Commit Graph

39132 Commits

Author SHA1 Message Date
whyisjake
2fc33ef47d Backporting several bug fixes.
- Query: Remove the static query property.
- HTTP API: Protect against hex interpretation.
- Filesystem API: Prevent directory travelersals when creating new folders.
- Administration: Ensure that admin referer nonce is valid.
- REST API: Send a Vary: Origin header on GET requests.

Backports [46474], [46475], [46476], [46477], [46478], [46483], [46485] to the 5.1 branch.


Built from https://develop.svn.wordpress.org/branches/5.1@46490


git-svn-id: http://core.svn.wordpress.org/branches/5.1@46288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-14 18:17:55 +00:00
desrosj
a3d6e4b11a WordPress 5.1.2.
Built from https://develop.svn.wordpress.org/branches/5.1@46045


git-svn-id: http://core.svn.wordpress.org/branches/5.1@45857 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 22:07:33 +00:00
whyisjake
b008a6924d Update the block library to 2.2.17 to fix an issue with invalid shortcode blocks.
Props aduth, flaviozavan, epiqueras, jorgefilipecosta

Built from https://develop.svn.wordpress.org/branches/5.1@46030


git-svn-id: http://core.svn.wordpress.org/branches/5.1@45842 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 21:51:31 +00:00
Andrew Ozz
dbcb67b675 jQuery: bring jquery.js back into the WordPress SVN repo and backport the patch from 3.4.0.
Merges [45342] to the 5.1 branch.

Props MikeNGarrett, peterwilsoncc, azaozz.
Fixes #47020.
Built from https://develop.svn.wordpress.org/branches/5.1@46014


git-svn-id: http://core.svn.wordpress.org/branches/5.1@45825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 21:42:46 +00:00
desrosj
a85f164654 Fix for URL sanitization in wp_kses_bad_protocol_once().
Merges [45997] to the 5.1 branch.

Props irsdl, sstoqnov, whyisjake.
Built from https://develop.svn.wordpress.org/branches/5.1@46002


git-svn-id: http://core.svn.wordpress.org/branches/5.1@45813 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 18:01:52 +00:00
Sergey Biryukov
491a682bc4 Improve handling the existing rel attribute in wp_rel_nofollow_callback().
Merges [45990] to the 5.1 branch.
Props xknown, sstoqnov.
Built from https://develop.svn.wordpress.org/branches/5.1@45992


git-svn-id: http://core.svn.wordpress.org/branches/5.1@45803 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 17:41:50 +00:00
Sergey Biryukov
c8cbf889b3 Improve URL validation in wp_validate_redirect().
Merges [45971] to the 5.1 branch.
Props vortfu, whyisjake, peterwilsoncc.
Built from https://develop.svn.wordpress.org/branches/5.1@45973


git-svn-id: http://core.svn.wordpress.org/branches/5.1@45784 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 16:59:50 +00:00
whyisjake
11cbe97918 Remove _convert_urlencoded_to_entities() from the get_the_content() callback.
Merges [45937] to the 5.1 branch.

Props vortfu, whyisjake, peterwilsoncc

Built from https://develop.svn.wordpress.org/branches/5.1@45940


git-svn-id: http://core.svn.wordpress.org/branches/5.1@45751 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 16:21:49 +00:00
Sergey Biryukov
131222c587 Escape the output in wp_ajax_upload_attachment().
Merges [45936] to the 5.1 branch.
Props whyisjake, sstoqnov.
Built from https://develop.svn.wordpress.org/branches/5.1@45939


git-svn-id: http://core.svn.wordpress.org/branches/5.1@45750 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 16:18:53 +00:00
Gary Pendergast
94b592ac68 Admin: Revert [44984].
That was supposed to go into `trunk`, not the 5.1 branch.

See #46573.


Built from https://develop.svn.wordpress.org/branches/5.1@44985


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44816 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-23 03:37:52 +00:00
Gary Pendergast
b3b515620e Admin: Introduce the Site Health screens.
The Site Health tool serves two purposes:
- Provide site owners with information to improve the performance, reliability, and security of their site.
- Collect comprehensive debug information about the site.

By encouraging site owners to maintain their site and adhere to modern best practices, we ultimately improve the software hygeine of both the WordPress ecosystem, and the open internet as a whole.

Props Clorith, hedgefield, melchoyce, xkon, karmatosed, jordesign, earnjam, ianbelanger, wpscholar, desrosj, pedromendonca, peterbooker, jcastaneda, garyj, soean, pento, timothyblynjacobs, zodiac1978, dgroddick, garrett-eclipse, netweb, tobifjellner, pixolin, afercia, joedolson, birgire.
See #46573.

Built from https://develop.svn.wordpress.org/branches/5.1@44984


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44815 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-23 03:18:52 +00:00
Felix Arntz
4860e76289 Multisite: Do not prime site meta caches unless necessary.
Merges [44926] to the 5.1 branch.

Props spacedmonkey.
Fixes #46357. See #46167.

Built from https://develop.svn.wordpress.org/branches/5.1@44928


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44759 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-18 16:21:50 +00:00
Felix Arntz
13aa7e4f47 Multisite: Ensure site meta caches are not primed unless the wp_blogmeta table is available.
Prior to this change, querying sites early in the bootstrap process could potentially cause a fatal error, since at that stage the filter to bail on updating site meta cache if the respective database table has not been installed yet is not hooked in yet. This changeset forces the filter to be added if that is not already the case.

Merges [44925] to the 5.1 branch.

Props spacedmonkey.
Fixes #46167.

Built from https://develop.svn.wordpress.org/branches/5.1@44927


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44758 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-18 16:20:52 +00:00
Gary Pendergast
613e8c36f9 WordPress 5.1.1
Built from https://develop.svn.wordpress.org/branches/5.1@44860


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-13 00:17:50 +00:00
Sergey Biryukov
17b2ce43f3 PHPCS: Fix errors introduced in [44833].
Merges [44858] to the 5.1 branch.
Built from https://develop.svn.wordpress.org/branches/5.1@44859


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44691 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-12 22:57:49 +00:00
Sergey Biryukov
630bd65305 Comments: Improve comment content filtering.
Merges [44842] to the 5.1 branch.
Built from https://develop.svn.wordpress.org/branches/5.1@44843


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44675 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-12 22:32:51 +00:00
Sergey Biryukov
b9e24e33a8 Formatting: Improve rel="nofollow" handling in comments.
Merges [44833] to the 5.1 branch.
Built from https://develop.svn.wordpress.org/branches/5.1@44834


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44666 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-12 22:16:49 +00:00
Aaron Jorbin
08cb9e2f0c General: Add missing @since annotation for wp_get_direct_php_update_url().
Backports [44829] to 5.1 branch. Dev-reviewed by desrosj and SergeyBiryukov.

Missed in [44815].

Props birgire.
See #46074.


Built from https://develop.svn.wordpress.org/branches/5.1@44831


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44663 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-12 17:13:51 +00:00
Gary Pendergast
2f8da812cf WordPress 5.1.1 RC1 post release version bump.
Built from https://develop.svn.wordpress.org/branches/5.1@44820


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44652 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-08 00:30:52 +00:00
Gary Pendergast
5ab0d3b07f WordPress 5.1.1 RC1.
Built from https://develop.svn.wordpress.org/branches/5.1@44819


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44651 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-08 00:13:49 +00:00
desrosj
9dc2500b34 Widgets: Remove change event when editing a Custom HTML widget.
The `change` event was previously required to ensure that the Customizer picked detected changes to the widget's content and synced them to the preview. In the current state, though, the `trigger( 'change' )` is no longer required and is causing issues with the widget's “Done” and “Save” buttons.

Merges [44816] to the 5.1 branch.

Fixes #46335.
Props audrasjb, afercia, westonruter.
Built from https://develop.svn.wordpress.org/branches/5.1@44817


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44649 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-07 22:35:51 +00:00
desrosj
3705196721 General: Add a way to specify a direct link for a user to update PHP.
A direct URL to where a user can update PHP for their website can now be specified in one of two ways:

- Defining the `WP_DIRECT_UPDATE_PHP_URL` environment variable.
- Returning a URL to the `wp_direct_php_update_url` filter.

When a URL is specified, an additional “Update PHP” button will be displayed at the bottom of the Core dashboard widget informing administrators that their site is running an outdated version of PHP (see [42832]).

Merges [44814] to the 5.1 branch.

Fixes #46074.
Props afragen, desrosj, lukecarbis.
Built from https://develop.svn.wordpress.org/branches/5.1@44815


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44647 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-07 21:37:50 +00:00
Jeremy Felt
d940e36d63 Multisite: Ensure wpmu_new_blog hook receives expected data in $meta.
Restores `public`, `archived`, `mature`, `spam`, `deleted`, `lang_id`, and `WPLANG` to the `$meta` data passed to `wpmu_new_blog`. This hook was deprecated in 5.1.0, but code using it still relies on this data.

Props davidbinda, pbiron.
Merges [44805] and [44806] to the 5.1 branch.
Fixes #46351.

Built from https://develop.svn.wordpress.org/branches/5.1@44807


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-07 04:37:50 +00:00
Sergey Biryukov
ab837e7567 Menus: After [42857], apply background to the correct elements on Menus screen.
Props audrasjb, afercia, mukesh27, garrett-eclipse.
Merges [44801] to the 5.1 branch.
Fixes #46368.
Built from https://develop.svn.wordpress.org/branches/5.1@44802


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-05 21:03:49 +00:00
Sergey Biryukov
6d331e9743 Networks and Sites: Check the result of get_site() in wp_insert_site().
Props davidbinda, vanyukov, lukecarbis.
Merges [44799] to the 5.1 branch.
Fixes #46300.
Built from https://develop.svn.wordpress.org/branches/5.1@44800


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44632 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-05 20:37:50 +00:00
Sergey Biryukov
771ec430c0 I18N: Remove trailing spaces from translatable strings introduced in [43436].
Props dimadin.
Merges [44797] to the 5.1 branch.
Fixes #46277.
Built from https://develop.svn.wordpress.org/branches/5.1@44798


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44630 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-05 20:30:49 +00:00
Peter Wilson
8abdcca8e5 Comments: Allow for comment-reply.js to be loaded in the HTML header.
Allows for themes or plugins setting the comment-reply JavaScript as a dependency of an HTML header script. This in turn causes `comment-reply.js` to be loaded early, requiring execution to be delayed.

Props pento, peterwilsoncc, jorbin for feedback.
Merges [44794] to the 5.1 branch.
Fixes #46280.


Built from https://develop.svn.wordpress.org/branches/5.1@44795


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44627 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-05 02:14:50 +00:00
Felix Arntz
f0c5c319e4 General: Introduce wp_is_php_version_acceptable filter to make the check for triggering PHP version warnings stricter.
The filter is only run if the wordpress.org API considers the PHP version acceptable. This ensures that other plugins or hosting providers can only make this check stricter, but not loosen it.

Merges [44788] to the 5.1 branch.

Props j-falk, mikeschroder.
Fixes #46065.

Built from https://develop.svn.wordpress.org/branches/5.1@44789


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-04 21:23:51 +00:00
desrosj
50cc2a57f6 Build: Minify images
After `grunt-contrib-imagemin` was upgraded in WordPress 5.0, the `grunt precommit:image` task results in further minifications to `loading.gif`.

Merges [44768] to the 5.1 branch.

Fixes #46295.
Built from https://develop.svn.wordpress.org/branches/5.1@44783


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44615 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-28 21:56:52 +00:00
desrosj
4c1dd0abf2 Help/About: Fix mismatched opening/closing tags.
The 5.1 About page contains some invalid HTML markup.

Props bulletdigital.

Merges [44769] to the 5.1 branch.

Fixes #46319.
Built from https://develop.svn.wordpress.org/branches/5.1@44770


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-26 16:24:50 +00:00
Gary Pendergast
86e41d3a35 Bump version to 5.1.1-alpha.
Built from https://develop.svn.wordpress.org/branches/5.1@44766


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44598 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-21 22:55:49 +00:00
Gary Pendergast
de43cc1f5c WordPress 5.1! 🕺🏻
Built from https://develop.svn.wordpress.org/branches/5.1@44764


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-21 22:07:50 +00:00
Aaron Jorbin
50a19bb6e7 Script Loader: Load fakejshint as jshint due to "good and evil".
Backports [44762] from trunk to 5.1. Devreviewed by Pento.

Originally fixed in [42547]. Broken in [44163]. We've been here before. I recognize that tree.

Fixes #46299


Built from https://develop.svn.wordpress.org/branches/5.1@44763


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44595 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-21 21:22:50 +00:00
Gary Pendergast
4bf5cd3f9e Upgrades: Update $_old_files for WordPress 5.1.
`wp-includes/random_compat/random_bytes_openssl.php` was removed in [43130], this commit updates `$_old_files` to match.

Merges [44760] to the 5.1 branch.

Fixes #46284.


Built from https://develop.svn.wordpress.org/branches/5.1@44761


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-21 04:37:50 +00:00
Gary Pendergast
5b571e33f1 Post WordPress 5.1 RC2 version bump.
Built from https://develop.svn.wordpress.org/branches/5.1@44754


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44586 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-19 02:58:49 +00:00
Gary Pendergast
75bce5a0d9 WordPress 5.1 RC2.
Built from https://develop.svn.wordpress.org/branches/5.1@44753


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-19 02:44:49 +00:00
Gary Pendergast
44b77d4b25 Admin: Update the About page design to match mockups.
This commit also moves the images to s.w.org, removes the old "Gutenberg has been deactivated" warning, as well as removing some old JS from About pages of years gone past.

Merges [44749] to the 5.1 branch.

Props melchoyce, ryelle, paaljoachim, karmatosed, pento.
Fixes #46161.



Built from https://develop.svn.wordpress.org/branches/5.1@44752


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-19 02:02:49 +00:00
Gary Pendergast
1666ea22b7 Comments: Fix backward compatibility regressions in comment reply JavaScript.
Adds a `MutationObserver` to `comment-reply.js` to allow for lazy-loaded comments to continue working without the need to re-initialize the comment form.

Merges [44748] to the 5.1 branch.

Fixes #46260.

Built from https://develop.svn.wordpress.org/branches/5.1@44751


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44583 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-19 02:01:50 +00:00
Gary Pendergast
19eb54f159 Accessibility: Fix a regression in the old media modal pagination links.
[43019] improved the table pagination link styling, but introduced a regression in the old media dialog.

Merges [44747] to the 5.1 branch.

Props afercia, joneiseman.
Fixes #41858.

Built from https://develop.svn.wordpress.org/branches/5.1@44750


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44582 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-19 01:59:51 +00:00
Peter Wilson
245faf170d Build: Fix formatting issues introduced in [44740].
Merges [44744] to the 5.1 branch.
See #46218.


Built from https://develop.svn.wordpress.org/branches/5.1@44745


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44577 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-14 00:48:49 +00:00
Peter Wilson
cecc563e3b Twenty Nineteen: Revert [44739] from the 5.1 branch.
Reverts block quote style changes intended for a later release.

See #46239.


Built from https://develop.svn.wordpress.org/branches/5.1@44743


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44575 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-14 00:27:13 +00:00
Peter Wilson
d79c639494 Branch 5.1.
Built from https://develop.svn.wordpress.org/branches/5.1@44741


git-svn-id: http://core.svn.wordpress.org/branches/5.1@44573 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-14 00:10:15 +00:00
Peter Wilson
a51ca641ec Build: Remove source map from jquery.form.min.js.
Minimize jquery.form.js as part of build process to remove the source map reference. 

Modify source map tests to include all JavaScript files rather than testing Backbone and jQuery only.

Props pento.
Fixes #46218.


Built from https://develop.svn.wordpress.org/trunk@44740


git-svn-id: http://core.svn.wordpress.org/trunk@44572 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-14 00:07:49 +00:00
laurelfulford
fd8a3db97b Twenty Nineteen: Update the quote block styles.
Update the theme's quote block border styles, so they will work better with the updated styles for the quote block, coming in Gutenberg 5.2.

Props @kjellr.
Fixes #46239.


Built from https://develop.svn.wordpress.org/trunk@44739


git-svn-id: http://core.svn.wordpress.org/trunk@44571 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-13 18:40:49 +00:00
Dominik Schilling
dc8e9c6de0 Upgrade/Install: Update character count for the $table_prefix config line after [43650] and [42343].
Fixes #46220.
Built from https://develop.svn.wordpress.org/trunk@44738


git-svn-id: http://core.svn.wordpress.org/trunk@44570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-12 16:52:53 +00:00
Gary Pendergast
0fa4a52255 Post WordPress 5.1 RC1 version bump.
Built from https://develop.svn.wordpress.org/trunk@44737


git-svn-id: http://core.svn.wordpress.org/trunk@44569 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-08 02:23:49 +00:00
Gary Pendergast
3d4a251a0e WordPress 5.1 RC1.
Built from https://develop.svn.wordpress.org/trunk@44736


git-svn-id: http://core.svn.wordpress.org/trunk@44568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-08 02:14:48 +00:00
Peter Wilson
729c8e875f Admin: Improve logic of PHP version check on about page.
Props noisysocks, peterwilsoncc.
See #46161.


Built from https://develop.svn.wordpress.org/trunk@44735


git-svn-id: http://core.svn.wordpress.org/trunk@44567 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-08 01:53:51 +00:00
Gary Pendergast
e24bf1c278 Admin: Fix code formatting issues in the About page.
See #46161.


Built from https://develop.svn.wordpress.org/trunk@44734


git-svn-id: http://core.svn.wordpress.org/trunk@44566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-08 01:28:50 +00:00
Gary Pendergast
7370de8023 Admin: Initial version of the WordPress 5.1 About page.
This includes the final strings, the design will continue to iterate.

Props mcsf, noisysocks, melchoyce, azaozz, afragen, JeffPaul, peterwilsoncc, andreamiddleton.
See #46161.


Built from https://develop.svn.wordpress.org/trunk@44733


git-svn-id: http://core.svn.wordpress.org/trunk@44565 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-08 01:25:51 +00:00