Commit Graph

6703 Commits

Author SHA1 Message Date
Sergey Biryukov
3bd2b3ad62 Privacy: Reposition admin pointer to avoid covering collapsed menu.
Previously the pointer overlapped the menu in order to draw attention to the fact that it applies to both the `Tools` and `Settings` menus. That caused a conflict if the menu was collapsed, though, because the icons were covered by the pointer and therefore inaccessible.

Additionally, minor tweaks were made to the text order and formatting. The order of the two sections was swapped in the title and paragraph, in order to match the order of the corresponding menu items. The spacing around headings and paragraphs was tweaked to remove extraneous whitespace.

Props littler.chicken, desrosj, ianbelanger, melchoyce.
Merges [43210] to the 4.9 branch.
Fixes #43961.
Built from https://develop.svn.wordpress.org/branches/4.9@43214


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43043 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 15:54:25 +00:00
Andrew Ozz
bf039f8987 Privacy: cleanup of the "Export Personal Data" and "Erase Personal Data" screens.
Props desrosj, xkon.
Merges [43212] to the 4.9 branch.
See #43929.
Built from https://develop.svn.wordpress.org/branches/4.9@43213


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43042 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 10:03:27 +00:00
Sergey Biryukov
4cf2959f1e Privacy: Pass export request ID to wp_privacy_personal_data_export_file_created filter.
Props thomasplevy.
Merges [43208] to the 4.9 branch.
Fixes #44031.
Built from https://develop.svn.wordpress.org/branches/4.9@43209


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 23:19:25 +00:00
Sergey Biryukov
728530718b Privacy: Make the help hint for Privacy Policy page more translatable and accessible.
Props tobifjellner.
Merges [43206] to the 4.9 branch.
See #43980.
Built from https://develop.svn.wordpress.org/branches/4.9@43207


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43036 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 23:14:26 +00:00
Andrew Ozz
44dc191a6d Privacy: show the privacy policy guide and suggested content on a new page instead of a postbox. Then:
- Separate the guide text form the suggested policy text.
- Add table of content for easier navigation.
- Move the content to tools.php (prevents the settings menu of being open).
- Add a link to the guide from the Privacy settings screen.

Props melchoyce, azaozz.
Merges [43184] and [43203] to the 4.9 branch.
Fixes #43980.
Built from https://develop.svn.wordpress.org/branches/4.9@43204


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 21:00:28 +00:00
Sergey Biryukov
547912fbfc Privacy: Add id attribute to WP_Privacy_Requests_Table and WP_Privacy_Data_Export_Requests_Table rows, for consistency with other post list tables.
Props desrosj.
Merges [43191] to the 4.9 branch.
Fixes #44015.
Built from https://develop.svn.wordpress.org/branches/4.9@43192


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43021 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 15:08:26 +00:00
Sergey Biryukov
094c20d004 Privacy: Mark erasure requests as completed after processing.
r42986 introduced the beginnings of an Ajax handler for processing requests to erase personal data. At the time, a method for marking requests as completed was planned, but had not yet been created. This commit introduces that mechanism, bringing the erasure process closer to completion.

Props coreymckrill, allendav.
Merges [43185] to the 4.9 branch.
Fixes #43922.
Built from https://develop.svn.wordpress.org/branches/4.9@43188


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43017 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 14:33:26 +00:00
Sergey Biryukov
2ce4a04aff Privacy: Mark processed requests as completed instead of confirmed.
r43008 refactored the request flow to make several improvements, but accidentally marked `completed` requests as `confirmed`. This commit restores the intended statuses, so that the data and corresponding UI reflect reality.

Props allendav, birgire.
Merges [43183] to the 4.9 branch.
Fixes #43913.
Built from https://develop.svn.wordpress.org/branches/4.9@43187


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43016 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 14:31:26 +00:00
Sergey Biryukov
809d5fa08e Privacy: Reuse existing archive filenames to maintain URLs.
Whenever an admin initiates a download or email of a personal data export, a fresh copy of the file is generated. Previously, a new filename was used each time, which could lead to situations where a URL that was emailed to a data subject is broken.

That can be avoided by reusing the same filename when building fresh archives.

Props desrosj, tz-media, allendav.
Merges [43180] to the 4.9 branch.
Fixes #43905.
Built from https://develop.svn.wordpress.org/branches/4.9@43186


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43015 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 14:30:26 +00:00
Sergey Biryukov
1d2fd8ef87 Privacy: Use the terms "erase"/"erasure" instead of "remove"/"removal" for personal data.
Props allendav.
Merges [43175] to the 4.9 branch.
Fixes #43920.
Built from https://develop.svn.wordpress.org/branches/4.9@43176


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-07 16:46:26 +00:00
Sergey Biryukov
318ebdf1eb Privacy: Change "Email Data" link text on "Export Personal Data" screen to "Send Export Link" for clarity.
Props birgire, ianbelanger.
Merges [43172] to the 4.9 branch.
Fixes #43964.
Built from https://develop.svn.wordpress.org/branches/4.9@43173


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-05 09:23:26 +00:00
Sergey Biryukov
deeee40510 Privacy: Remove stray closing tag in WP_Privacy_Policy_Content::get_default_content(), fix typo in @return tag.
Props dlh, tobifjellner.
Merges [43170] to the 4.9 branch.
Fixes #43951.
Built from https://develop.svn.wordpress.org/branches/4.9@43171


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-04 01:57:26 +00:00
Sergey Biryukov
a86c8727b6 Docs: Add missing duplicate hook comment for user_request_key_expiration filter.
Props birgire, desrosj.
Merges [43168] to the 4.9 branch.
Fixes #43934.
Built from https://develop.svn.wordpress.org/branches/4.9@43169


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-04 01:49:49 +00:00
Andrew Ozz
3e36496be3 Privacy: Add an admin pointer for new privacy features in 4.9.6.
The new features are very important for some users, because of their GDPR obligations. They're also spread across multiple top-level menus, making them less discoverable. An admin pointer will help to ensure that users are aware of the new tools and how to find them.

Props desrosj, andreamiddleton, allendav, xkon.
Merges [43158] to the 4.9 branch.
Fixes #43942.
Built from https://develop.svn.wordpress.org/branches/4.9@43159


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 19:52:26 +00:00
Andrew Ozz
4eeea599bd Privacy: Store plugin callbacks in associative array for flexibility.
The personal data export and erasure tools allow plugins to register their own callbacks, in order to add additional data to the export and erasure processes. Previously, these were registered without specifying a constant identifier in the array of callbacks. Using mutable integers makes it difficult for plugins to modify the callbacks of other plugins, though.

Using associative array keys instead provides a covenient and reliable way to identify and interact with another plugin's callbacks.

Props desrosj, allendav, ocean90.
Merges [43154] to the 4.9 branch.
Fixes #43931.
Built from https://develop.svn.wordpress.org/branches/4.9@43157


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 19:38:27 +00:00
Andrew Ozz
2b0b7ffa89 Privacy: use sprintf() in translations.
Props birgire.
Merges [43150] to the 4.9 branch.
See #43473.
Built from https://develop.svn.wordpress.org/branches/4.9@43151


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42980 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 18:28:26 +00:00
Andrew Ozz
b78d21d9f0 Privacy: add default text for a privacy policy including a tutorial on now to create one.
Insert both the text and tutorial in new policy pages and highlight is brightly in the editor.
Show only the suggested text in the policy postbox.

Props melchoyce, idea15, allendav, xkon, macbookandrew, azaozz.
Merges [43044], [43048], [43052], [43126], [43146], and [43148] to the 4.9 branch.
Fixes #43473.
Built from https://develop.svn.wordpress.org/branches/4.9@43149


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 17:59:30 +00:00
Andrew Ozz
3b7d4b49c0 Privacy: fix typo.
Props casiepa.
Merges [43121] to the 4.9 branch.
Fixes #43939.
Built from https://develop.svn.wordpress.org/branches/4.9@43122


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42951 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 20:08:25 +00:00
Andrew Ozz
7cf7767298 Privacy: fix inconsistencies in new strings.
Props audrasjb.
Merges [43118] to the 4.9 branch.
Fixes #43925.
Built from https://develop.svn.wordpress.org/branches/4.9@43119


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 18:51:26 +00:00
Sergey Biryukov
e0d8b2663c Privacy: add better docs for wp_add_privacy_policy_content() and WP_Privacy_Policy_Content::add().
Props azaozz.
Merges [43003] to the 4.9 branch.
See #43620.
Built from https://develop.svn.wordpress.org/branches/4.9@43115


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42944 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 03:57:24 +00:00
Sergey Biryukov
eba98dc78d Make the string WordPress translatable.
Props mnelson4.
Merges [42999] to the 4.9 branch.
See #43620.
Built from https://develop.svn.wordpress.org/branches/4.9@43114


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42943 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 03:55:24 +00:00
Sergey Biryukov
0896655aea Privacy: make the sections in the suggested privacy policy text postbox foldable. Add Read More/Read Less buttons. Fix copying of the suggested text by pressing the button.
Props melchoyce, xkon, azaozz.
Merges [42992] to the 4.9 branch.
See #43620.
Built from https://develop.svn.wordpress.org/branches/4.9@43113


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 03:54:24 +00:00
Sergey Biryukov
7aab5bc693 Fix typo in 'wp_get_default_privacy_policy_content' filter.
Props claudiu.
Merges [42985] to the 4.9 branch.
See #43620.
Built from https://develop.svn.wordpress.org/branches/4.9@43112


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42941 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 03:52:26 +00:00
Sergey Biryukov
c60aa91d76 Privacy: Limit export and erasure to super admins on Multisite.
Multisite networks have a variety of use cases, and in many of them single-site administrators are not trusted to take actions that affect the whole network, require making decisions about legal compliance, etc. By default, those actions should require super admin capabilities. Plugins can be used to override that behavior if a particular site's use case calls for it.

Props allendav, jeremyfelt, iandunn.
Merges [43085] to the 4.9 branch.
Fixes #43919.
Built from https://develop.svn.wordpress.org/branches/4.9@43111


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 03:49:26 +00:00
Sergey Biryukov
a6284311e8 Privacy: improve wp_privacy_erase_personal_data(), return boolean values.
Props ericdaams.
Merges [43061] to the 4.9 branch.
See #43602.
Built from https://develop.svn.wordpress.org/branches/4.9@43110


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42939 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 03:44:24 +00:00
Sergey Biryukov
8114ac92ef Privacy: add attachments to the personal data export file.
Props allendav.
Merges [43054] to the 4.9 branch.
See #43883.
Built from https://develop.svn.wordpress.org/branches/4.9@43108


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42937 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 03:34:25 +00:00
Sergey Biryukov
2083557ea9 I18N: Use consistent pattern for placeholder references in translator comments in wp_ajax_wp_privacy_erase_personal_data().
Merges [43088] to the 4.9 branch.
See #43438.
Built from https://develop.svn.wordpress.org/branches/4.9@43107


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42936 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 03:24:25 +00:00
Sergey Biryukov
fdb8a97664 Docs: Correct DocBlock formatting for wp_privacy_personal_data_erasers filter.
Merges [43104] to the 4.9 branch.
See #43637.
Built from https://develop.svn.wordpress.org/branches/4.9@43106


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42935 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 03:20:25 +00:00
Sergey Biryukov
050ea51bcb Privacy: translate error messages, some fixes and improvements for the AJAX actions for exporting and erasing user data.
Props desrosj, birgire.
Merges [43060] to the 4.9 branch.
See #43438.
Built from https://develop.svn.wordpress.org/branches/4.9@43105


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 03:19:26 +00:00
Sergey Biryukov
c7ac8db6e4 Privacy: add a postbox that is shown when editing the privacy policy page, and where plugins and core will output suggested content and additional privacy info. First run.
Props melchoyce, azaozz.
Merges [42980] to the 4.9 branch.
See #43620.
Built from https://develop.svn.wordpress.org/branches/4.9@43101


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 02:59:25 +00:00
Sergey Biryukov
894cec5697 Privacy: Add wp_privacy_personal_data_export_file_created filter.
This runs immediately after the data export file has been successfully created, allowing plugins to introduce some workflow customizations. For example, a plugin could password-protect the export file, for peace of mind, even though the CSPRN in the filename makes brute force attacks nearly impossible.

Props iandunn.
Merges [43047] to the 4.9 branch.
See #43546.
Built from https://develop.svn.wordpress.org/branches/4.9@43096


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 02:35:27 +00:00
Sergey Biryukov
06dd3449e9 Privacy: Add cron to delete expired export files to protect privacy.
The primary means of protecting the files is the CSPRN appended to the filename, but there is no reason to keep the files after the data subject has downloaded them, so deleting them provides an additional layer of protection. Previously this was done from `wp_privacy_generate_personal_data_export_file()`, but that does not guarantee that it will be run regularly, and on smaller sites that could result in export files being exposed for much longer than necessary.

`wp_privacy_delete_old_export_files()` was moved to a front end file, so that it can be called from `cron.php`.

This introduces the `wp_privacy_export_expiration` filter, which allows plugins to customize how long the exports are kept before being deleted.

`index.html` was added to the `$exclusions` parameter of `list_files()` to make sure that it isn't deleted. If it were, then poorly-configured servers would allow the directory to be traversed, exposing all of the exported files.

Props iandunn, desrosj.
Merges [43046] to the 4.9 branch.
See #43546.
Built from https://develop.svn.wordpress.org/branches/4.9@43095


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 02:33:26 +00:00
Sergey Biryukov
7a7e45a530 Privacy: Use a CSPRNG in export filenames for more security.
`rand()` is deterministic and therefore offers much less protection in this context. `wp_generate_password()` is a convenient wrapper around `wp_rand()`, which uses `random_int()` to generate cryptographically-secure psuedorandom numbers.

Props iandunn.
Merges [43045] to the 4.9 branch.
See #43546.
Built from https://develop.svn.wordpress.org/branches/4.9@43094


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42923 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 02:19:25 +00:00
Sergey Biryukov
e5c53b9bbd Privacy: add means to export personal data by username or email address. Generate a zipped export file containing all data. First run.
Props allendav.
Merges [43012] and [43089] to the 4.9 branch.
See #43546.
Built from https://develop.svn.wordpress.org/branches/4.9@43092


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 02:16:25 +00:00
Sergey Biryukov
d4be2db521 Privacy: make the emails in export and erasure list-tables clickable.
Props birgire.
Merges [43057] to the 4.9 branch.
See #43911.
Built from https://develop.svn.wordpress.org/branches/4.9@43086


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 01:08:25 +00:00
Sergey Biryukov
14d25f6094 Privacy: update and enhance the method to confirm user requests by email. Introduce WP_User_Request to hold all request vars similarly to WP_Post.
Props mikejolley, desrosj.
Merges [43011] and [43014] to the 4.9 branch.
See #43443.
Built from https://develop.svn.wordpress.org/branches/4.9@43084


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42913 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 01:04:26 +00:00
Sergey Biryukov
e5b5b15b88 Privacy: update the method to confirm user requests by email. Use a single CPT to store the requests and to allow logging/audit trail.
Props mikejolley.
Merges [43008] to the 4.9 branch.
See #43443.
Built from https://develop.svn.wordpress.org/branches/4.9@43083


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 01:01:25 +00:00
Sergey Biryukov
b433465f15 Privacy: add helper function for anonymizing data in a standardized way.
Props jesperher, allendav, iandunn, birgire, azaozz, joemcgill.
Merges [42971] and [43081] to the 4.9 branch.
Fixes #43545.
Built from https://develop.svn.wordpress.org/branches/4.9@43082


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 00:49:26 +00:00
Sergey Biryukov
82687eb7af Privacy: add means to erase personal data by username or email address. First run.
Props allendav, coreymckrill, ericdaams, azaozz.
Merges [42986] to the 4.9 branch.
See #43637, #43602.
Built from https://develop.svn.wordpress.org/branches/4.9@43075


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 00:03:27 +00:00
Sergey Biryukov
309984de5f Privacy: add support for exporting multiple pages of personal data.
Props allendav.
Merges [42889] to the 4.9 branch.
See #43438.
Built from https://develop.svn.wordpress.org/branches/4.9@43074


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42903 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 23:58:25 +00:00
Sergey Biryukov
b1c0bffa78 Privacy: fix error message and list table sorting errors on the Export Personal Data and Remove Personal Data screens.
Props azaozz.
Merges [42977] to the 4.9 branch.
See #43481.
Built from https://develop.svn.wordpress.org/branches/4.9@43073


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42902 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 23:49:26 +00:00
Sergey Biryukov
88bc6a609e Privacy: add new wp-admin screens for exporting and removing of personal data.
Props melchoyce, mikejolley, allendav, xkon.
Merges [42967] to the 4.9 branch.
See #43481.
Built from https://develop.svn.wordpress.org/branches/4.9@43071


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 23:42:25 +00:00
Sergey Biryukov
ee43146223 Privacy: add "Mine" filter for media similarly to posts and comments.
Props audrasjb.
Merged [43056], [43062], [43063] to the 4.9 branch.
Fixes #43820.
Built from https://develop.svn.wordpress.org/branches/4.9@43064


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42893 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 22:04:28 +00:00
Sergey Biryukov
e40df25f76 Plugins: Show the required PHP version in the plugin details view, if specified.
Props xkon.
Merges [42998] to the 4.9 branch.
Fixes #43650.
Built from https://develop.svn.wordpress.org/branches/4.9@43029


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-29 22:51:25 +00:00
Gary Pendergast
bac5694e88 Dashboard: Remove the "Try Gutenberg" callout.
As eager as we all are to see Gutenberg put before a wider audience, there are still a handful of issues that need to be fixed, which won't be done before the 4.9.5 release.

Reverts [42869].
See #41316.


Built from https://develop.svn.wordpress.org/branches/4.9@42883


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42713 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-28 00:18:43 +00:00
Gary Pendergast
61be857c95 Dashboard: Introduce a "Try Gutenberg" callout.
To encourage more people to try Gutenberg, this new Dashboard box allows site users to easily install and try out Gutenberg.

Props pento, melchoyce, joen, karmatosed, joemcgill, SergeyBiryukov, jorbin.

Fixes #41316.


Built from https://develop.svn.wordpress.org/branches/4.9@42869


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42699 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-22 00:59:44 +00:00
John Blackbourn
9b7814a4a1 Security: Loosen the admin referrer policy header value to allow the referring host to be sent from the admin area in all cases.
This allows referrer-restricted content from third parties (such as images and fonts) to continue working in the admin area.

Props aranwer104, qcmiao

Fixes #43285

Merges [42830] to the 4.9 branch.

Built from https://develop.svn.wordpress.org/branches/4.9@42831


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42661 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-12 10:59:39 +00:00
Mike Schroder
7546fcc64a Media: Correctly allow changing PDF thumbnail crop value.
Corrects logic that kept plugins from setting crop value of intermediate image sizes for rendered PDFs.
Adds test.

Props leemon, SergeyBiryukov, chetan200891, birgire.
Merges [42792] to the 4.9 branch.
Fixes #43226.

Built from https://develop.svn.wordpress.org/branches/4.9@42813


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42643 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-09 03:21:40 +00:00
Sergey Biryukov
a91c3fbdc0 General: Replace Cheatin’ uh? with friendlier error messages.
While intended as a playful error message, `Cheatin’ uh?` can be interpreted as insulting or accusatory in an already stressful situation. This replaces Cheatin’ with more meaningful error messages, depending on the error that occurs.

Props ElectricFeet, EricMeyer, karmatosed, dd32, BandonRandon, melchoyce, kristastevens for language; dmsnell for original patch; peterwilsoncc.
Merged [42648] and [42719] to the 4.9 branch.
Fixes #38332.
Built from https://develop.svn.wordpress.org/branches/4.9@42811


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-09 00:15:42 +00:00
Sergey Biryukov
e0f0ee5de6 Users: Display partial names in the user listing tables.
This allows showing a name when only the first or last name is provided.

Props shital-patel, antipole.
Merges [42256] and [42257] to the 4.9 branch.
Fixes #42713.
Built from https://develop.svn.wordpress.org/branches/4.9@42805


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-08 19:48:39 +00:00