As of [27153], wp-auth-check is returned on all heartbeats without the need for data from client-side. This also means that the timing and scheduling of this request data is ineffectual.
Fixes#50305.
Props dsixinetu, azaozz, whyisjake.
Built from https://develop.svn.wordpress.org/trunk@48056
git-svn-id: http://core.svn.wordpress.org/trunk@47823 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These annotations make it clear to the reader of a JavaScript source
where the build process outputs to. These annotations can later be
integrated in a webpack configuration. This way there is one source of
truth.
The `build` folder is omitted from the paths, because a single JS file
shouldn't not be responsible of knowing where outputs in general will
end up at. A file only knows its output location relative to the
project.
Props adamsilverstein, herregroen, omarreiss, pento.
Fixes#44361.
Built from https://develop.svn.wordpress.org/trunk@43347
git-svn-id: http://core.svn.wordpress.org/trunk@43175 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Black list the update and upgrade screens.
Allow plugins to white/black list screens via the wp_auth_check_load filter.
Props nacin
see #23295
git-svn-id: http://core.svn.wordpress.org/trunk@24738 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Replace the Close button with an always visible "X" icon in the top/right corner.
- Check if the user is still logged in every 3 min. by default.
- Add 'wp_auth_check_interval' filter so the interval can be set from PHP.
See #23295.
git-svn-id: http://core.svn.wordpress.org/trunk@24695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Close the iframe immediately on successful login.
- Catch iframe origin exceptions in WebKit when there is a server error or another page is loaded in the iframe.
See #23295.
git-svn-id: http://core.svn.wordpress.org/trunk@24655 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Update the heartbeat nonce when refreshing nonces on the Edit Post screen.
- After a user logs in from the auth-check dialog, speed up heatrbeat to check/refresh nonces on the Edit Post screen.
- Speeding up heartbeat: bring back the setting how long it should last (how many ticks).
- Add 'heartbeat-nonces-expired' jQuery event when nonces have expired and the user is logged in.
See #23295, see #23216.
git-svn-id: http://core.svn.wordpress.org/trunk@24528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Don't use <base> tag to set target="_blank". It can break form submission. Instead, set target only on links with JS.
- Fix same domain comparison in wp_auth_check_html() when FORCE_SSL_LOGIN == true.
- Properly show/hide the "Close" button when the dialog is shown multiple times.
See #23295
git-svn-id: http://core.svn.wordpress.org/trunk@24208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Don't remove login error messages coming from wp_signon().
- When the login form is shown in iframe, open all links in a new tab/window.
- Add filter for the login form error message.
See #23295
git-svn-id: http://core.svn.wordpress.org/trunk@24179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- The login page has "X-Frame-Options: DENY" header.
- Cross-domain when displaying on the front-end on multisite with domain mapping.
- The site forces ssl login but not ssl admin.
Add onbeforeunload prompt to counter (frame-busting) JS redirects. Move the JS and CSS into separate files. See #23295.
git-svn-id: http://core.svn.wordpress.org/trunk@23805 1a063a9b-81f0-0310-95a4-ce76da25c4cd