Previously, only `a` and `br` tags were allowed in the `value` table cell for each field included in the HTML file generated when a user is exporting their personal data. Instead of relying on a hardcoded list of allowed tags, the `wp_kses()` call in `wp_privacy_generate_personal_data_export_group_html()` will now fallback to the default list of allowed tags (which includes `i`, `strong`, `em`, and other basic HTML formatting tags).
Also, a new context of `personal_data_export` will now be passed to the `wp_kses()` call. As a result, the list of HTML tags and attributes allowed in the export file can now be filtered using the `wp_kses_allowed_html` filter and checking for the `personal_data_export` context.
Fixes#44044.
Props tz-media, desrosj, pento, birgire, garrett-eclipse.
Built from https://develop.svn.wordpress.org/trunk@44824
git-svn-id: http://core.svn.wordpress.org/trunk@44656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [34891], `WP_Screen` was updated with methods to store, retrieve, and render screen reader text used by screens with `WP_List_Table` instances. When the export/erase personal data list tables were introduced in [42967], these headings were missing.
Fixes#46041.
Props afercia, xkon, garrett-eclipse, desrosj.
Built from https://develop.svn.wordpress.org/trunk@44821
git-svn-id: http://core.svn.wordpress.org/trunk@44653 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Currently, if a parent block has a custom background color assigned, its child blocks will inherit the parent's text colors — even if the child block has its own custom text color assigned to it.
This update changes the following:
- Adjusts Twenty Nineteen's custom background color defaults to target direct children only which fixes the issue
Props kjellr.
See #46432.
Built from https://develop.svn.wordpress.org/trunk@44818
git-svn-id: http://core.svn.wordpress.org/trunk@44650 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `change` event was previously required to ensure that the Customizer picked detected changes to the widget’s content and synced them to the preview. In the current state, though, the `trigger( ‘change’ )` is no longer required and is causing issues with the widget’s “Done” and “Save” buttons.
Fixes#45335.
Props audrasjb, afercia, westonruter.
Built from https://develop.svn.wordpress.org/trunk@44816
git-svn-id: http://core.svn.wordpress.org/trunk@44648 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A direct URL to where a user can update PHP for their website can now be specified in one of two ways:
- Defining the `WP_DIRECT_UPDATE_PHP_URL` environment variable.
- Returning a URL to the `wp_direct_php_update_url` filter.
When a URL is specified, an additional “Update PHP” button will be displayed at the bottom of the Core dashboard widget informing administrators that their site is running an outdated version of PHP (see [42832]).
Fixes#46074.
Props afragen, desrosj, lukecarbis.
Built from https://develop.svn.wordpress.org/trunk@44814
git-svn-id: http://core.svn.wordpress.org/trunk@44646 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Restores `public`, `archived`, `mature`, `spam`, `deleted`, `lang_id`, and `WPLANG` to the `$meta` data passed to `wpmu_new_blog`. This hook was deprecated in 5.1.0, but code using it still relies on this data.
Props david.binda, pbiron.
Fixes#46351.
Built from https://develop.svn.wordpress.org/trunk@44805
git-svn-id: http://core.svn.wordpress.org/trunk@44637 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`<button>` elements are natively interactive, supported by any assistive technology, and must be used instead of non-semantic, non-accessible `<div>` elements.
Also, this change aligns the Media Widgets and the Customizer site icon and site logo controls with the design pattern used in the new Block Editor for similar controls.
Props ramonopoly, welcher, afercia.
Fixes#43151.
Built from https://develop.svn.wordpress.org/trunk@44796
git-svn-id: http://core.svn.wordpress.org/trunk@44628 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Allows for themes or plugins setting the comment-reply JavaScript as a dependency of an HTML header script. This in turn causes `comment-reply.js` to be loaded early, requiring execution to be delayed.
Props pento, peterwilsoncc, jorbin for feedback.
Fixes#46280.
Built from https://develop.svn.wordpress.org/trunk@44794
git-svn-id: http://core.svn.wordpress.org/trunk@44626 1a063a9b-81f0-0310-95a4-ce76da25c4cd
CSS generated content is rendered for speech output. When it's not meant to be announced by assistive technologies, for example with font icons, special care should be used to hide it. At the moment, the only reliable way to do this is making use of a wrapper element and set `aria-hidden="true"` on it.
Fixes#37513.
Built from https://develop.svn.wordpress.org/trunk@44793
git-svn-id: http://core.svn.wordpress.org/trunk@44625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `test_detects_cannot_create_index()` and `tests_detects_cannot_write_html()` test methods are prone to failure under certain configurations, as discovered by the hosts reporting back the test suite results. This removes those two methods until a better approach to testing those scenarios can be created.
Partial revert of [44786].
See #44233.
Built from https://develop.svn.wordpress.org/trunk@44792
git-svn-id: http://core.svn.wordpress.org/trunk@44624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A PHPUnit configuration file with more than one `<php>` tag causes a validation error in PHPUnit versions 7.x. There are currently 2 in the `tests/phpunit/multisite.xml` file, which appears to be accidentally introduced in [29954].
Fixes#46414.
Built from https://develop.svn.wordpress.org/trunk@44790
git-svn-id: http://core.svn.wordpress.org/trunk@44622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The filter is only run if the wordpress.org API considers the PHP version acceptable. This ensures that other plugins or hosting providers can only make this check stricter, but not loosen it.
Props j-falk, mikeschroder.
Fixes#46065.
Built from https://develop.svn.wordpress.org/trunk@44788
git-svn-id: http://core.svn.wordpress.org/trunk@44620 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In 4.9.6, several new privacy related features were introduced. Admin pointers were included to make administrators aware of these features. They have served their purpose and can now go silently into the night.
Props garrett-eclipse, desrosj, xkon.
Fixes#45999.
Built from https://develop.svn.wordpress.org/trunk@44787
git-svn-id: http://core.svn.wordpress.org/trunk@44619 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Similar to `editor-color-palette`, a theme or plugin should be able to set the theme support for `editor-font-sizes` to an empty array, indicating that no additional font sizes should be available in the block’s ‘Text Settings’. The current conditional was using `empty()`, which was incorrectly causing the default font sizes to be used instead.
Props jorgefilipecosta, chrisvanpatten, SergeyBiryukov.
Fixes#46290.
Built from https://develop.svn.wordpress.org/trunk@44782
git-svn-id: http://core.svn.wordpress.org/trunk@44614 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In an authoring context, the image `alt` attribute purpose is different from the one for the front end. For example, screen reader users need to know what the selected image is, even when the original `alt` value is empty.
This change introduces a new pattern for the `alt` text in an authoring context:
- uses the `alt` text if not empty
- when there's no `alt` text, informs users the image has no alternative text and provides a reference to the image filename
Also, makes the gallery media widget preview an unordered list to make screen readers announce the number of images automatically.
Fixes#43137.
Built from https://develop.svn.wordpress.org/trunk@44767
git-svn-id: http://core.svn.wordpress.org/trunk@44599 1a063a9b-81f0-0310-95a4-ce76da25c4cd
With the exception of the "Edit" link, the "row actions" controls in the Comments table behave differently depending if JavaScript support is on or off.
When JavaScript support is off, they behave like links. When JavaScript support is on, they behave like buttons and they need to be buttons or have an ARIA `role="button"` added via JavaScript.
Lastly, the buttons in the Reply/Quick Edit form and the "Add Comment" in the edit post page meta box need to be buttons.
Fixes#43412.
Built from https://develop.svn.wordpress.org/trunk@44759
git-svn-id: http://core.svn.wordpress.org/trunk@44591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The custom date/time format previews in General Settings were updated only when blurring the related input fields. With this change, they're now updated when users finish typing a custom format, properly debouncing the `input` event callback.
Props dilipbheda, Girishpanchal.
Fixes#43364.
Built from https://develop.svn.wordpress.org/trunk@44758
git-svn-id: http://core.svn.wordpress.org/trunk@44590 1a063a9b-81f0-0310-95a4-ce76da25c4cd