82
Because user capabilities can be modified at runtime, the REST API needs to expose them in some evaluated but declarative manner for clients to interpret. JSON Hyper Schema targetSchema provides an appropriate paradigm for doing so.
Merges [43682] to trunk.
Props timothyblynjacobs.
Fixes#45014.
git-svn-id: https://develop.svn.wordpress.org/trunk@43974 602fd350-edb4-49c9-b593-d223f7449a82
In [43437], the link definition implementation caused attachment links to be unexpectedly nested under an attributes key. This changeset restores the prior behavior.
Merges [43681] to trunk.
Props TimothyBlynJacobs, danielbachhuber.
Fixes#44750.
git-svn-id: https://develop.svn.wordpress.org/trunk@43973 602fd350-edb4-49c9-b593-d223f7449a82