Commit Graph

123 Commits

Author SHA1 Message Date
ryan
b58636e914 Send X-Frame-Options: SAMEORIGIN for admin and login pages. see #12293
git-svn-id: http://svn.automattic.com/wordpress/trunk@17826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-05-06 21:28:53 +00:00
azaozz
1ffb2468a5 HTML mode for Distraction Free Writing, props koopersmith, see #17136
git-svn-id: http://svn.automattic.com/wordpress/trunk@17785 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-05-02 08:10:23 +00:00
azaozz
258a8f6844 Distraction Free Writing mode, see #17136
git-svn-id: http://svn.automattic.com/wordpress/trunk@17695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-25 01:01:34 +00:00
westi
9c0a5cd498 Don't do SSL discovery for every RSD request. APP endpoint already respects the SSLness of the site. Fixes #15960.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17642 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-17 07:48:34 +00:00
markjaquith
6e1fc710d9 Do not attach wp_enqueue_scripts to login_head. New login_enqueue_scripts hook. props nacin. fixes #16586 for trunk
git-svn-id: http://svn.automattic.com/wordpress/trunk@17465 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-02-18 05:10:58 +00:00
nacin
20c5d823bc Use wp_kses_post instead of wp_kses_data for a better balance between security and flexibility. fixes #16489 for trunk.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-02-08 20:17:09 +00:00
ryan
80f47f270b Run sanitize_key() on post_status, comment_status, and ping_status on the way into the DB. Props duck_. For trunk
git-svn-id: http://svn.automattic.com/wordpress/trunk@17404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-02-06 18:37:20 +00:00
nacin
ea7ca70470 Defense in depth for comment text.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-31 16:30:38 +00:00
westi
afc867fe64 Remove the ghetto code and use the script loader properly on the login page.
Ensure that we actually have convertEntities available on the login page.
Introduce a login_footer action.
Hook in the script loader to the login_header and login_footer actions.
See #5919, #15124.

git-svn-id: http://svn.automattic.com/wordpress/trunk@16000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-27 06:57:10 +00:00
nacin
0373c403aa Remove redundant filter. props coffee2code. fixes #14285.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-26 03:34:28 +00:00
markjaquith
f67cae286d Push capital P filter back behind the wpautop one to catch Wordpress after opening HTML tag
git-svn-id: http://svn.automattic.com/wordpress/trunk@15877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-20 22:44:15 +00:00
ryan
0a01e66745 Prevent post and term hierarchy loops. Props mdawaffe. fixes #14662
git-svn-id: http://svn.automattic.com/wordpress/trunk@15806 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-14 15:09:04 +00:00
ryan
7119110439 Unset global variables when they are no longer needed.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15747 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-07 20:12:49 +00:00
ryan
051b9c2f3b Do not run kses on display filters for front page views. see #14758
git-svn-id: http://svn.automattic.com/wordpress/trunk@15559 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-09-02 15:06:07 +00:00
markjaquith
57deb5ec03 More judicious Wordpress-to-WordPress correction, to avoid bungling reasonable URLs. fixes #13971
git-svn-id: http://svn.automattic.com/wordpress/trunk@15377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-07-08 19:35:29 +00:00
nacin
48bc4e220c Revert [15219], [15250], some of [15249] for 3.0, revisit in 3.0.1. see #13822.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15254 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-06-14 19:52:30 +00:00
nacin
40e4de4ba8 Treat trash/untrash of posts associated with media items the same as other stati changes. props koopersmith, see #13822.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15249 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-06-14 08:33:48 +00:00
wpmuguru
9eaf91db65 hide unpublished items on frontend nav menus, props filosofo, fixes #13822
git-svn-id: http://svn.automattic.com/wordpress/trunk@15219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-06-11 15:34:32 +00:00
nacin
332bac61a1 Cleanups.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15078 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-31 16:11:20 +00:00
nacin
c3cf7e4ee0 Forever eliminate 'Wordpress' from the planet (or at least the little bit we can influence). props matt.
git-svn-id: http://svn.automattic.com/wordpress/trunk@14996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-27 16:11:27 +00:00
nacin
35a9bc1670 Properly format menu item title attributes and descriptions. props ryan, fixes #12864.
git-svn-id: http://svn.automattic.com/wordpress/trunk@14826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-23 22:56:51 +00:00
dd32
378f68a0a0 Introduce a 'post_updated' action, Fires when a post is updated, Post ID, Current and Previous post objects are passed. Updatewp_check_for_changed_slugs() to use new hook. See #12473
git-svn-id: http://svn.automattic.com/wordpress/trunk@14814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-23 07:49:21 +00:00
nacin
d1a37c1f31 When posts/terms are deleted/trashed, update associated menu items. Deleted post = deleted menu item, trashed post = menu item becomes a draft. props filosofo, see #13174
git-svn-id: http://svn.automattic.com/wordpress/trunk@14295 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-29 07:33:56 +00:00
nacin
8c9f71bb57 More nav menu fixes. props filosofo. see #13148. fixes #13155, fixes #13157, fixes #13138, see #13134.
git-svn-id: http://svn.automattic.com/wordpress/trunk@14283 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-28 18:30:32 +00:00
dd32
0b4ebffe70 Handle future-scheduled custom post_type's. Props waltervos. Fixes #12842
git-svn-id: http://svn.automattic.com/wordpress/trunk@14056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-10 12:17:19 +00:00
ryan
a7f987c35a Trigger adjacent_posts_rel_link() from wp_head only for single post pages to avoid unnecessary queries. see #10867
git-svn-id: http://svn.automattic.com/wordpress/trunk@14019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-06 15:06:42 +00:00
ryan
e25a65b36a Trim trailing whitespace
git-svn-id: http://svn.automattic.com/wordpress/trunk@13733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-17 16:27:25 +00:00
ryan
d0ccd6b2ee Move wp_shortlink_header to template_redirect. Props miqrogroove. see #10640
git-svn-id: http://svn.automattic.com/wordpress/trunk@13652 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-10 21:19:54 +00:00
ryan
fcbca58853 wp_get_shortlink() and pluggable shortlink generation. fixes #10640
git-svn-id: http://svn.automattic.com/wordpress/trunk@13635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-09 19:36:38 +00:00
dd32
b1621c63ae Move Admin Colour Scheme picker to a hook. Props Jick. s/register_admin_color_themes()/register_admin_color_schemes/g. See #11625, Fixes #6837
git-svn-id: http://svn.automattic.com/wordpress/trunk@13487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-28 06:34:31 +00:00
nacin
9ee57d58a4 Standardize filters for single_(post|cat|tag|month)_title() on strip_tags() and wptexturize(). fixes #10900 props scribu
git-svn-id: http://svn.automattic.com/wordpress/trunk@13467 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-27 18:57:04 +00:00
dd32
9d54f38d89 Restore backwards compatibility in automatic_feed_links() to deregister the extra feeds. Props Viper007Bond. See #12364
git-svn-id: http://svn.automattic.com/wordpress/trunk@13399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-25 11:09:34 +00:00
dd32
f51247ef50 Deprecate automatic_feed_links() in favor of add_theme_support('automatic-feed-links'). Props Viper007Bond. Fixes #12364
git-svn-id: http://svn.automattic.com/wordpress/trunk@13398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-25 08:56:19 +00:00
westi
d8490aeea2 Add the generator element in feeds through the {rss2|atom|rdf|rss|opml}_head hooks. Fixes #6947 props sivel.
git-svn-id: http://svn.automattic.com/wordpress/trunk@13113 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-13 16:45:16 +00:00
dd32
16a769cde9 Move admin CSS colour themes to the admin_init hook. Fixes #11625
git-svn-id: http://svn.automattic.com/wordpress/trunk@12982 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-06 05:15:26 +00:00
markjaquith
bf264bb66d Post/Page Image was too generic a name. Post/Page Thumbnail is more clear, even if you can create very large thumbnail images if you so choose.
git-svn-id: http://svn.automattic.com/wordpress/trunk@12351 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-10 06:14:36 +00:00
azaozz
31bc813a6d Separate the removal of <p> wrapping from shortcodes into another function and apply it with different filter, props miqrogroove, props mdawaffe, see #11257, see #11249
git-svn-id: http://svn.automattic.com/wordpress/trunk@12302 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-01 07:46:36 +00:00
ryan
6ecb855d33 Switch to wp_kses_data() for displayed filtering to avoid slashing. fixes #10949
git-svn-id: http://svn.automattic.com/wordpress/trunk@12126 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-10-29 17:32:23 +00:00
ryan
4ec1d4bc32 Introduce wp_kses_post() and wp_kses_data() for filtering unescaped data. Fixes slashing of displayed fields. fixes #10949
git-svn-id: http://svn.automattic.com/wordpress/trunk@12125 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-10-29 17:15:58 +00:00
ryan
31f5798fbb Schedule trash collection from admin page loads. see #4529
git-svn-id: http://svn.automattic.com/wordpress/trunk@12120 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-10-27 18:13:42 +00:00
markjaquith
83c2393f43 Director of Whitespace rules default-filters.php with an iron fist
git-svn-id: http://svn.automattic.com/wordpress/trunk@12041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-10-15 17:27:45 +00:00
markjaquith
1310ecbd1c Add wp-post-image CSS class to post images. see #10928
git-svn-id: http://svn.automattic.com/wordpress/trunk@12039 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-10-15 14:27:04 +00:00
ryan
410fcc2e42 Embeds. Props Viper007Bond. see #10337
git-svn-id: http://svn.automattic.com/wordpress/trunk@12023 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-10-13 17:04:22 +00:00
ryan
aa1e377ede Filter fields through kses upon display. Introduce sanitize_user_object() and sanitize_user_field(). see #10751
git-svn-id: http://svn.automattic.com/wordpress/trunk@11929 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-14 13:57:48 +00:00
ryan
04d3d11213 rel=canonical for singular pages. see #10115
git-svn-id: http://svn.automattic.com/wordpress/trunk@11777 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-05 16:43:51 +00:00
ryan
f7e02a7c22 Pings to the people. Return to pinging for updates to published posts. see #6698
git-svn-id: http://svn.automattic.com/wordpress/trunk@11734 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-07-21 23:09:47 +00:00
ryan
b827e3518c Use _wp_specialchars to get NOQUOTES. see #9934
git-svn-id: http://svn.automattic.com/wordpress/trunk@11488 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-29 19:54:13 +00:00
ryan
01635abdb9 Don't use esc_html() for DB bound data. see #9934
git-svn-id: http://svn.automattic.com/wordpress/trunk@11460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-26 05:05:46 +00:00
ryan
05d4c954ac Throttle generic pings to no more than once per hour. Props Denis-de-Bernardy. fixes #6698
git-svn-id: http://svn.automattic.com/wordpress/trunk@11410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-20 17:03:19 +00:00
markjaquith
3ebf837ced Deprecate sanitize_url() and clean_url() in favor of esc_url_raw() and esc_url()
git-svn-id: http://svn.automattic.com/wordpress/trunk@11383 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-18 16:00:33 +00:00