These tests no longer test anything that WordPress core has control over. YouTube now serves everything
over HTTPS by default, so the tests for #23149 will always pass, and the tests for #32714 aren't testing
anything that core has control over.
Tests for the responses from oEmbed providers has been attempted and reverted in #32360.
Props johnbillion.
Merges [41712] to the 4.3 branch.
See #42076, #32714, #23149.
git-svn-id: https://develop.svn.wordpress.org/branches/4.3@47484 602fd350-edb4-49c9-b593-d223f7449a82
`wp_kses_bad_protocol()` makes sure to validate that uri attributes don’t contain invalid/or not allowed protocols. While this works fine in most cases, there’s a risk that by using the colon html5 named entity, one is able to bypass this function.
Brings r46895 to the 4.3 branch.
Props: xknown, nickdaugherty, peterwilsoncc.
git-svn-id: https://develop.svn.wordpress.org/branches/4.3@46911 602fd350-edb4-49c9-b593-d223f7449a82
When jumping between branches, it would be nice to have the correct node version for the older versions of WordPress. Let's add .nvmrc files to these older branches for the supported versions.
Merges [46295] to the 4.3 branch.
Fixes#48140
git-svn-id: https://develop.svn.wordpress.org/branches/4.3@46301 602fd350-edb4-49c9-b593-d223f7449a82
This switches to caching npm's local cache instead of the compiled modules in `node_modules`. The latter is causing errors on the PHP 5.2 build.
Merges [44989] to the 4.3 branch.
See #42385
git-svn-id: https://develop.svn.wordpress.org/branches/4.3@44990 602fd350-edb4-49c9-b593-d223f7449a82
The `meta_input`, `file`, and `guid` fields are not intended to be updated through user input.
Merges [44047] to the 4.3 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.3@44064 602fd350-edb4-49c9-b593-d223f7449a82
This commit introduces the `wp_kses_uri_attributes` function and filter. The function centralizes the list of attributes, in order to prevent inconsistency, and the filter provides a way for plugins to customize the attributes.
Merges [44014] and [44017] to the `4.3` branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.3@44041 602fd350-edb4-49c9-b593-d223f7449a82
Ensure activation of a site is not attempted multiple times and users are shown the correct message if they follow the link a second time.
Merges [44021] to the 4.3 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.3@44033 602fd350-edb4-49c9-b593-d223f7449a82
To avoid backwards compatibility issues, `<form>` is re-added if a custom filter has added the `<input>` or `<select>` elements to `$allowedposttags`.
Merges [43994] to the 4.3 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.3@44005 602fd350-edb4-49c9-b593-d223f7449a82
[41496] removed support for numbered placeholders in queries send through `wpdb::prepare()`, which, despite being undocumented, were quite commonly used.
This change restores support for numbered placeholders (as well as a subset of placeholder formatting), while also adding extra checks to ensure the correct number of arguments are being passed to `wpdb::prepare()`, given the number of placeholders.
Merges [41662], [42056] to the 4.3 branch.
See #41925.
git-svn-id: https://develop.svn.wordpress.org/branches/4.3@42062 602fd350-edb4-49c9-b593-d223f7449a82
`wpdb::prepare()` supports %s, %d, and %F as placeholders in the query string. Any other non-escaped % will be escaped.
Merges [41496] to 4.3 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.3@41502 602fd350-edb4-49c9-b593-d223f7449a82
While `wpdb::prepare()` does not support null values (see #12819) they still appear in the wild like in the WordPress Importer and other plugins.
Merges [41483] to 4.3 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.3@41489 602fd350-edb4-49c9-b593-d223f7449a82
Previously if you passed an array of values for placeholders, additional values could be passed as well. Now additional values will be ignored.
Merges [41470] to 4.3 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.3@41476 602fd350-edb4-49c9-b593-d223f7449a82
