Commit Graph

22844 Commits

Author SHA1 Message Date
Andrew Nacin
21a1fe8d4b Use wp_safe_remote_request() and friends instead of reject_unsafe_urls = true.
fixes #24646.



git-svn-id: http://core.svn.wordpress.org/trunk@24917 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-31 06:52:13 +00:00
Andrew Nacin
1ec392175c Additional checks when evaluating the safety of an HTTP request, to avoid false negatives.
* Check if the host is considered a safe redirect host.
 * Check if the host is another domain in a multisite installation.
 * Add a filter to control this.

This only occurs when the DNS resolution of a domain points elsewhere in an internal network, but only internally (and has its own public IP outside the network). This could be considered a bad configuration.

fixes #24646.



git-svn-id: http://core.svn.wordpress.org/trunk@24915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-31 06:44:57 +00:00
Andrew Nacin
4833e3096b Copy about.php string to freedoms and credits. Update CSS for 3.6 credits. see #24832.
git-svn-id: http://core.svn.wordpress.org/trunk@24913 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-31 06:04:41 +00:00
Bot (Assets)
3f860c8ec4 Compress scripts/styles: 3.7-alpha-24912.
git-svn-id: http://core.svn.wordpress.org/trunk@24912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-31 04:58:59 +00:00
Andrew Nacin
a0c25d31c9 New build of MediaElement.js SWF. see #24183.
git-svn-id: http://core.svn.wordpress.org/trunk@24910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-31 04:38:34 +00:00
Andrew Nacin
4df303ff76 Heartbeat: Reduce the heartbeat from 120 sec to 100 sec when the window doesn't have the focus, to be shorter than the post lock expiration window.
props azaozz.
fixes #24894.



git-svn-id: http://core.svn.wordpress.org/trunk@24908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-31 03:23:22 +00:00
Mark Jaquith
4e75adda05 Set post locked info height to auto so it doesn't overlap action links.
Fixes #24553 for trunk. Props azaozz.

git-svn-id: http://core.svn.wordpress.org/trunk@24906 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-31 03:10:00 +00:00
Bot (Translations)
7b44ff4dd3 POT, generated from r24904
git-svn-id: http://core.svn.wordpress.org/trunk@24905 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 23:14:01 +00:00
Lance Willett
3f94f093fa Twenty Thirteen: combine two similar Nothing Found strings. Fixes #24891.
git-svn-id: http://core.svn.wordpress.org/trunk@24904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 22:24:53 +00:00
Michael Adams
c30925d20e Improved XML handling for oEmbed.
git-svn-id: http://core.svn.wordpress.org/trunk@24902 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 21:57:27 +00:00
Andrew Nacin
b1bd0841a4 About page: Fix jQuery version # and decouple this from the string, as we had done in WP 3.3. see #24832.
git-svn-id: http://core.svn.wordpress.org/trunk@24900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 20:26:32 +00:00
Andrew Nacin
d02a8008e0 Final final about string fixes. see #24832.
git-svn-id: http://core.svn.wordpress.org/trunk@24898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 19:40:35 +00:00
Andrew Nacin
3fc038fd6f Add missing documentation from [24894]. see #24646.
git-svn-id: http://core.svn.wordpress.org/trunk@24895 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 18:39:57 +00:00
Andrew Nacin
8c7adaa7bd Introduce wp_safe_remote_request(). Also wp_safe_remote_head(), wp_safe_remote_get(), wp_safe_remote_post().
Reverts [24482].

see #24646.



git-svn-id: http://core.svn.wordpress.org/trunk@24894 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 15:37:01 +00:00
Andrew Nacin
64f7fda822 Make remaining about strings translatable. Final tweaks to strings and ordering of "Under the Hood". see #24832.
git-svn-id: http://core.svn.wordpress.org/trunk@24892 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 15:31:18 +00:00
Dion Hulse
94b2ed9164 WP_HTTP: PHPDoc updates for WP_Http::handle_redirects(). Props DrewAPicture. Fixes #16889
git-svn-id: http://core.svn.wordpress.org/trunk@24890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 06:47:03 +00:00
Mark Jaquith
c1b6c70ea6 Improve the 3.6 about page "Under the Hood" copy.
Props markjaquith, aaroncampbell. See #24832 for trunk.

git-svn-id: http://core.svn.wordpress.org/trunk@24888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 06:34:24 +00:00
Andrew Nacin
ae1fe1a0d6 Add missing gettext. This is not a new string; it already exists a few lines up. props alex-ye, fixes #24880.
git-svn-id: http://core.svn.wordpress.org/trunk@24885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 19:48:41 +00:00
Andrew Nacin
3441fa2faf Rename post_lock_text hook to post_locked_dialog, and lock_taken_over_dialog to post_lock_lost_dialog. fixes #24830 for trunk.
git-svn-id: http://core.svn.wordpress.org/trunk@24884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 19:40:13 +00:00
Aaron Campbell
f055ac27d1 Make the show_post_locked_dialog filter hide both the post locked and post taken over dialogs
props azaozz, DH-Shredder. Fixes #24830 for trunk.


git-svn-id: http://core.svn.wordpress.org/trunk@24883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 19:25:26 +00:00
Andrew Nacin
ee1e8501d1 New build of SWFUpload that ignores URL query strings.
git-svn-id: http://core.svn.wordpress.org/trunk@24880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 19:15:00 +00:00
Mark Jaquith
f1b2c07df3 Delete old autosave if new autosave has same content as the post.
Props nacin. Fixes #7392 for trunk.

git-svn-id: http://core.svn.wordpress.org/trunk@24878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 19:06:08 +00:00
Bot (Assets)
2572ccaf00 Compress scripts/styles: 3.7-alpha-24877.
git-svn-id: http://core.svn.wordpress.org/trunk@24877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 18:58:59 +00:00
Jon Cave
5c57c78afa Fix potential SQLi through improper use of API functions.
git-svn-id: http://core.svn.wordpress.org/trunk@24875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 18:16:47 +00:00
Andrew Nacin
f39e2c28ce Reset $wpdb->insert_id on a failed INSERT or REPLACE. See [24459] [24494].
git-svn-id: http://core.svn.wordpress.org/trunk@24872 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 18:14:05 +00:00
Andrew Nacin
7f12e16e47 Limit pingback response size. fixes #4137. for trunk.
git-svn-id: http://core.svn.wordpress.org/trunk@24871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 18:00:06 +00:00
Andrew Nacin
93ca609f53 Unique load array in load-scripts and load-styles.
git-svn-id: http://core.svn.wordpress.org/trunk@24868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 17:57:04 +00:00
Andrew Nacin
e0c4fc0032 Fix pass by reference issue. see #24873.
git-svn-id: http://core.svn.wordpress.org/trunk@24866 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 17:53:24 +00:00
Mark Jaquith
b53325cad3 Revisions: Fix PHP loading of comparison to first revision, and premature rendering of tooltip.
Props aaroncampbell, markjaquith. Fixes #24873 for trunk.

git-svn-id: http://core.svn.wordpress.org/trunk@24864 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 17:26:03 +00:00
Andrew Nacin
a1c4a3fb76 Update MediaElement.js SWF file from upstream. Fixes issues with controls. fixes #24183.
git-svn-id: http://core.svn.wordpress.org/trunk@24861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 09:16:02 +00:00
Andrew Nacin
c8450ceff1 Change 'Change two revisions' to 'Compare any two revisions' for clarity. props siobhan. see #24804.
git-svn-id: http://core.svn.wordpress.org/trunk@24859 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 06:56:49 +00:00
Andrew Nacin
70109f6202 Update HTML classes in the audio and video shortcodes. props rfair404. fixes #24820.
git-svn-id: http://core.svn.wordpress.org/trunk@24857 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 06:51:46 +00:00
Andrew Nacin
e91002f4fb Remove unnecessary cap checks from [24854]. You need these capabilities (or equivalent) to access the screens for these feature pointers. see #24832.
git-svn-id: http://core.svn.wordpress.org/trunk@24855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 06:43:30 +00:00
Mark Jaquith
8abd5bb815 Tooltips for 3.6 features: Revisions, Post Locking.
Props siobhan. See #24832 for trunk.

git-svn-id: http://core.svn.wordpress.org/trunk@24853 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 06:17:01 +00:00
Bot (Assets)
8637a08836 Compress scripts/styles: 3.7-alpha-24851.
git-svn-id: http://core.svn.wordpress.org/trunk@24851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 04:58:59 +00:00
Andrew Nacin
34ce599935 Don't override an existing WP_Error object in wp_authenticate_username_password().
props willnorris.
fixes #19714.



git-svn-id: http://core.svn.wordpress.org/trunk@24850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 03:43:22 +00:00
Andrew Nacin
23bc457498 Avoid racing TinyMCE, which avoids the creation of unnecessary autosaves. props azaozz. see #7392.
git-svn-id: http://core.svn.wordpress.org/trunk@24849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 03:37:14 +00:00
Andrew Nacin
5c20d1eca1 Remove "special" multisite spam check in the authentication API.
The spamming of a site no longer directly affects a user of said site.

Moves the spam check to the wp_authenticate filter. Networks in need
of enhanced spam-fighting should leverage this same technique.

Allow is_user_spammy() to accept a WP_User object.

props willnorris, brianhogg.
fixes #24771. see #19714.



git-svn-id: http://core.svn.wordpress.org/trunk@24848 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 03:23:51 +00:00
Bot (Assets)
cc4cedcf59 Compress scripts/styles: 3.7-alpha-24847.
git-svn-id: http://core.svn.wordpress.org/trunk@24847 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 02:58:58 +00:00
Dion Hulse
ac424c08ca WP_HTTP: When multiple location headers are specified, use the last specified location url as the redirect location. Fixes #16890
git-svn-id: http://core.svn.wordpress.org/trunk@24846 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 02:11:46 +00:00
Dion Hulse
d6656cc1f1 WP_HTTP: Fsockopen: Respect a specified Host header in the Fsockopen WP_HTTP transport. Fixes #24182
git-svn-id: http://core.svn.wordpress.org/trunk@24845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 01:47:01 +00:00
Andrew Nacin
edc0882d2f If wp-login.php is accessed over HTTPS, get_home_url() should not return HTTPS. This is the same assumption we use in the admin.
props willnorris.
fixes #16822.



git-svn-id: http://core.svn.wordpress.org/trunk@24844 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 01:21:27 +00:00
Dion Hulse
c61a2dac03 WP_HTTP: Abstract out the Redirection handling code into it's own method and fix a bunch of redirection edgecases at the same time.
Fixes #17588
Fixes 16889
Props wonderboymusic and kovshenin for initial patches


git-svn-id: http://core.svn.wordpress.org/trunk@24843 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 01:19:54 +00:00
Helen Hou-Sandí
d8f819fdda Set the default internal search value for the link dialog to be the text that is highlighted in the editor. props greuben. fixes #16276.
git-svn-id: http://core.svn.wordpress.org/trunk@24841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 01:01:33 +00:00
Mark Jaquith
1f312bc6ef Fix wrong use of esc_html_e().
Props ocean90. Fixes #24854 for trunk.

git-svn-id: http://core.svn.wordpress.org/trunk@24840 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 01:00:59 +00:00
Bot (Assets)
1469cb17dd Compress scripts/styles: 3.7-alpha-24839.
git-svn-id: http://core.svn.wordpress.org/trunk@24839 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 00:58:57 +00:00
Mark Jaquith
0a2ca92b33 Fix a variable typo in get_post_gallery_images().
props rodrigosprimo. Fixes #24202 for trunk.

git-svn-id: http://core.svn.wordpress.org/trunk@24837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 00:52:31 +00:00
Mark Jaquith
ab09a13efa Rename the new 'left'/'right' flags on the _wp_post_revision_field_$field filter to 'from'/'to'.
Fixes #24848 for trunk.

git-svn-id: http://core.svn.wordpress.org/trunk@24835 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-28 23:28:21 +00:00
Helen Hou-Sandí
8d40c02ac4 More betterer theme screenshot scaling when the admin menu is folded. props andrewspittle. fixes #22794.
git-svn-id: http://core.svn.wordpress.org/trunk@24834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-28 23:24:17 +00:00
Andrew Nacin
ac1f98d4ce Add description argument to register_taxonomy().
props aaronholbrook.
fixes #24808.



git-svn-id: http://core.svn.wordpress.org/trunk@24833 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-28 23:01:56 +00:00