- The login page has "X-Frame-Options: DENY" header.
- Cross-domain when displaying on the front-end on multisite with domain mapping.
- The site forces ssl login but not ssl admin.
Add onbeforeunload prompt to counter (frame-busting) JS redirects. Move the JS and CSS into separate files. See #23295.
git-svn-id: http://core.svn.wordpress.org/trunk@23805 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Refines the UI to make it clearer and easier to use
* Introduces weighted tickmarks
* Fixes comparison bugs.
See #23497 props adamsilverstein
git-svn-id: http://core.svn.wordpress.org/trunk@23769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* When overriding `Backbone.sync()`, ensure the `sync` and `error` events fire consistently.
* `Model#make()` has been removed. Use `$` instead, and be sure to grab the DOM node where necessary (using `[0]`).
* `Collection#get()` now accepts `cid`s. `Collection#getByCid()` has been removed.
* When overriding the `State` constructor, bind `change` callbacks after the default `Model` constructor is called, because the `Model` constructor no longer passes the `silent` flag when calling `set()` for the default attributes.
* In 'change' events, `options.changes` was removed. It can now be accessed through `model.changed`. Check if any attributes have changed by calling `model.hasChanged()`. Also, don't mess with `model.changed`; it persists beyond the scope of a single event.
* `options.index` is no longer be set in the `add` event callback. Use `collection.indexOf(model)` can be used to retrieve the index of a model instead.
props gcorne. fixes#23262.
git-svn-id: http://core.svn.wordpress.org/trunk@23589 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Merge styles into wp-admin.css and colors-*.css.
* Scope the CSS with a class so as not to conflict with the color picker, which also utilizes jQuery UI slider. Authors wanting to use built-in styling for sliders should add a class of `.wp-slider` to the container to be intialized.
props karmatosed, helen. see #23497.
git-svn-id: http://core.svn.wordpress.org/trunk@23581 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This implements a new revisions ui using Backbone and preserves all the old methods of "integration" so the change should be transparent to plugins using revisi
ons with CPTs.
This is the first pass and so there are a number of things still to be resolved, more details in the ticket. Feedback welcomed.
git-svn-id: http://core.svn.wordpress.org/trunk@23506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Adds a very basic tabbed interface for selecting a post format (requires JS).
* Extra fields, which are post meta, are shown/hidden based on the selected format.
* Introduce a helper function for retrieving formats-specific metadata: `get_post_format_meta()`.
* Image selection uses the media modal, although without filtering or from URL support at the moment.
props rachelbaker, wonderboymusic, aaroncampbell, helen. see #19570.
git-svn-id: http://core.svn.wordpress.org/trunk@23449 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Remains uncompressed for now, until we work out all 1.9.x issues.
Fixes custom fields.
props ocean90, wonderboymusic. see #22975.
git-svn-id: http://core.svn.wordpress.org/trunk@23421 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Temporarily includes jQuery in original, unminified form, for ease of testing and bug reporting.
jQuery 1.9 introduces a "migrate" script for deprecated and removed behavior. Warnings are issued for methods we should not be using, and should be fixed in core. These warnings are sent to the JavaScript console and are collected in `jQuery.migrateWarnings`.
See http://blog.jquery.com/2012/12/17/jquery-1-9-beta-1-released/ for more.
props ocean90, see #22975.
git-svn-id: http://core.svn.wordpress.org/trunk@23180 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Make it a dependency of media-views (and therefore media-editor). Move its userSettings JS object from admin-header to being paired with the script in script loader.
see #22730.
git-svn-id: http://core.svn.wordpress.org/trunk@23036 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Reactivates the `wpgallery` and `wpeditimage` TinyMCE plugins. Deactivates the `wpviews` TinyMCE plugin.
* Moves still-relevant logic from `mce-views.js` to `media-upload.js` and `shortcode.js`.
* No longer include `wp-includes/js/mce-views.js`. This code will not be used in 3.5, and should be considered unstable.
* Currently, this is the real 3.4 experience; as such, editing triggers the old modals. Changing this is the next major step.
When reassessing views, we should look over all of these tickets and anticipate these bugs accordingly.
fixes#21813, #22123, #22155, #22161, #22257, #22266, #22318, #22407, see #21390.
git-svn-id: http://core.svn.wordpress.org/trunk@22567 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`media.view.MediaFrame.Select` is a frame class with a handful of sensible defaults to handle selecting and uploading items in the media library.
see #21390.
git-svn-id: http://core.svn.wordpress.org/trunk@22494 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp.media.model.Query.more()`
* If a request has already been sent out for more attachments, return that request object instead of creating another.
`wp.media.controller.Region`
* A region allows views to be swapped in and out of a section of the page without either view having to know about the other.
* Application components can use the same callbacks and resources by leveraging `Region.mode()`, which triggers a set of callbacks to create or transform the current view, but only if necessary.
`wp.media.view.Frame`
* Leverage `Region` controllers instead of forcing states to swap view objects, which causes states to fit more comfortably in the controller-camp.
* Add `previous()`, a method to fetch the previous state `id`.
* Separate out the default settings over several objects (so blank frames can be instantiated).
`wp.media.view.MediaFrame`
* The base `Frame` used for media management: handles integration with the `Modal` and `UploaderWindow` views.
`wp.media.view.MediaFrame.Post`
* Includes all default media states and callbacks necessary for inserting media into a post.
see #21390.
git-svn-id: http://core.svn.wordpress.org/trunk@22437 1a063a9b-81f0-0310-95a4-ce76da25c4cd