Commit Graph

82 Commits

Author SHA1 Message Date
Pascal Birchler
81a8f1cffe Embeds: Maintain switched state when embedding a post on Multisite.
Props bor0.
Fixes #40673.

Built from https://develop.svn.wordpress.org/trunk@41606


git-svn-id: http://core.svn.wordpress.org/trunk@41441 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 08:36:48 +00:00
Pascal Birchler
742fc18cca Embeds: Improve performance when embedding a post on Multisite.
After [37798], this fixes embeds coming from a different site in the network.

Props imath.
Fixes #40673. See #36767. 

Built from https://develop.svn.wordpress.org/trunk@41600


git-svn-id: http://core.svn.wordpress.org/trunk@41435 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-26 08:40:47 +00:00
Aaron Campbell
1115a36cda oEmbed: Add extra hardening around allowed HTML for improved sandboxing.
Built from https://develop.svn.wordpress.org/trunk@41448


git-svn-id: http://core.svn.wordpress.org/trunk@41281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 13:43:05 +00:00
Aaron Jorbin
50cb2c5e28 Update autoprefixer browser support matrix
WordPress no longer supports many old old browsers: https://make.wordpress.org/core/2017/04/23/target-browser-coverage/

This also removes alot of no longer necessary CSS. It served us well, but we are never getting back together with IE8,9,10.

So, in the (paraphrased) words of Taylor Swift:

I remember when we dropped support  the first time
Saying, "This is it, I've had enough, " 'cause like
We hadn't seen many users in a month
When you said you needed flexbox. (What?)
Then you postMessage again and say
"IE8, I miss you and I swear I'm gonna change, trust me."
Remember how that lasted for a day?
I say, "I hate the box model, " we break up, you call me, "I love css-grids."
Ooh, we called it off again last night
But ooh, this time I'm telling you, I'm telling you

We are never ever ever supporting IE 8,9,10,
We are never ever ever supporting IE 8,9,10,
You go talk to EDGE, talk to my FIREFOX, talk to CHROME
But we are never ever ever ever getting back together
Like, ever...

Fixes #37651.
Props stunnedbeast, netweb, jorbin.



Built from https://develop.svn.wordpress.org/trunk@41062


git-svn-id: http://core.svn.wordpress.org/trunk@40912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-16 01:15:46 +00:00
Drew Jaynes
30719312fb Docs: Add a clarification to the description about what the $output parameter in the embed_html filter doc represents.
Props musus.
Fixes #37752.

Built from https://develop.svn.wordpress.org/trunk@40945


git-svn-id: http://core.svn.wordpress.org/trunk@40795 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-06-25 21:46:39 +00:00
Dominik Schilling
419c8d97ce Embeds: URL encode YouTube video IDs for broader compatibility.
Built from https://develop.svn.wordpress.org/trunk@40160


git-svn-id: http://core.svn.wordpress.org/trunk@40099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-06 11:42:40 +00:00
Pascal Birchler
98e8bf7ba2 Embeds: Correctly remove security attribute from iframes in IE 10 and IE 11.
This was originally added in 4.4, but presumably broke with [35708], which prevented these browsers from actually reaching the relevant code section.
Let's make embeds work again in IE 10 and IE 11.

Fixes #38694.
Built from https://develop.svn.wordpress.org/trunk@39347


git-svn-id: http://core.svn.wordpress.org/trunk@39287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-23 13:38:33 +00:00
Aaron Jorbin
32be6f7bb7 Bump grunt-contrib-uglify from 1.0.1 to 2.0.0
Sets `screwIE8` to false as it is now enabled by default

Files Changed:
build/wp-admin/js/customize-nav-menus.min.js
build/wp-admin/js/customize-widgets.min.js
build/wp-includes/js/customize-loader.min.js

Changelog:
2016-07-19   v2.0.0   Update uglify-js to v2.7.0. screwIE8 is enabled by default.
2016-07-19   v1.0.2   Update grunt to ^1.0.0. Fix beautify when passed as an object. Fix docs about report values.

See #38199.


Built from https://develop.svn.wordpress.org/trunk@39117


git-svn-id: http://core.svn.wordpress.org/trunk@39059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 05:40:34 +00:00
Scott Taylor
ff59281441 OEmbed: move _wp_oembed_get_object() to embed.php, where all of the other embed functions live. WP_oEmbed is then in a file by itself. Load class-oembed.php in wp-settings.php and remove extraneous include calls.
See #37827.

Built from https://develop.svn.wordpress.org/trunk@38361


git-svn-id: http://core.svn.wordpress.org/trunk@38302 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-26 09:49:28 +00:00
Sergey Biryukov
c86199ddb2 Embeds: In get_oembed_endpoint_url(), avoid inadvertent stomping of the $format parameter passed to oembed_endpoint_url filter.
Props danhgilmore.
Fixes #37751.
Built from https://develop.svn.wordpress.org/trunk@38321


git-svn-id: http://core.svn.wordpress.org/trunk@38262 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-23 00:05:30 +00:00
Dominik Schilling
51579c49a8 Embeds: After [37745], check if a featured image exists before attaching an event listener.
Props swissspidy.
Fixes #35657.
Built from https://develop.svn.wordpress.org/trunk@37977


git-svn-id: http://core.svn.wordpress.org/trunk@37918 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-05 16:16:57 +00:00
Pascal Birchler
e176835791 Embeds: Improve height calculation for slow loading images.
When the featured image takes longer to load, the browser might not know its exact dimensions yet and therefore sends an incorrect document height to the embedding site.

By sending the document's height again after the featured image has been loaded, we ensure that the iframe doesn't get cut off.

Fixes #35657.
Built from https://develop.svn.wordpress.org/trunk@37745


git-svn-id: http://core.svn.wordpress.org/trunk@37710 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-18 10:00:29 +00:00
Pascal Birchler
ae56f468e3 Embeds: Remove support for Google Video.
While the service has been retired for years, it now has completely stopped working. Thus there is no reason to keep it.

Props Viper007Bond.
Fixes #36304.
Built from https://develop.svn.wordpress.org/trunk@37744


git-svn-id: http://core.svn.wordpress.org/trunk@37709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-18 09:47:29 +00:00
Helen Hou-Sandí
8776694a33 Use numeric font weights instead of keywords.
When Open Sans was in use, the `300`, `400`, and `600` weights were loaded. `400` is the equivalent of `normal`; however, `bold` is equivalent to `700`, not `600`. With the move to system fonts, we need to be specific rather than relying on the lack of a `700` weight. Not all system fonts include a `600` weight; in those instances, they will use the `bold`/`700` weight.

The WordPress CSS Coding Standards have been updated accordingly.

props coderste.
see #36753.

Built from https://develop.svn.wordpress.org/trunk@37740


git-svn-id: http://core.svn.wordpress.org/trunk@37705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-17 18:37:28 +00:00
Pascal Birchler
bf3fdc35b3 Embeds: Enforce a valid post ID when embedding a post from the current site.
Otherwise `wp_filter_pre_oembed_result()` could erroneously return the HTML of the current post instead of the intended result.

Props kraftbj.
See #36767.
Built from https://develop.svn.wordpress.org/trunk@37729


git-svn-id: http://core.svn.wordpress.org/trunk@37695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-16 17:18:28 +00:00
Pascal Birchler
629b43769b Embeds: Improve performance when embedding a post from the current site.
When the post being embedded is from the same site, there's no reason to do an HTTP request for it. The data can be fetched directly using `get_oembed_response_data()`.

Fixes #36767 for trunk.
Built from https://develop.svn.wordpress.org/trunk@37708


git-svn-id: http://core.svn.wordpress.org/trunk@37674 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-15 11:23:28 +00:00
Gary Pendergast
733ccfe08a Embeds: Ensure embed widths are integers.
This prevents a warning in PHP trunk when a non-integer width is passed.

See #36435.


Built from https://develop.svn.wordpress.org/trunk@37549


git-svn-id: http://core.svn.wordpress.org/trunk@37517 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-24 06:15:28 +00:00
Drew Jaynes
d28f1a08ef Docs: Apply inline @see tags to hooks referenced in DocBlocks in a variety of wp-includes/* files.
Applying these specially-crafted `@see` tags allows the Code Reference parser to recognize and link these elements as actions and filters.

See #36921.

Built from https://develop.svn.wordpress.org/trunk@37543


git-svn-id: http://core.svn.wordpress.org/trunk@37511 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 19:01:27 +00:00
Drew Jaynes
abbd18dbb7 Docs: Standardize filter docs in wp-includes/embed.php to use third-person singular verbs per the inline documentation standards for PHP.
See #36913.

Built from https://develop.svn.wordpress.org/trunk@37513


git-svn-id: http://core.svn.wordpress.org/trunk@37481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:42:27 +00:00
Helen Hou-Sandí
848501711a System font: The stack does not work with the font shorthand property.
see #36753.

Built from https://develop.svn.wordpress.org/trunk@37442


git-svn-id: http://core.svn.wordpress.org/trunk@37410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-17 01:45:27 +00:00
Helen Hou-Sandí
a800cf654b Drop Open Sans in the admin in favor of system fonts.
Rejoice, for your admins will feel more native to your surrounding computing environment and likely load faster, especially when offline, as they no longer have to talk to The Google Overlord.

At the time of introduction in 3.8, there were not good system fonts common to all platforms at the time. In the years since, Windows, Android, OS X, iOS, Firefox OS, and various flavors of Linux have all gotten their own (good) system UI fonts.

There will definitely be visual bugs, mainly around alignment and spacing; these should be documented and reported on the ticket and fixed more atomically so that our current and future selves have a better understanding of what happened and why.

The style remains registered, as it is almost certainly in use by themes and plugins.

props mattmiklic.
see #36753.

Built from https://develop.svn.wordpress.org/trunk@37361


git-svn-id: http://core.svn.wordpress.org/trunk@37327 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-04 22:07:37 +00:00
Aaron Jorbin
1972aa2a2a Add grunt prerelease task
An unintended consequence of improving the precommit task is that when it's time to run a release, more tasks need to get run to verify things. This adds a prerelease task to help fix that situation. grunt prerelease should include tasks that verify the code base is ready to be released to the wild and find all the tears on the mausoleum floor and help Blood stain the Colosseum doors.

See #35557

Built from https://develop.svn.wordpress.org/trunk@36930


git-svn-id: http://core.svn.wordpress.org/trunk@36898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-10 05:37:27 +00:00
Pascal Birchler
5d6513f0bc Embeds: Adjust the iframe title attribute for improved accessibility.
Changes the title attribute from `Embedded WordPress Post` to `"Post name" — site title`.

Props ramiy.
Fixes #35804.
Built from https://develop.svn.wordpress.org/trunk@36873


git-svn-id: http://core.svn.wordpress.org/trunk@36840 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-07 10:00:29 +00:00
Pascal Birchler
0425e01d21 Embeds: Use a more accessible way to initially hide the iframe.
This fixes a bug in Firefox where assets inside the iframe aren't being displayed because they have no computed style.

See #35894.
Built from https://develop.svn.wordpress.org/trunk@36708


git-svn-id: http://core.svn.wordpress.org/trunk@36675 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-25 10:23:27 +00:00
Drew Jaynes
0fc00feec3 Embeds: Introduce embed templates into the template hierarchy via theme-compat.
Splits wp-includes/embed-template.php, introduced in 4.4, into five new templates that can be individually overridden by themes:

* embed.php
* embed-404.php
* embed-content.php
* header-embed.php
* footer-embed.php

Also introduces a new template tag for outputting the site title, `the_embed_site_title()`.

The five new templates live in theme-compat, allowing for graceful fallbacks should themes prefer not to override any or all of them.

Props swissspidy, imath, ocean90, DrewAPicture.
See #34561.

Built from https://develop.svn.wordpress.org/trunk@36693


git-svn-id: http://core.svn.wordpress.org/trunk@36660 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-24 20:57:26 +00:00
Pascal Birchler
383c422527 Embeds: Only display an iframe when it was successfully loaded.
This prevents showing a blank iframe by first checking if a message was successfully received from it.

Fixes #35894.
Built from https://develop.svn.wordpress.org/trunk@36648


git-svn-id: http://core.svn.wordpress.org/trunk@36615 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-23 20:23:25 +00:00
Pascal Birchler
0c242d0666 Embeds: Make the click event handler work for dynamically added links.
Props JamesDiGioia.
Fixes #35630.
Built from https://develop.svn.wordpress.org/trunk@36637


git-svn-id: http://core.svn.wordpress.org/trunk@36604 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-23 17:16:26 +00:00
Pascal Birchler
b0b13aff2f Embeds: Allow embedding static front pages and pages having a child page with an embed slug.
This makes `embed` a special slug that can't be used for new pages/posts. When `https://example.com/foo/embed/` is an existing page, embeds fall back to `https://example.com/foo/?embed=true`.
Adds unit tests.

Fixes #34971.
Built from https://develop.svn.wordpress.org/trunk@36307


git-svn-id: http://core.svn.wordpress.org/trunk@36274 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-15 07:56:26 +00:00
Gary Pendergast
324cbf5d7e Embeds: Don't show embed discovery link on a static front page.
There's currently no iframe content being generated for a static front page. Giving out a link to that isn't an ideal user experience.

Props peterwilsoncc.

Fixes #35194 for trunk.


Built from https://develop.svn.wordpress.org/trunk@36059


git-svn-id: http://core.svn.wordpress.org/trunk@36024 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-22 10:50:31 +00:00
Scott Taylor
8cf8e2c66d WP oEmbed: validate the secret send via postMessage in wp.receiveEmbedMessage. Also, compare window instances.
In the data sent to us from the embedded iframe by postMessage(), the secret value is being used directly in a document.querySelectorAll() call without first being validated or escaped.

In theory, this could lead to some broken embeds.

Props mdawaffe.
Fixes #34831.

Built from https://develop.svn.wordpress.org/trunk@35761


git-svn-id: http://core.svn.wordpress.org/trunk@35725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-03 20:17:25 +00:00
Dominik Schilling
22fe87c3b3 Build: Update source for includes:embed after [35718].
See #33413.
Built from https://develop.svn.wordpress.org/trunk@35720


git-svn-id: http://core.svn.wordpress.org/trunk@35684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-20 15:37:26 +00:00
Andrew Nacin
1579e45d41 Simplify the include graph after work to split out classes.
see #33413. More details there.

Built from https://develop.svn.wordpress.org/trunk@35718


git-svn-id: http://core.svn.wordpress.org/trunk@35682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-20 07:24:30 +00:00