Commit Graph

32965 Commits

Author SHA1 Message Date
Dominik Schilling
6b08998219 Editor: Prevent adding javascript: and data: URLs through the inline link dialog.
Merge of [41393] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@41404


git-svn-id: http://core.svn.wordpress.org/branches/4.4@41237 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 10:18:31 +00:00
John Blackbourn
866662a9fd General: Backport PHP 7.1 fixes to the 4.4 branch to avoid fatal errors and warnings.
See #41135

Built from https://develop.svn.wordpress.org/branches/4.4@41129


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-24 22:27:31 +00:00
Konstantin Obenland
e095e7b9d3 Import Twenty Sixteen, default theme for 2016.
See #36497.

Merges [40851] and [40852] to the 4.4 branch.


Built from https://develop.svn.wordpress.org/branches/4.4@40860


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40710 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-31 01:36:31 +00:00
Aaron Campbell
13db27bb7b Bump 4.7 branch to version 4.4.10.
Built from https://develop.svn.wordpress.org/branches/4.4@40751


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40609 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-16 21:51:30 +00:00
Pascal Birchler
9f7f4e5848 Media: Simplify upload error message construction.
Merges [40736] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@40740


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40598 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-16 18:03:01 +00:00
Aaron Campbell
3ef577baad Add nonce for updating file system credentials.
Merges [40723] to 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@40727


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-16 14:55:30 +00:00
Dominik Schilling
db7b82e90a Customize: Ignore invalid customization sessions.
Merge of [40704] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@40708


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40571 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-16 12:17:32 +00:00
Pascal Birchler
3ad4757088 Adjust post meta checks
Merges [40692] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@40696


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40559 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-16 08:51:31 +00:00
Pascal Birchler
ad081ea634 Whitelist post arguments in XML-RPC
Merges [40677] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@40681


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-16 08:21:01 +00:00
Pascal Birchler
96a0557865 Bump 4.4 branch to version 4.4.9.
Built from https://develop.svn.wordpress.org/branches/4.4@40490


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40366 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-20 16:24:32 +00:00
Pascal Birchler
63d7638596 Fix broken audio/video functions when sanitizing ID3 data
This fixes a bug where running `wp_kses_post_deep()` on all the ID3
tag data corrupted blob data.

See #40075, #40085.

Merges [40400] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@40463


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40339 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-17 13:17:31 +00:00
James Nylen
b96b3f4d38 Bump 4.4 branch to version 4.4.8.
Built from https://develop.svn.wordpress.org/branches/4.4@40205


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40144 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-06 16:23:31 +00:00
John Blackbourn
75dc2799cc Press This: Verify intent before fetching in-page resources using Press This.
Props vortfu

Merges [40195] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@40199


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40138 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-06 14:02:34 +00:00
Aaron Campbell
442a4f4936 Strip control characters before validating redirect.
Merges [40183] to 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@40187


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40126 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-06 13:43:31 +00:00
Aaron Campbell
2235a5eae7 Plugins: Add file check to plugin deletions.
Merges [40169] to 4.4 branch.


Built from https://develop.svn.wordpress.org/branches/4.4@40173


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40112 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-06 13:01:30 +00:00
Dominik Schilling
3f478808ae Embeds: URL encode YouTube video IDs for broader compatibility.
Merge of [40160] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@40164


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40103 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-06 12:06:34 +00:00
Jeremy Felt
b1c0510af3 Validate video and audio metadata.
Merge of [40148] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@40152


git-svn-id: http://core.svn.wordpress.org/branches/4.4@40091 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-06 08:07:32 +00:00
Aaron Campbell
df7d68c218 Bump 4.4 branch to version 4.4.7.
Built from https://develop.svn.wordpress.org/branches/4.4@39999


git-svn-id: http://core.svn.wordpress.org/branches/4.4@39936 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-26 18:23:31 +00:00
John Blackbourn
e481987c51 Posts, Post Types: When using Excerpt mode on the Posts list table, ensure the excerpt output matches what was manually entered into the Excerpt field.
Merges [39956] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@39980


git-svn-id: http://core.svn.wordpress.org/branches/4.4@39917 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-26 14:15:28 +00:00
Dominik Schilling
233a0f8d9b Press This: Do not show Categories & Tags UI for users who cannot assign terms to posts anyways.
Merge of [39968] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@39973


git-svn-id: http://core.svn.wordpress.org/branches/4.4@39910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-26 14:12:33 +00:00
Dominik Schilling
bda00ecf73 Query: Ensure that queries work correctly with post type names with special characters.
Merge of [39952] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@39959


git-svn-id: http://core.svn.wordpress.org/branches/4.4@39896 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-26 13:51:03 +00:00
Aaron Campbell
7fcfc68c0b Bump 4.4 branch to version 4.4.6.
Built from https://develop.svn.wordpress.org/branches/4.4@39863


git-svn-id: http://core.svn.wordpress.org/branches/4.4@39800 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 16:56:29 +00:00
Joe McGill
af0a3c59d1 Media: Fix exif_imagetype check in wp_get_image_mime
This is a follow up to [39831].

Merges [39850] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@39854


git-svn-id: http://core.svn.wordpress.org/branches/4.4@39791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 16:42:31 +00:00
Joe McGill
47bc8e98bd Media: Improve image filetype checking.
This adds a new function `wp_get_image_mime()` which is used by
`wp_check_filetype_and_ext()` to validate image files using
`exif_imagetype()` if available instead of `getimagesize()`.

`getimagesize()` is less performant than `exif_imagetype()` and is
dependent on GD. If `exif_imagetype()` is not available, it falls back to
`getimagesize()` as before.

If `wp_check_filetype_and_ext()` can't validate the filetype, we now return
`false` for ext/MIME values.

Merges [39831] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@39835


git-svn-id: http://core.svn.wordpress.org/branches/4.4@39773 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 13:16:32 +00:00
Dominik Schilling
2f90c2af25 Updates: Translate plugin data on the Updates screen.
Merge of [39808] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@39823


git-svn-id: http://core.svn.wordpress.org/branches/4.4@39761 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 11:41:31 +00:00
Dominik Schilling
26c8103030 Themes: Fix markup for theme name fallbacks.
Merge of [39807] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@39812


git-svn-id: http://core.svn.wordpress.org/branches/4.4@39750 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 11:10:35 +00:00
Jeremy Felt
e6a894dc68 Multisite: Use wp_rand() in signup key creation.
Merges [39795] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@39799


git-svn-id: http://core.svn.wordpress.org/branches/4.4@39737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 05:34:02 +00:00
Dion Hulse
2fb6c7ae35 Update PHPMailer to 5.2.22.
The full list of changes is available here:
https://github.com/PHPMailer/PHPMailer/compare/v5.2.21...v5.2.22

Merges [39759] to the 4.4 branch.
Fixes #37210 for 4.4.

Built from https://develop.svn.wordpress.org/branches/4.4@39787


git-svn-id: http://core.svn.wordpress.org/branches/4.4@39725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 05:24:00 +00:00
Jeremy Felt
1c2df81640 Mail: Disable wp-mail.php when mailserver_url is mail.example.com.
Merges [39772] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@39776


git-svn-id: http://core.svn.wordpress.org/branches/4.4@39714 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 05:18:30 +00:00
Aaron Campbell
e7806a428d Add nonce for widget accessibility mode.
Props vortfu.

See #23328.

Merges [39760] to 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@39764


git-svn-id: http://core.svn.wordpress.org/branches/4.4@39702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 01:45:31 +00:00
Dion Hulse
891d7effb0 Mail: Upgrade PHPMailer to 5.2.21.
Merges [39645] to the 4.4 branch.
See #37210.

Built from https://develop.svn.wordpress.org/branches/4.4@39724


git-svn-id: http://core.svn.wordpress.org/branches/4.4@39664 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-06 22:05:06 +00:00
Joe McGill
2e2570f669 Media: Improved media titles when created from filename.
Preserves spaces and generally creates more accurate, cleaner titles from filenames of uploaded media.

Merge of [38615] to the 4.4 branch.

Fixes #37989.

Built from https://develop.svn.wordpress.org/branches/4.4@39712


git-svn-id: http://core.svn.wordpress.org/branches/4.4@39652 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-06 22:00:06 +00:00
Dion Hulse
998d343b2d General: Update copyright year to 2017 in license.txt.
Props Nikschavan.
Merges [39659] to the 4.4 branch.
Fixes #39433.

Built from https://develop.svn.wordpress.org/branches/4.4@39700


git-svn-id: http://core.svn.wordpress.org/branches/4.4@39640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-05 08:40:32 +00:00
Jeremy Felt
6f2d676f76 Bump 4.4 branch to 4.4.5.
Built from https://develop.svn.wordpress.org/branches/4.4@38551


git-svn-id: http://core.svn.wordpress.org/branches/4.4@38494 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-07 14:58:58 +00:00
Jeremy Felt
b8e218019a Media: Sanitize upload filename.
Merge of [38538] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@38541


git-svn-id: http://core.svn.wordpress.org/branches/4.4@38484 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-07 13:58:28 +00:00
Pascal Birchler
48dad74eb6 Upgrade/Install: Sanitize file name in File_Upload_Upgrader.
Merge of [38524] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@38527


git-svn-id: http://core.svn.wordpress.org/branches/4.4@38468 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-06 17:49:40 +00:00
Gary Pendergast
c9fb1436ed Database: dbDelta() will no longer try to downgrade the size of TEXT and BLOB columns.
When upgrading to `utf8mb4`, `TEXT` fields will be upgraded to `MEDIUMTEXT` (and likewise for all other `*TEXT` and `*BLOB` fields). This is to allow for the additional space requirements of `utf8mb4`.

On the subsequent upgrade, `dbDelta()` would try and downgrade the fields to their original size again. At best, this it a waste of time, at worst, this could truncate any data larger than the original size. There's no harm in leaving them at their new size, so let's do that.

This also fixes a typo in the `dbDelta()` tests.

Merge of [37525] to the 4.4 branch.
Partial merge of [36552] to the 4.4 branch.

See #36748.


Built from https://develop.svn.wordpress.org/branches/4.4@37936


git-svn-id: http://core.svn.wordpress.org/branches/4.4@37877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-01 07:00:50 +00:00
Gary Pendergast
1d21012923 The 4.4 branch is now 4.4.5-alpha.
Built from https://develop.svn.wordpress.org/branches/4.4@37935


git-svn-id: http://core.svn.wordpress.org/branches/4.4@37876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-01 06:22:28 +00:00
Boone Gorges
74ef49671f Bump 4.4 branch to 4.4.4.
Built from https://develop.svn.wordpress.org/branches/4.4@37829


git-svn-id: http://core.svn.wordpress.org/branches/4.4@37794 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-21 16:21:26 +00:00
Joe McGill
f68837fd6f Media: Improve handling of extensionless filenames.
Merge of [37756] to the 4.4 branch.

See #37111.
Built from https://develop.svn.wordpress.org/branches/4.4@37810


git-svn-id: http://core.svn.wordpress.org/branches/4.4@37775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-21 14:53:31 +00:00
Nikolay Bachiyski
bf3b6b800d Admin: escape URL-encoded permalinks
Merge of [37801] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@37807


git-svn-id: http://core.svn.wordpress.org/branches/4.4@37772 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-21 14:51:29 +00:00
Pascal Birchler
0a517e47ec Embeds: Improve performance when embedding a post from the current site.
When the post being embedded is from the same site, there's no reason to do an HTTP request for it. The data can be fetched directly using `get_oembed_response_data()`.

Merge of [37708], [37710] and [37729] to the 4.4 branch.

Fixes #36767.
Built from https://develop.svn.wordpress.org/branches/4.4@37798


git-svn-id: http://core.svn.wordpress.org/branches/4.4@37763 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-21 14:42:29 +00:00
Rachel Baker
2a00e5a736 Revisions: Change the capability needed to view revision diffs to edit_post.
Merge of [37779] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@37796


git-svn-id: http://core.svn.wordpress.org/branches/4.4@37761 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-21 14:32:27 +00:00
Nikolay Bachiyski
e22ceae1b7 Admin: Escape attachment name in case it contains special characters
Merge of [37774] to the 4.4 branch.

Built from https://develop.svn.wordpress.org/branches/4.4@37785


git-svn-id: http://core.svn.wordpress.org/branches/4.4@37750 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-21 14:24:27 +00:00
Dominik Schilling
30bb01b2e4 Customize: Make sure that preview and return URLs are URLs.
Merge of [37527] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@37769


git-svn-id: http://core.svn.wordpress.org/branches/4.4@37734 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-21 14:18:30 +00:00
Boone Gorges
7f84cb69ea Taxonomy: More specific cap check when processing category data on post save.
Ports [37691] to the 4.4 branch.

Props dlh.
Fixes #36379.
Built from https://develop.svn.wordpress.org/branches/4.4@37767


git-svn-id: http://core.svn.wordpress.org/branches/4.4@37732 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-21 14:16:28 +00:00
Jeremy Felt
a0f643da35 Admin: Allow for the consistent filtering of auth_redirect_scheme
Merge of [37651] to the 4.4 branch.

See #37047.

Built from https://develop.svn.wordpress.org/branches/4.4@37758


git-svn-id: http://core.svn.wordpress.org/branches/4.4@37723 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-21 14:11:28 +00:00
Dominik Schilling
90afd7e46c Bump 4.4 branch to 4.4.3.
Built from https://develop.svn.wordpress.org/branches/4.4@37385


git-svn-id: http://core.svn.wordpress.org/branches/4.4@37351 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-06 18:11:55 +00:00
Nikolay Bachiyski
f3907c1da9 External Libraries: Update plupload from upstream
Built from https://develop.svn.wordpress.org/branches/4.4@37381


git-svn-id: http://core.svn.wordpress.org/branches/4.4@37347 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-06 18:00:51 +00:00
Dominik Schilling
b1e244d828 External Libraries: Update MediaElement.js from upstream.
Merge of [37370] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@37372


git-svn-id: http://core.svn.wordpress.org/branches/4.4@37338 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-06 17:53:28 +00:00