38208 Commits

Author SHA1 Message Date
Sergey Biryukov
c089cc014b Build/Test Tools: Remove unused ::assertPostHasTerms() method from tests/term.php.
The associated test was removed in [30241].

Merges [47341] to 3.7+ branches.
See #49485.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@47489 602fd350-edb4-49c9-b593-d223f7449a82
2020-03-22 14:29:03 +00:00
Sergey Biryukov
8a8908a331 WordPress 4.9.13
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@46924 602fd350-edb4-49c9-b593-d223f7449a82
2019-12-12 20:26:00 +00:00
Sergey Biryukov
e90e97b041 Ensure that a user can publish_posts before making a post sticky.
Props: danielbachhuber, whyisjake, peterwilson, xknown.

Brings r46893 to the 4.9 branch.

Update `wp_kses_bad_protocol()` to recognize `:` on uri attributes,

`wp_kses_bad_protocol()` makes sure to validate that uri attributes don’t contain invalid/or not allowed protocols. While this works fine in most cases, there’s a risk that by using the colon html5 named entity, one is able to bypass this function.

Brings r46895 to the 4.9 branch.

Props: xknown, nickdaugherty, peterwilsoncc.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@46918 602fd350-edb4-49c9-b593-d223f7449a82
2019-12-12 18:56:36 +00:00
Jonathan Desrosiers
23f8b4b28a WordPress 4.9.12.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@46511 602fd350-edb4-49c9-b593-d223f7449a82
2019-10-14 20:06:08 +00:00
Jake Spurlock
2a6c470de6 Backporting several bug fixes.
- Query: Remove the static query property.
- HTTP API: Protect against hex interpretation.
- Filesystem API: Prevent directory travelersals when creating new folders.
- Administration: Ensure that admin referer nonce is valid.
- REST API: Send a Vary: Origin header on GET requests.

Backports [46474], [46475], [46476], [46477], [46478], [46483], [46485] to the 5.0 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.9@46493 602fd350-edb4-49c9-b593-d223f7449a82
2019-10-14 18:38:34 +00:00
Jake Spurlock
c382852061 Add .nvmrc files to older versions of WordPress
Fixes #48140.
Props whyisjake.


git-svn-id: https://develop.svn.wordpress.org/branches/4.9@46295 602fd350-edb4-49c9-b593-d223f7449a82
2019-09-25 20:43:44 +00:00
Jonathan Desrosiers
9ad10b8508 WordPress 4.9.11.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@46043 602fd350-edb4-49c9-b593-d223f7449a82
2019-09-04 21:22:43 +00:00
Andrew Ozz
9fc057ce42 jQuery: Backport the patch from jQuery 3.4.0.
Merges [45342] to the 4.9 branch.

Props MikeNGarrett, peterwilsoncc, azaozz.
Fixes #47020.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@46020 602fd350-edb4-49c9-b593-d223f7449a82
2019-09-04 18:40:23 +00:00
Jonathan Desrosiers
f78242362b Fix for URL sanitization in wp_kses_bad_protocol_once().
Merges [45997] to the 4.9 branch.

Props irsdl, sstoqnov, whyisjake.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@46005 602fd350-edb4-49c9-b593-d223f7449a82
2019-09-04 18:13:55 +00:00
Sergey Biryukov
4daf6f4603 Improve handling the existing rel attribute in wp_rel_nofollow_callback().
Merges [45990] to the 4.9 branch.
Props xknown, sstoqnov.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@45994 602fd350-edb4-49c9-b593-d223f7449a82
2019-09-04 17:47:09 +00:00
Sergey Biryukov
373c697c5a Improve URL validation in wp_validate_redirect().
Merges [45971] to the 4.9 branch.
Props vortfu, whyisjake, peterwilsoncc.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@45975 602fd350-edb4-49c9-b593-d223f7449a82
2019-09-04 17:07:33 +00:00
Jake Spurlock
10d96ecee9 Remove _convert_urlencoded_to_entities() from the get_the_content() callback.
Merges [45937] to the 4.9 branch.

Props vortfu, whyisjake, peterwilsoncc


git-svn-id: https://develop.svn.wordpress.org/branches/4.9@45946 602fd350-edb4-49c9-b593-d223f7449a82
2019-09-04 16:34:47 +00:00
Sergey Biryukov
88ae167b4a Escape the output in wp_ajax_upload_attachment().
Merges [45936] to the 4.9 branch.
Props whyisjake, sstoqnov.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@45943 602fd350-edb4-49c9-b593-d223f7449a82
2019-09-04 16:28:49 +00:00
John Blackbourn
92a1d1fc34 Build/Test tools: Further trimming of CI jobs on the 4.9 branch.
This removes the PHP 5.6 job which runs without an object cache in place as the likelihood of a change being backported that only breaks 5.6 environments without an object cache is small.

Merges [45005] into the 4.9 branch.

See #42387


git-svn-id: https://develop.svn.wordpress.org/branches/4.9@45006 602fd350-edb4-49c9-b593-d223f7449a82
2019-03-25 16:24:44 +00:00
John Blackbourn
029815ff15 Build/Test tools: Switch npm dependency caching strategy on Travis CI.
This switches to caching npm's local cache instead of `node_modules` in order to prevent issues caused by modules compiled using a different version of node.

Merges [44993] into the 4.9 branch.

See #46632


git-svn-id: https://develop.svn.wordpress.org/branches/4.9@44996 602fd350-edb4-49c9-b593-d223f7449a82
2019-03-25 00:55:39 +00:00
John Blackbourn
ab2485471b Build/Test tools: Trim the test matrix on Travis in order to speed up the 4.9 branch build.
This removes the PHP 7.1, 7.0, 5.5, 5.4, 5.3, and nightly jobs.

See #42387, #40407


git-svn-id: https://develop.svn.wordpress.org/branches/4.9@44991 602fd350-edb4-49c9-b593-d223f7449a82
2019-03-25 00:15:10 +00:00
Gary Pendergast
b0437c4315 WordPress 4.9.10
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@44868 602fd350-edb4-49c9-b593-d223f7449a82
2019-03-13 00:57:18 +00:00
Sergey Biryukov
3e858faef3 Comments: Improve comment content filtering.
Merges [44842] to the 4.9 branch.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@44845 602fd350-edb4-49c9-b593-d223f7449a82
2019-03-12 22:34:00 +00:00
Sergey Biryukov
765262a5c7 Formatting: Improve rel="nofollow" handling in comments.
Merges [44833] to the 4.9 branch.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@44836 602fd350-edb4-49c9-b593-d223f7449a82
2019-03-12 22:18:57 +00:00
Gary Pendergast
ab0ef78c40 Dashboard: Remove the Try Gutenberg callout.
Merge of [43807] from the 5.0 branch.

Props mukesh27.
Fixes #45063.



git-svn-id: https://develop.svn.wordpress.org/branches/4.9@44106 602fd350-edb4-49c9-b593-d223f7449a82
2018-12-13 09:06:20 +00:00
Jeremy Felt
e908aa365b Bump 4.9 branch to version 4.9.9.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@44078 602fd350-edb4-49c9-b593-d223f7449a82
2018-12-13 02:10:55 +00:00
Gary Pendergast
fb09f6d175 Editor: Remove unwanted fields before saving posts.
The `meta_input`, `file`, and `guid` fields are not intended to be updated through user input.

Merges [44047] to the 4.9 branch.



git-svn-id: https://develop.svn.wordpress.org/branches/4.9@44053 602fd350-edb4-49c9-b593-d223f7449a82
2018-12-13 01:37:30 +00:00
Peter Wilson
07c82a286b Multisite: Validate activation links.
Merges [44048] to the 4.9 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.9@44051 602fd350-edb4-49c9-b593-d223f7449a82
2018-12-13 01:32:07 +00:00
Peter Wilson
7a7e1ad9d6 Multisite: Improve messaging for previously activated users.
Ensure activation of a site is not attempted multiple times and users are shown the correct message if they follow the link a second time.

Merges [44021] to the 4.9 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.9@44024 602fd350-edb4-49c9-b593-d223f7449a82
2018-12-13 00:33:05 +00:00
Ian Dunn
17759410bd KSES: Make the URI attributes DRY.
This commit introduces the `wp_kses_uri_attributes` function and filter. The function centralizes the list of attributes, in order to prevent inconsistency, and the filter provides a way for plugins to customize the attributes.

Merges [44014] and [44017] to the `4.9` branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.9@44020 602fd350-edb4-49c9-b593-d223f7449a82
2018-12-13 00:13:03 +00:00
Gary Pendergast
4a807b3c7f KSES: Conditionally remove the <form> element from $allowedposttags.
To avoid backwards compatibility issues, `<form>` is re-added if a custom filter has added the `<input>` or `<select>` elements to `$allowedposttags`.

Merges [43994] to the 4.9 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43997 602fd350-edb4-49c9-b593-d223f7449a82
2018-12-12 23:16:14 +00:00
Jeremy Felt
ff58a699f0 Media: Improve verification of MIME file types.
Merges [43988] to the 4.9 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43989 602fd350-edb4-49c9-b593-d223f7449a82
2018-12-12 23:02:11 +00:00
Peter Wilson
05d99073da Media: Revert [43602] from the 4.9 branch.
Reverts changes to the "Edit more details" link in the attachment details modal.

This is out of scope for 4.9.9 and will be re-introduced in 5.0.0.

Fixes #44620.


git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43948 602fd350-edb4-49c9-b593-d223f7449a82
2018-11-29 21:20:40 +00:00
Sergey Biryukov
c0c6c7ab09 REST API: Revert [43648] from the 4.9 branch.
This change is out of the 4.9.x scope, and will be reintroduced in 5.0.x.

See #40510.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43715 602fd350-edb4-49c9-b593-d223f7449a82
2018-10-11 07:15:22 +00:00
Sergey Biryukov
ad319d3c85 Taxonomy: Revert [43620] from the 4.9 branch.
This change is out of the 4.9.x scope, and will be reintroduced in 5.0.x.

See #44872.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43711 602fd350-edb4-49c9-b593-d223f7449a82
2018-10-11 04:41:28 +00:00
Sergey Biryukov
50b9728d6a Privacy: Revert [43624] from the 4.9 branch.
This change is out of the 4.9.x scope, and will be reintroduced in 5.0.x.

See #44685.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43708 602fd350-edb4-49c9-b593-d223f7449a82
2018-10-11 04:22:05 +00:00
Sergey Biryukov
69b6690178 Posts, Post Types: Revert [43617] from the 4.9 branch.
This change is out of the 4.9.x scope, and will be reintroduced in 5.0.x.

See #34706.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43707 602fd350-edb4-49c9-b593-d223f7449a82
2018-10-11 04:17:00 +00:00
Sergey Biryukov
faee134538 Privacy: Revert [43614] from the 4.9 branch.
This change is out of the 4.9.x scope, and will be reintroduced in 5.0.x.

See #43985.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43705 602fd350-edb4-49c9-b593-d223f7449a82
2018-10-11 04:03:23 +00:00
Sergey Biryukov
0243b1ce57 Customize: Revert [43619] from the 4.9 branch.
This change is out of the 4.9.x scope, and will be reintroduced in 5.0.x.

See #44809.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43702 602fd350-edb4-49c9-b593-d223f7449a82
2018-10-11 03:52:44 +00:00
Sergey Biryukov
58fbc2a852 Customize: Revert [43611] from the 4.9 branch.
This change is out of the 4.9.x scope, and will be reintroduced in 5.0.x.

See #44770.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43701 602fd350-edb4-49c9-b593-d223f7449a82
2018-10-11 03:47:44 +00:00
Sergey Biryukov
d296dc89f5 Customize: Revert [43575] from the 4.9 branch.
This change is out of the 4.9.x scope, and will be reintroduced in 5.0.x.

See #44763.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43699 602fd350-edb4-49c9-b593-d223f7449a82
2018-10-11 03:40:50 +00:00
Sergey Biryukov
a7b3d4a30e Twenty Sixteen: Revert [43607] from the 4.9 branch.
This change is out of the 4.9.x scope, and will be reintroduced in 5.1.x.

See #44668.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43698 602fd350-edb4-49c9-b593-d223f7449a82
2018-10-11 03:29:54 +00:00
Boone Gorges
5d8518a26a Revert [43632] from the 4.9 branch.
These new hooks are not part of the 4.9.x scope, and will be reintroduced
as part of 5.0.x.

See #44733.


git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43690 602fd350-edb4-49c9-b593-d223f7449a82
2018-10-09 18:17:32 +00:00
Adam Silverstein
d9f721d812 Try Gutenberg callout: improve formatting for Internet Explorer 11.
Correct an issue where the layout of the "Try Gutenberg" callout added in #41316 falls apart under IE11.

Props kjellr, ianbelanger, pbiron, Luciano Croce, belcherj, ryansommers.     
Fixes #44742.


git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43674 602fd350-edb4-49c9-b593-d223f7449a82
2018-10-05 14:50:31 +00:00
Sergey Biryukov
b297a03020 General: PHP 7.3 throws an E_WARNING when using continue to target a switch.
Applying continue to a switch is equivalent to using break and quite possibly, a continue targeting a higher level control structure is actually intended.

To target the higher level control structure, a numeric argument has to be passed to continue. This fixes two cases in WordPress Core where this is currently happening.

See: https://github.com/php/php-src/pull/3364
See: https://wiki.php.net/rfc/continue_on_switch_deprecation

Props jrf.
Merges [43653] to the 4.9 branch.
Fixes #44543.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43656 602fd350-edb4-49c9-b593-d223f7449a82
2018-09-24 20:04:56 +00:00
Mike Schroder
830632f797 Media: In WP_Image_Editor::make_image(), close previously opened output buffer if the file could not be created.
In addition to the merge noted below, includes important brackets added in [42343].

Props dhanendran, gnif, sergey.
Merges [42695] and [42702] to the 4.9 branch.
Fixes #43255.



git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43649 602fd350-edb4-49c9-b593-d223f7449a82
2018-09-18 22:01:25 +00:00
Sergey Biryukov
dc70d3e266 REST API: Support pagination, order, search and other common query parameters for revisions.
The original REST API revisions controller relied on `wp_get_post_revisions()`, getting all revisions of a post without any possibility to restrict the result. This changeset replaces that function call with a proper `WP_Query` setup, replicating how `wp_get_post_revisions()` works while offering parameters to alter the default behavior.

Props adamsilverstein, birgire, flixos90.
Merges [43584-43586], [43647] to the 4.9 branch.
Fixes #40510.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43648 602fd350-edb4-49c9-b593-d223f7449a82
2018-09-18 03:54:20 +00:00
Sergey Biryukov
c50b216b50 Tests: Improve coverage for REST API term meta registration.
Introduce tests to validate that register_meta and register_term_meta work as expected in WP_REST_Terms_Controller.

Props timmydcrawford.
Merges [43567] to the 4.9 branch.
See #39122.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43646 602fd350-edb4-49c9-b593-d223f7449a82
2018-09-18 03:29:41 +00:00
Sergey Biryukov
13bd954199 Docs: Correct @since value for _wp_privacy_statuses().
Fix typo in `@since` entry for `WP_Privacy_Policy_Content:add()`.

Props dimadin.
Merges [43638] to the 4.9 branch.
Fixes #44915.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43639 602fd350-edb4-49c9-b593-d223f7449a82
2018-09-13 10:21:19 +00:00
Sergey Biryukov
e44849ece7 REST API: Pass correct ID to meta->update_value to permit setting term meta during term creation.
Props joehoyle.
Merges [43636] to the 4.9 branch.
Fixes #44834.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43637 602fd350-edb4-49c9-b593-d223f7449a82
2018-09-13 09:52:47 +00:00
Sergey Biryukov
bf71d67159 Taxonomy: Introduce new hooks when registering/unregistering taxonomies for object types.
Props soulseekah.
Merges [43558] and [43631] to the 4.9 branch.
Fixes #44733.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43632 602fd350-edb4-49c9-b593-d223f7449a82
2018-09-06 07:50:29 +00:00
Sergey Biryukov
4c6175e800 Tests: Introduce Tests_HTTP_Functions::skipTestOnTimeout(), mirroring the same WP_HTTP_UnitTestCase method.
Merges [43512] to the 4.9 branch.
Fixes #44613.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43626 602fd350-edb4-49c9-b593-d223f7449a82
2018-09-03 21:55:42 +00:00
Sergey Biryukov
9e8090fcee Tests: Use WP_HTTP_UnitTestCase::skipTestOnTimeout() in more HTTP tests.
Adjust it to handle more types of timeouts, e.g. "Resolving timed out", "Connection timed out".

Merges [43511] to the 4.9 branch.
See #44613.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43625 602fd350-edb4-49c9-b593-d223f7449a82
2018-09-03 21:52:48 +00:00
Sergey Biryukov
aadaa64d03 Privacy: When clicking a confirmation link for a privacy request, return a WP_Error object if the link has expired.
Returning a string caused a success message to be displayed instead of the correct error message.

Props desrosj.
Merges [43623] to the 4.9 branch.
Fixes #44685.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43624 602fd350-edb4-49c9-b593-d223f7449a82
2018-09-03 21:46:48 +00:00
Sergey Biryukov
1b18dc5f51 Help/About: Ensure the space after the period for the 4.9.8 changelog entry is preserved.
Props chetan200891, burhandodhy, swissspidy.
Fixes #44717.

git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43622 602fd350-edb4-49c9-b593-d223f7449a82
2018-09-03 21:35:04 +00:00