Restoring the current user context when saving a setting ensures filters apply as expected, such as Kses. When a user is not associated with a given setting change, continue to override `capability` to be `exist` when saving. Skip overwriting setting values in a changeset that have not changed, facilitating concurrent editing and amending a changeset by a user with fewer privileges.
See #30937.
Fixes#38705.
git-svn-id: https://develop.svn.wordpress.org/trunk@39181 602fd350-edb4-49c9-b593-d223f7449a82
Additionally, use these meta-caps in the REST API endpoints.
Previously, register_meta()'s auth_callback had no effect for non-post meta. This introduces `{add,edit,delete}_{comment,term,user}_meta` meta-caps to match the existing post meta capabilities. These are currently only used in the REST API.
Props tharsheblows, boonebgorges.
Fixes#38303, fixes#38412.
git-svn-id: https://develop.svn.wordpress.org/trunk@39179 602fd350-edb4-49c9-b593-d223f7449a82
`add_user_to_blog()` is now called, ensuring the correct hooks are called, along with setting the primary blog and clearing relevant caches.
Props jeremyfelt.
Fixes#38526.
git-svn-id: https://develop.svn.wordpress.org/trunk@39177 602fd350-edb4-49c9-b593-d223f7449a82
The CSS property `background-attachment: fixed` is disabled in some mobile browsers for performance reasons. So here, the fix increases the breakpoint where the `background-attachment: fixed` is applied to the front page images. Doing this removes the fixed backgrounds and the issue from all smaller screens, but the downside is that it also removes the fixed backgrounds from smaller laptops. It's also possible future devices could fall into this breakpoint, but this seems to be the most practical solution.
Props laurelfulford.
Fixes#38395.
git-svn-id: https://develop.svn.wordpress.org/trunk@39176 602fd350-edb4-49c9-b593-d223f7449a82
[39168] introduced a new theme to the tests, but it wasn't taken into account in Tests_Theme_ThemeDir::test_theme_list.
See #38696.
git-svn-id: https://develop.svn.wordpress.org/trunk@39170 602fd350-edb4-49c9-b593-d223f7449a82
Previously there was no way to remove the user locale setting again, even though that might be desirable.
This adds a new 'Site Default' option to the user-specific language setting by introducing a new `show_site_locale_default` argument to `wp_dropdown_languages()`.
Props ocean90.
See #29783.
Fixes#38632.
git-svn-id: https://develop.svn.wordpress.org/trunk@39169 602fd350-edb4-49c9-b593-d223f7449a82
After [38951] added support for post type templates beyond pages, this fixes an issue where an empty meta box would be shown when using child themes.
Fixes#38696.
git-svn-id: https://develop.svn.wordpress.org/trunk@39168 602fd350-edb4-49c9-b593-d223f7449a82
Following [39148] and [39128], this removes the mime type logic for
Vimeo URLs from `get_header_video_settings()` and removes remaining
Vimeo reference from `_validate_external_header_video()` docs.
Fixes#38544.
git-svn-id: https://develop.svn.wordpress.org/trunk@39165 602fd350-edb4-49c9-b593-d223f7449a82
* Removes `aria-hidden` argument. Lets `aria-hidden="true"` be there by default and sets it empty when there is `title` and `desc`.
* Adds unique IDs for title and desc for accessible implementation options.
* Removes absolute path in the Customizer. It didn't work in Internet Explorer, and the original bug is fixed in #30028.
* Add whitespace around `<use>`, from #38387.
Props sami.keijonen, swissspidy, laurelfulford.
Fixes#38659.
See #38387.
git-svn-id: https://develop.svn.wordpress.org/trunk@39164 602fd350-edb4-49c9-b593-d223f7449a82
Now all public query vars are not supoprted via `?filter` in the REST API, we can remove the get_allowed_query_vars() method and filter. To provide developers with a good altnerative to `filter`, the `"rest_{$this->post_type}_collection_params"` filter has been added.
Props rmccue, rachelbacker, danielbachhuber.
Fixes#38629.
git-svn-id: https://develop.svn.wordpress.org/trunk@39162 602fd350-edb4-49c9-b593-d223f7449a82
This filter was originally introduced in https://github.com/WP-API/WP-API/pull/2535 to support Customizer Changesets (née Transactions). This is a super broad filter and doesn't really fit with the design of the API, nor is it (arguably) the right level to do this.
Props rmccue.
Fixes#38701.
git-svn-id: https://develop.svn.wordpress.org/trunk@39161 602fd350-edb4-49c9-b593-d223f7449a82
The regular comments API requires 6 characters rather than 3, so we need to match this.
Props mangeshp, dd32.
Fixes#38506.
git-svn-id: https://develop.svn.wordpress.org/trunk@39158 602fd350-edb4-49c9-b593-d223f7449a82
Introduced in [39155], but not necessary for the slashing tests. These fail on 5.3, which encodes the emoji as HTML entities.
Props dd32.
See #38609.
git-svn-id: https://develop.svn.wordpress.org/trunk@39156 602fd350-edb4-49c9-b593-d223f7449a82
This necessitates a change to our slashing code as well. Ah slashing, the cause of, and solution to, all of life's problems.
Props jnylen0.
Fixes#38609.
git-svn-id: https://develop.svn.wordpress.org/trunk@39155 602fd350-edb4-49c9-b593-d223f7449a82
Just like excerpt and content for regular posts, these have transformations applied that can make the content significantly different from the raw value.
Props jnylen0.
Fixes#38679.
git-svn-id: https://develop.svn.wordpress.org/trunk@39154 602fd350-edb4-49c9-b593-d223f7449a82
The combination of font-size and weight for post navigation made lower case "i"s illegible in some cases. Using `15px` seemed to be the best choice all around. Also adjusts the spacing around the arrows a bit, since they touch the text on small screen sizes.
Props laurelfulford.
Fixes#38670.
git-svn-id: https://develop.svn.wordpress.org/trunk@39152 602fd350-edb4-49c9-b593-d223f7449a82
The `WP_Customize_Custom_CSS_Setting::value()` method now returns the `default` if `wp_get_custom_css()` returns empty.
Props westonruter, afercia, helen.
See #35395.
Fixes#38685.
git-svn-id: https://develop.svn.wordpress.org/trunk@39151 602fd350-edb4-49c9-b593-d223f7449a82
Pressing `Esc` followed by `Tab` allows for tabbing to the next element.
Props afercia, coffee2code, westonruter.
See #35395.
Fixes#38667.
git-svn-id: https://develop.svn.wordpress.org/trunk@39149 602fd350-edb4-49c9-b593-d223f7449a82
Following [39128], this removes the validation logic for Vimeo URLs from
`_validate_external_header_video()` since WP does not support the
display of videos from Vimeo by default.
This also includes a change to using `esc_url_raw()` instead of `esc_url()`
on the URL value to avoid unexpected behavior from the inclusion of HTML
entities.
Props peterwilsoncc, westonruter.
Fixes#38544.
git-svn-id: https://develop.svn.wordpress.org/trunk@39148 602fd350-edb4-49c9-b593-d223f7449a82
TwentySeventeen attempts to highlight media found in post content by using `get_media_embedded_in_content()` to extract videos from the content and display their HTML differently. However, the HTML being generated by the playlist shortcode relies on JavaScript to update the video element with the markup needed to display the playlist properly. The `get_media_embedded_in_content()` function wasn't designed to handle this use case.
The patch looks for the presence of `wp-playlist-script` in the content and shows the standard content rather than trying to pluck the media elements from the content using `get_media_embedded_in_content()`.
Props joemcgill.
Fixes#38390.
git-svn-id: https://develop.svn.wordpress.org/trunk@39146 602fd350-edb4-49c9-b593-d223f7449a82
Fixes regression introduced with the addition of control notifications in [37476]. The container element for notifications is injected after the `.customize-control-title` element if the `.customize-control-notifications-container` element does not already exist in the control's template. Also adds missing margin between current image and uploaded images.
Props bradyvercher.
See #34893.
Fixes#38561.
git-svn-id: https://develop.svn.wordpress.org/trunk@39145 602fd350-edb4-49c9-b593-d223f7449a82
Currently, the "Collapse menu" item is not focusable and keyboard users can't collapse/expand the admin menu. This aims to fix it so that screen readers no longer announce it as a clickable but it remains unfocusable and thus unusable. So it's now a button.
Quoting joedolson at WordCamp Chicago 2014:
"If it's supposed to act like a button, it should be a button."
Also includes a grunt:precommit run that picked up some postcss changes to src/wp-includes/css/customize-preview.css
Fixes#29958.
Props ajercia, ipm-frommen for an iterative patch, valendesigns for an iterative patch, GaryJ for feedback, joedolson for feedback, helen for feedback
git-svn-id: https://develop.svn.wordpress.org/trunk@39141 602fd350-edb4-49c9-b593-d223f7449a82
This is a great goal for core, and is close, but it is not in shape to be shipped for 4.7 and there is not enough time left in the development cycle to alter and polish sufficiently. There are bugs, but more than that, there are more fundamental questions around the use of existing UI, general UX, and how findable themes are (not) on the .org side.
see #37661.
git-svn-id: https://develop.svn.wordpress.org/trunk@39140 602fd350-edb4-49c9-b593-d223f7449a82
When there are many post types registered, prevent Ajax requests from piling up and slamming WordPress with concurrent requests.
Props curdin, westonruter.
Fixes#36697.
git-svn-id: https://develop.svn.wordpress.org/trunk@39137 602fd350-edb4-49c9-b593-d223f7449a82
This also reduces the number of browsers detected and patched with this fix. Most modern browsers have patched this common bug, where an anchor link does not move focus when clicked. Twenty Seventeen will only worry about older versions of Internet Explorer in this regard.
Props afercia, sami.keijonen.
See #38604.
git-svn-id: https://develop.svn.wordpress.org/trunk@39135 602fd350-edb4-49c9-b593-d223f7449a82
Edit links can be restored in plugins by removing the `__return_empty_string` function from the `get_edit_post_link` filter at the `customize_preview_init` action.
Fixes#38648.
git-svn-id: https://develop.svn.wordpress.org/trunk@39133 602fd350-edb4-49c9-b593-d223f7449a82