Apps may now optionally include an `app_id` parameter when directing the user to the Authorize Application screen. This allows for instances of an application to be identified and potentially revoked or blocked.
Props TimothyBlynJacobs, georgestephanis.
Fixes#51583.
git-svn-id: https://develop.svn.wordpress.org/trunk@49276 602fd350-edb4-49c9-b593-d223f7449a82
Previously, only a small subset of keywords were exposed which limited the utility of `OPTIONS` requests.
Props raubvogel, TimothyBlynJacobs.
Fixes#51020.
git-svn-id: https://develop.svn.wordpress.org/trunk@49257 602fd350-edb4-49c9-b593-d223f7449a82
A new route is introduced, `batch/v1`, that accepts a list of API requests to run. Each request runs in sequence, and the responses are returned in the order they've been received.
Optionally, the `require-all-validate` validation mode can be used to first validate each request's parameters and only proceed with processing if each request validates successfully.
By default, the batch size is limited to 25 requests. This can be controlled using the `rest_get_max_batch_size` filter. Clients are strongly encouraged to discover the maximum batch size supported by the server by making an OPTIONS request to the `batch/v1` endpoint and inspecting the described arguments.
Additionally, the two new methods, `match_request_to_handler` and `respond_to_request` introduced in [48947] now have a `protected` visibility as we don't want to expose the inner workings of the `WP_REST_Server::dispatch` API.
Batching is not currently supported for GET requests.
Fixes#50244.
Props andraganescu, zieladam, TimothyBlynJacobs.
git-svn-id: https://develop.svn.wordpress.org/trunk@49252 602fd350-edb4-49c9-b593-d223f7449a82
When `noopener noreferrer` was originally added in #37941 and related tickets, the `noreferrer` bit was specifically included due to Firefox not supporting `noopener` at the time.
Since `noopener` has been supported by all major browsers for a while, it should now be safe to remove the `noreferrer` attribute from core.
Props Mista-Flo, audrasjb, joostdevalk, jonoaldersonwp, peterwilsoncc, elgameel.
Fixes#49558.
git-svn-id: https://develop.svn.wordpress.org/trunk@49215 602fd350-edb4-49c9-b593-d223f7449a82
This provides more flexibility when writing tests and benefits from running in a front-end context which is necessary for some tests like checking that updates are supported. Additionally, this provides a more robust interface for developers who want to integrate with Site Health tests.
Because the `wp/v2` endpoint is reserved for modeling core entities, site health is registered in its own `wp-site-health/v1` namespace.
The existing ajax actions have been maintained for backward compatibility.
Props Clorith, chrisvanpatten, afragen, pokhriyal, TimothyBlynJacobs.
Fixes#48105.
git-svn-id: https://develop.svn.wordpress.org/trunk@49154 602fd350-edb4-49c9-b593-d223f7449a82
* Deprecate the `l10n` property on `communityEventsData`.
* Introduce `version` parameter for `deprecateL10nObject` and backfill the version for deprecated objects in 5.5.0.
* Add a noop version of `deprecateL10nObject` for QUnit testing.
Fixes#51498.
git-svn-id: https://develop.svn.wordpress.org/trunk@49151 602fd350-edb4-49c9-b593-d223f7449a82
This allows for clients to search the used post formats via the /wp/v2/search endpoint by using a type=post-format query parameter.
Fixes#51459.
Props andraganescu, zieladam, noisysocks, TimothyBlynJacobs.
git-svn-id: https://develop.svn.wordpress.org/trunk@49132 602fd350-edb4-49c9-b593-d223f7449a82
In WordPress 4.4 the REST API was first introduced. A few releases later in WordPress 4.7, the Content API endpoints were added, paving the way for Gutenberg and countless in-site experiences. In the intervening years, numerous plugins have built on top of the REST API. Many developers shared a common frustration, the lack of external authentication to the REST API.
This commit introduces Application Passwords to allow users to connect to external applications to their WordPress website. Users can generate individual passwords for each application, allowing for easy revocation and activity monitoring. An authorization flow is introduced to make the connection flow simple for users and application developers.
Application Passwords uses Basic Authentication, and by default is only available over an SSL connection.
Props georgestephanis, kasparsd, timothyblynjacobs, afercia, akkspro, andraganescu, arippberger, aristath, austyfrosty, ayesh, batmoo, bradyvercher, brianhenryie, helen, ipstenu, jeffmatson, jeffpaul, joostdevalk, joshlevinson, kadamwhite, kjbenk, koke, michael-arestad, Otto42, pekz0r, salzano, spacedmonkey, valendesigns.
Fixes#42790.
git-svn-id: https://develop.svn.wordpress.org/trunk@49109 602fd350-edb4-49c9-b593-d223f7449a82
This allows for clients to search the available terms via the `/wp/v2/search` endpoint by using a `type=term` query parameter.
Fixes#51458.
Props andraganescu, zieladam, noisysocks, TimothyBlynJacobs.
git-svn-id: https://develop.svn.wordpress.org/trunk@49103 602fd350-edb4-49c9-b593-d223f7449a82
- Add jquery-migrate.js v.3.3.1 to core and load it in debug mode when `SCRIPT_DEBUG` is true.
- Add jquery.min.js, update jquery.js to 3.5.1 non-minified. This should help when debugging.
- Rebuild jQuery UI 1.12.1 and add it to core.
- Fix/adjust tests to match the above changes.
See #50564.
git-svn-id: https://develop.svn.wordpress.org/trunk@49101 602fd350-edb4-49c9-b593-d223f7449a82
To facilitate inline image editing in Gutenberg, a new endpoint at wp/v2/media/<id>/edit has been introduced. This is functionally similar to the existing ajax image editor, however the REST API editor creates a new attachment record instead of updating an existing attachment.
Fixes#44405.
Props ajlende, ellatrix, spacedmonkey, azaozz.
git-svn-id: https://develop.svn.wordpress.org/trunk@48291 602fd350-edb4-49c9-b593-d223f7449a82
These endpoints facilitate the Block Directory Inserter feature in Gutenberg. Users can now install, activate, deactivate, and delete plugins over the REST API. The block directoryendpoint allows searching for available blocks from the WordPress.org block directory.
Props cklee, talldanwp, noisysocks, joen, soean, youknowriad, dufresnesteven, gziolo, dd32, tellyworth, ryelle, spacedmonkey, TimothyBlynJacobs.
Fixes#50321.
git-svn-id: https://develop.svn.wordpress.org/trunk@48242 602fd350-edb4-49c9-b593-d223f7449a82
This endpoint allows a user to retrieve the block type definition for all server-side registered block types.
Props spacedmonkey, aduth, gziolo, ocean90, TimothyBlynJacobs.
Fixes#47620.
git-svn-id: https://develop.svn.wordpress.org/trunk@48173 602fd350-edb4-49c9-b593-d223f7449a82
“The WordPress open source community cares about diversity. We strive to maintain a welcoming environment where everyone can feel included.”
With this commit, all occurrences of “whitelist” and “blacklist” (with the single exception of the `$new_whitelist_options` global variable) are removed. A new ticket has been opened to explore renaming the `$new_whitelist_options` variable (#50434).
Changing to more specific names or rewording sentences containing these terms not only makes the code more inclusive, but also helps provide clarity. These terms are often ambiguous. What is being blocked or allowed is not always immediately clear. This can make it more difficult for non-native English speakers to read through the codebase.
Words matter. If one contributor feels more welcome because these terms are removed, this was worth the effort.
Props strangerstudios, jorbin, desrosj, joemcgill, timothyblynjacobs, ocean90, ayeshrajans, davidbaumwald, earnjam.
See #48900, #50434.
Fixes#50413.
git-svn-id: https://develop.svn.wordpress.org/trunk@48121 602fd350-edb4-49c9-b593-d223f7449a82
Every block has a different set of attributes. These attributes are specified as a JSON Schema object. Previously, every block registered its own block renderer route using its attributes for the schema. This allowed for the attributes to be validated using the built in endpoint validation rules. It had the unfortunate side effect, however, of creating a large number of nearly identical REST API routes, one for each dynamic block. Each registered route has a performance impact. As the number of server side blocks goes up, this becomes more and more of an issue.
Now, we register a single block renderer route and dynamically validate the attributes based on the selected block.
Fixes#48079.
Props gziolo, TimothyBlynJacobs.
git-svn-id: https://develop.svn.wordpress.org/trunk@48069 602fd350-edb4-49c9-b593-d223f7449a82
[47755] and [47756] caused a schema change, so the wp-api-generated.js file needs to be updated.
git-svn-id: https://develop.svn.wordpress.org/trunk@47757 602fd350-edb4-49c9-b593-d223f7449a82
When used as a noun referring to the "virtual" place, `Trash` should be capitalized.
Props garrett-eclipse, aandrewdixon, Presskopp.
Fixes#45317.
git-svn-id: https://develop.svn.wordpress.org/trunk@47233 602fd350-edb4-49c9-b593-d223f7449a82
Core did not include the navigation block PHP files.
This commit fixes the issue referred, and now the navigation block is executed on the frontend. The block still does not work as expected and throws an error during frontend execution. That problem is going to be fixed on the next WordPress package update.
This commit adds the file as it is on the npm package used.
Props gziolo.
Fixes#49348.
git-svn-id: https://develop.svn.wordpress.org/trunk@47176 602fd350-edb4-49c9-b593-d223f7449a82
This patch integrates DependencyExtractionWebpackPlugin which was battle-tested in Gutenberg.
This will greatly simplify the process of upgrading npm packages which change after every Gutenberg release. It might even useful during the WordPress release cycle as we might need to publish more often as we discover critical bugs and regressions.
Props jonsurrell, adamsilverstein, youknowriad, ocean90, netweb.
Fixes#48154.
git-svn-id: https://develop.svn.wordpress.org/trunk@47035 602fd350-edb4-49c9-b593-d223f7449a82
The REST API supports filtering by terms across multiple taxonomies using an AND relation. This adds support for an OR relation by adding "tax_relation=OR" as a query parameter.
Props earnjam.
Fixes#44326.
git-svn-id: https://develop.svn.wordpress.org/trunk@46646 602fd350-edb4-49c9-b593-d223f7449a82
We decided to mark Social Links block as an experimental feature in Gutenberg. In effect, we are moving all related code from WordPress 5.3 release.
Props youknowriad.
Fixes#48263.
git-svn-id: https://develop.svn.wordpress.org/trunk@46543 602fd350-edb4-49c9-b593-d223f7449a82
1. `POST /wp/v2/media`.
2. If the upload failed (HTTP 500 error), look for a response header with `X-WP-Upload-Attachment-ID` header that contains the newly created attachment ID.
3. `POST /wp/v2/media/{id}/post-process` with `{ "action": "create-image-subsizes" }`. This request may still fail, but it will save its progress.
4. On continued failure, `DELETE /wp/v2/media/{id}` to give up on the upload and instruct the user to resize their image before uploading.
Props TimothyBlynJacobs.
Fixes#47987.
git-svn-id: https://develop.svn.wordpress.org/trunk@46422 602fd350-edb4-49c9-b593-d223f7449a82
Headings are the predominant mechanism for screen reader users to find information in a page. They also help all users to better identify the main sections of user interfaces.
- adds three new headings within the media modal
- improves plural form translation for "item selected" by using `wp.i18n`
- horizontally centers the media modal menu in the responsive view
Props kjellr, karmatosed, melchoyce, afercia.
See #47149.
Fixes#47610.
git-svn-id: https://develop.svn.wordpress.org/trunk@46375 602fd350-edb4-49c9-b593-d223f7449a82
The current logic in TwentyFifteen (#30366) for making the sidebar sticky while still allowing to scroll through it when the sidebar height is larger than the viewport height is flawed and massively overcomplicated.
This can be mitigated by removing the admin bar specific logic and leaving most of the heavy lifting up to the browser.
Fixes#37536
Props DvanKooten, lukecavanagh, karmatosed, ianbelanger, davidbaumwald
git-svn-id: https://develop.svn.wordpress.org/trunk@46308 602fd350-edb4-49c9-b593-d223f7449a82
Expose a date_floating property on all status objects to permit clients (including the block editor) to make correct decisions about date handling for posts of varying status.
Props mnelson4, earnjam, kadamwhite, jnylen0, nerrad, pento.
See #39953.
git-svn-id: https://develop.svn.wordpress.org/trunk@46252 602fd350-edb4-49c9-b593-d223f7449a82
We've extracted wp-includes/wp-a11y.js to a reusable package wordpress/a11y which is published on NPM. Let's make sure this package is also used in WordPress core. Once all the JavaScript is built using webpack, we can also import this package wherever it is used and configure webpack to load is an external.
Props omarreiss, herregroen, desrosj, ocean90, afercia, sstoqnov
git-svn-id: https://develop.svn.wordpress.org/trunk@46167 602fd350-edb4-49c9-b593-d223f7449a82
Title attributes on abbreviations are only available to a minority of users. The
best option is to avoid unnecessary abbreviations when possible. In the other cases,
use an `<abbr>` element (which provides a hint to user agents on how to announce
and display the abbreviation) and provide an expansion in plain text on first use.
- `readme.html`: improves abbreviations and removes unnecessary `title` attributes
- options-general: removes unnecessary abbreviations and improves the remaining ones
- customizer schedule changeset date: removes unnecessary abbreviations and improves the remaining ones
- posts table date: uses a `span` element instead of an `abbr` element because this is not an abbreviation
Fixes#46980.
git-svn-id: https://develop.svn.wordpress.org/trunk@45930 602fd350-edb4-49c9-b593-d223f7449a82
