This now treats files containing `./` as valid, and also treats files containing a trailing `../` as valid due to widespread use of this pattern in theme and plugin zip files.
Adds tests.
Props Ipstenu, borgesbruno, DavidAnderson, philipjohn, birgire
Fixes#42016, #36170
git-svn-id: https://develop.svn.wordpress.org/trunk@42011 602fd350-edb4-49c9-b593-d223f7449a82
* Allow updating oEmbed cache during `parse-embed` requests for non-post editors (such as widgets).
* Update any existing `oembed_cache` post when `usecache` and TTL has passed.
* Do not overwrite a previously valid cache with `{{unknown}}`.
Props dlh.
See #34115.
Fixes#42310.
git-svn-id: https://develop.svn.wordpress.org/trunk@42009 602fd350-edb4-49c9-b593-d223f7449a82
Removes the box shadow on gallery links in footer widget areas so they're consistent with the sidebar widget area.
Props transl8or, sami.keijonen, davidakennedy.
Fixes#42302.
git-svn-id: https://develop.svn.wordpress.org/trunk@42004 602fd350-edb4-49c9-b593-d223f7449a82
Use the core list, rather than the .org API, due to inconsistencies and to ensure tags are translated.
Props celloexpressions.
See #37661, #42306.
git-svn-id: https://develop.svn.wordpress.org/trunk@42003 602fd350-edb4-49c9-b593-d223f7449a82
In r41727 the ability to sanitise and validate objects from JSON schema was added, with a whitelist approach. It was decided we should pass through all non-registered properties to reflect the behaviour of the root object in register_rest_route. To prevent arbitrary extra data via setting objects, we force additionalProperties to false in the settings endpoint.
See #38583.
git-svn-id: https://develop.svn.wordpress.org/trunk@42000 602fd350-edb4-49c9-b593-d223f7449a82
"Developers" excludes the various major contributors in non-developer roles, so let's update this term to be more inclusive.
See #41022.
git-svn-id: https://develop.svn.wordpress.org/trunk@41998 602fd350-edb4-49c9-b593-d223f7449a82
Fixes a bug where menu assignements couldn't be changed when previewing a theme.
Also removes an unnecessary call to menu mapping after a theme switch from the customizer and makes sure the locations option is always written, for good measure.
Props westonruter.
See #39692.
git-svn-id: https://develop.svn.wordpress.org/trunk@41995 602fd350-edb4-49c9-b593-d223f7449a82
Explicitly define `gutters` in base `defaultSettings` to improve merges of multiple calls to `wp_enqueue_code_editor()`.
Props westonruter, georgestephanis for testing.
Amends [41974].
See #12423.
git-svn-id: https://develop.svn.wordpress.org/trunk@41992 602fd350-edb4-49c9-b593-d223f7449a82
Previously attempted in [40256], which caused the test for decoded curly quotes to fail in some environments.
`$_SERVER['REQUEST_URI']` contains the encoded URI, so this version removes the failing tests and only checks for encoded curly quotes.
Props joostdevalk, lancewillett, SergeyBiryukov.
Fixes#20383.
git-svn-id: https://develop.svn.wordpress.org/trunk@41991 602fd350-edb4-49c9-b593-d223f7449a82
Fixes the issue with plugins not being able to use the `kses_allowed_protocols` filter if `esc_url()` was called too early.
Props turtlepod, SergeyBiryukov.
Fixes#36033.
git-svn-id: https://develop.svn.wordpress.org/trunk@41990 602fd350-edb4-49c9-b593-d223f7449a82
Adds checks throughout to allow for `wp_new_comment()` returning a `WP_Error` instance.
Updates the docs for the `pre_comment_approved` filter to include that it can be passed an error.
Props enrico.sorcinelli, ryotsun.
Fixes#39730.
git-svn-id: https://develop.svn.wordpress.org/trunk@41980 602fd350-edb4-49c9-b593-d223f7449a82
Also remove `enum` for validating allowed templates to allow plugins to dynamically supply their own templates for specific posts, even when they are not in the theme.
Props TimothyBlynJacobs, jnylen0, swissspidy.
Fixes#39996.
git-svn-id: https://develop.svn.wordpress.org/trunk@41979 602fd350-edb4-49c9-b593-d223f7449a82
Reverting this for 4.9. It will be added back in a future version of WordPress. This doesn't mean that you shouldn't be trying Gutenberg, just that it isn't ready for a call out to a larger audience. But if you are the type to read commit messages, https://github.com/WordPress/gutenberg could use your pull requests and comments on issues.
Reverts [41931] [41900] [41896] [41895]
See #41316
git-svn-id: https://develop.svn.wordpress.org/trunk@41978 602fd350-edb4-49c9-b593-d223f7449a82
By moving the `wporg` conditional inside the method body, the filter drawer can be overridden without having to also override the entire section template.
Props celloexpressions.
Closes#42212.
git-svn-id: https://develop.svn.wordpress.org/trunk@41973 602fd350-edb4-49c9-b593-d223f7449a82
The customizer and the theme installer use `visibility: hidden` on the body when
they open full-overlays screens. The FTP credentials modal needs a visibility
property set back to `visible` to be visible over those overlays.
Props purnendu.
Fixes#42205.
git-svn-id: https://develop.svn.wordpress.org/trunk@41972 602fd350-edb4-49c9-b593-d223f7449a82
Moves defintion of ajax request in `WP_Ajax_UnitTestCase` to `setUp()` method to account for hooks being reset as part of `tearDown()`.
Props matthias.thiel for report.
Fixes#41561.
git-svn-id: https://develop.svn.wordpress.org/trunk@41970 602fd350-edb4-49c9-b593-d223f7449a82