From c1f6817cad3f812004aaccf421447bd412f5339a Mon Sep 17 00:00:00 2001 From: antpb Date: Sun, 7 Nov 2021 23:29:56 +0000 Subject: [PATCH] Media: Remove security messaging in media upload failures. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Previously, when uploading a media item type that is not supported, the default error message claims that the reason it cannot upload is due to security reasons. This is not always true. Now the warning says that the type is not allowed, which is always true. Props antpb, Presskopp, peterwilsoncc, desrosj, iluy, circlecube, mikeschroder. Fixes #53626. Built from https://develop.svn.wordpress.org/trunk@52032 git-svn-id: http://core.svn.wordpress.org/trunk@51624 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/includes/file.php | 2 +- wp-includes/functions.php | 2 +- wp-includes/script-loader.php | 2 +- wp-includes/version.php | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/wp-admin/includes/file.php b/wp-admin/includes/file.php index 8a28c63adc..399fdcf629 100644 --- a/wp-admin/includes/file.php +++ b/wp-admin/includes/file.php @@ -931,7 +931,7 @@ function _wp_handle_upload( &$file, $overrides, $time, $action ) { } if ( ( ! $type || ! $ext ) && ! current_user_can( 'unfiltered_upload' ) ) { - return call_user_func_array( $upload_error_handler, array( &$file, __( 'Sorry, this file type is not permitted for security reasons.' ) ) ); + return call_user_func_array( $upload_error_handler, array( &$file, __( 'Sorry, you are not allowed to upload this file type.' ) ) ); } if ( ! $type ) { diff --git a/wp-includes/functions.php b/wp-includes/functions.php index 0950f79465..9e0398cf1e 100644 --- a/wp-includes/functions.php +++ b/wp-includes/functions.php @@ -2808,7 +2808,7 @@ function wp_upload_bits( $name, $deprecated, $bits, $time = null ) { $wp_filetype = wp_check_filetype( $name ); if ( ! $wp_filetype['ext'] && ! current_user_can( 'unfiltered_upload' ) ) { - return array( 'error' => __( 'Sorry, this file type is not permitted for security reasons.' ) ); + return array( 'error' => __( 'Sorry, you are not allowed to upload this file type.' ) ); } $upload = wp_upload_dir( $time ); diff --git a/wp-includes/script-loader.php b/wp-includes/script-loader.php index 5523ec76d2..801da32c21 100644 --- a/wp-includes/script-loader.php +++ b/wp-includes/script-loader.php @@ -875,7 +875,7 @@ function wp_default_scripts( $scripts ) { /* translators: %s: File name. */ 'file_exceeds_size_limit' => __( '%s exceeds the maximum upload size for this site.' ), 'zero_byte_file' => __( 'This file is empty. Please try another.' ), - 'invalid_filetype' => __( 'Sorry, this file type is not permitted for security reasons.' ), + 'invalid_filetype' => __( 'Sorry, you are not allowed to upload this file type.' ), 'not_an_image' => __( 'This file is not an image. Please try another.' ), 'image_memory_exceeded' => __( 'Memory exceeded. Please try another smaller file.' ), 'image_dimensions_exceeded' => __( 'This is larger than the maximum size. Please try another.' ), diff --git a/wp-includes/version.php b/wp-includes/version.php index 990bc379ec..47fba7a37f 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -16,7 +16,7 @@ * * @global string $wp_version */ -$wp_version = '5.9-alpha-52031'; +$wp_version = '5.9-alpha-52032'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.