Commit Graph

2837 Commits

Author SHA1 Message Date
Andrew Nacin
9834e9993a Embeds: Enforce, via unit tests, the no-ampersand rule for wp-embed.js.
fixes #34698.

Built from https://develop.svn.wordpress.org/trunk@35762


git-svn-id: http://core.svn.wordpress.org/trunk@35726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-04 05:46:25 +00:00
Scott Taylor
8cf8e2c66d WP oEmbed: validate the secret send via postMessage in wp.receiveEmbedMessage. Also, compare window instances.
In the data sent to us from the embedded iframe by postMessage(), the secret value is being used directly in a document.querySelectorAll() call without first being validated or escaped.

In theory, this could lead to some broken embeds.

Props mdawaffe.
Fixes #34831.

Built from https://develop.svn.wordpress.org/trunk@35761


git-svn-id: http://core.svn.wordpress.org/trunk@35725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-03 20:17:25 +00:00
Andrew Ozz
50a5fbb269 Editor: remove wpLink dependency on jQuery UI.
Props afercia.
Fixes #34716.
Built from https://develop.svn.wordpress.org/trunk@35728


git-svn-id: http://core.svn.wordpress.org/trunk@35692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-22 19:27:26 +00:00
Gary Pendergast
603d3c0013 Embeds: Remove & characters from the inline embed JS.
Older versions of WordPress will convert those `&` characters to `&`, which makes for some non-functional JS. If folks are running an older release, let's not make their lives more difficult than it already is.

Props pento, peterwilsoncc.

See #34698.


Built from https://develop.svn.wordpress.org/trunk@35708


git-svn-id: http://core.svn.wordpress.org/trunk@35672 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-19 23:06:26 +00:00
Scott Taylor
f1d0763785 Comments: after [35593], extend support to IE8 and improve checking for elements hidden with CSS
Props afercia.
Fixes #29974.

Built from https://develop.svn.wordpress.org/trunk@35675


git-svn-id: http://core.svn.wordpress.org/trunk@35639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-18 19:15:28 +00:00
Ella Iseulde Van Dorpe
72f09b29df TinyMCE 4.2.8 update
Changelog: http://www.tinymce.com/develop/changelog/?ctrl=version&act=view&pr_id=1&vr_id=889

(No plugin, theme, skin or test changes)

Fixes #34671 and #34720.

Built from https://develop.svn.wordpress.org/trunk@35658


git-svn-id: http://core.svn.wordpress.org/trunk@35622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-17 23:19:01 +00:00
Gary Pendergast
9974c9b18d Emoji: Ensure twemoji kicks in on certain DOM mutations.
Twemoji will replace the `img` with the emoji character, in the event that the image fails to load. We deliberately avoid trying to change that emoji character when it's changed back. We do need to replace emoji characters that are changed by something other than Twemoji, which this rectifies.

Fixes #34640.


Built from https://develop.svn.wordpress.org/trunk@35637


git-svn-id: http://core.svn.wordpress.org/trunk@35601 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-14 09:52:29 +00:00
Gary Pendergast
6381e168b7 Pinking Shears: Remove some errant non-breaking spaces from a few JavaScript files.
Props francoisb.

Fixes #34658.


Built from https://develop.svn.wordpress.org/trunk@35627


git-svn-id: http://core.svn.wordpress.org/trunk@35591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-12 12:04:27 +00:00
Andrew Ozz
7e1c68ea78 TinyMCE:
- Fix the inline toolbar on images in iOS, move it out of the way so the default inline toolbar is not over it.
- Fix selecting images on touch in the editor (iOS Safari fails to select them most of the time).

Fixes #34557.
Built from https://develop.svn.wordpress.org/trunk@35607


git-svn-id: http://core.svn.wordpress.org/trunk@35571 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-11 03:27:25 +00:00
Gary Pendergast
d3f30288e9 Emoji: Use twemoji in browsers that don't support Unicode 8 emoji.
Some less advanced browsers are yet to add support for the important advances made in Unicode 8. Let's make ensure that their users can experience emoji in their full glory.

See #33592.


Built from https://develop.svn.wordpress.org/trunk@35606


git-svn-id: http://core.svn.wordpress.org/trunk@35570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-11 02:25:25 +00:00
Andrew Ozz
93fa052e49 TinyMCE: prevent resize handles in newer IE when inserting a wpView.
Fixes #29400.
Built from https://develop.svn.wordpress.org/trunk@35602


git-svn-id: http://core.svn.wordpress.org/trunk@35566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-10 19:33:26 +00:00
Andrew Ozz
8b3c5fb300 TinyMCE: always remove trailing <br> added by WebKit browsers to the clipboard.
Fixes #34642.
Built from https://develop.svn.wordpress.org/trunk@35597


git-svn-id: http://core.svn.wordpress.org/trunk@35561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-10 04:32:25 +00:00
Gary Pendergast
1f24f52673 Emoji: Add some new flags, and a handful from Unicode 8.0.
Including the following that should be used as often as possible:

U+1F1E6 U+1F1FA Flag for Australia
U+1F3CF Cricket Bat and Ball
U+1F32F Burrito

See #33592.


Built from https://develop.svn.wordpress.org/trunk@35596


git-svn-id: http://core.svn.wordpress.org/trunk@35560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-10 03:35:25 +00:00
Andrea Fercia
e6e4496822 Comments: in comment_form() when replying to a comment ensure to set focus on the first focusable form element, regardless of what that form element is.
Props azaozz.
See #29974.
Built from https://develop.svn.wordpress.org/trunk@35593


git-svn-id: http://core.svn.wordpress.org/trunk@35557 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-10 00:43:26 +00:00
Andrew Ozz
42a955a89b TinyMCE: update the keyboard shortcuts for the link dialog in the wplink plugin. Fixes Ctrl + Alt + A on MacOS.
Fixes #34636.
Built from https://develop.svn.wordpress.org/trunk@35589


git-svn-id: http://core.svn.wordpress.org/trunk@35553 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-09 21:32:28 +00:00
Gary Pendergast
a2349a2377 Embeds: Fix support for embedding in non-WordPress sites.
This moves the last of the iframe message code from PHP to JavaScript, so it can be included in any site, without needing to rely on any of WordPress' internal behaviour.

Props swissspidy.

Fixes #34451.


Built from https://develop.svn.wordpress.org/trunk@35577


git-svn-id: http://core.svn.wordpress.org/trunk@35541 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-09 00:08:27 +00:00
Andrew Ozz
9fb7dcc30d TinyMCE: update to 4.2.7. Changelog: http://www.tinymce.com/develop/changelog/?ctrl=version&act=view&pr_id=1&vr_id=888
Fixes #34620.
Built from https://develop.svn.wordpress.org/trunk@35574


git-svn-id: http://core.svn.wordpress.org/trunk@35538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-08 02:32:26 +00:00
Scott Taylor
175064637f Administration: when hiding the login modal and unbind the auth check, also unbind the heartbeat auth check.
Props nofearinc.
Fixes #28962.

Built from https://develop.svn.wordpress.org/trunk@35568


git-svn-id: http://core.svn.wordpress.org/trunk@35532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-07 16:22:25 +00:00
Scott Taylor
e649fabb6a Accessibility: add missing alt attributes to a gaggle of <img>s.
Props afercia.
Fixes #34583.

Built from https://develop.svn.wordpress.org/trunk@35567


git-svn-id: http://core.svn.wordpress.org/trunk@35531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-07 16:12:27 +00:00
Dominik Schilling
a3d58b3fbe Build Tools: Update the preserveComments option for uglify:jqueryui.
Uglify2 doesn't support the value "some" anymore. Replace it with the `/^!/` regex which produces the same output as before.

See https://build.trac.wordpress.org/changeset/35502 and https://build.trac.wordpress.org/changeset/35528.
Fixes #34177.
Built from https://develop.svn.wordpress.org/trunk@35564


git-svn-id: http://core.svn.wordpress.org/trunk@35528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-07 12:37:26 +00:00
Aaron Jorbin
d60ca2f758 Bump grunt-contrib-uglify to 0.10.0
This includes an update to the underlying version of uglify which causes all of the JS to be modified.

See #34177


Built from https://develop.svn.wordpress.org/trunk@35538


git-svn-id: http://core.svn.wordpress.org/trunk@35502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-05 17:47:30 +00:00
Andrea Fercia
d7485cf10b WP oEmbed: Improve the Sharing dialog accessibility.
Improves ARIA attributes, focus handling, and constrains tabbing within the modal dialog.

Fixes #34484.
Built from https://develop.svn.wordpress.org/trunk@35492


git-svn-id: http://core.svn.wordpress.org/trunk@35456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-03 15:49:27 +00:00
Scott Taylor
382d455235 WP oEmbed: Improve height attribute sanitization
Props afercia, swissspidy.
Fixes #34527.

Built from https://develop.svn.wordpress.org/trunk@35478


git-svn-id: http://core.svn.wordpress.org/trunk@35442 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-31 20:39:25 +00:00
Gary Pendergast
21393df10e Embeds: Add fallbacks for IE7-9.
Older IE versions need just that little bit of extra tender care to keep them going.

Props peterwilsoncc, swissspidy, pento.

Fixes #34204.


Built from https://develop.svn.wordpress.org/trunk@35466


git-svn-id: http://core.svn.wordpress.org/trunk@35430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-31 04:38:25 +00:00
Gary Pendergast
368e5f9fc3 Embeds: Provide a cached text fallback.
Sometimes, embedded sites might suffer from less than 100% uptime. Instead of leaving the embedding site with a big blank space where the embed should be, let's fall back to a link to the embedded post, so there's at least some context for the post.

Fixes #34462.


Built from https://develop.svn.wordpress.org/trunk@35437


git-svn-id: http://core.svn.wordpress.org/trunk@35401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-29 23:11:24 +00:00
Scott Taylor
f507751a40 Thickbox: spinner should disappear when loading is done.
Props niklasbr, afercia.
Fixes #33311.

Built from https://develop.svn.wordpress.org/trunk@35418


git-svn-id: http://core.svn.wordpress.org/trunk@35382 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-28 18:19:26 +00:00
Sergey Biryukov
ae58f104cb Embeds: Rename TinyMCE wpoembed plugin to wpembed.
Props swissspidy.
Fixes #34272.
Built from https://develop.svn.wordpress.org/trunk@35397


git-svn-id: http://core.svn.wordpress.org/trunk@35361 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-26 14:50:26 +00:00
Andrea Fercia
930a688e17 Customizer: remove the title attribute from the Preview html element while loading.
Props mehulkaklotar.

Fixes #33250.
Built from https://develop.svn.wordpress.org/trunk@35391


git-svn-id: http://core.svn.wordpress.org/trunk@35355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-25 15:14:26 +00:00
Andrew Ozz
4cdddd401a TinyMCE:
- Sanitize and render HTML in captions when showing a gallery preview (wpView).
- Encode/escape HTML entered in the text field in the wpLink dialog.

Props iseulde, kraftbj, jnylen0, shawarkhan.
Fixes #32616.
Built from https://develop.svn.wordpress.org/trunk@35341


git-svn-id: http://core.svn.wordpress.org/trunk@35307 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-21 20:38:26 +00:00
Helen Hou-Sandí
28c77bec72 RIP #21759b, the old WordPress Blue.
The final lingering instances were all for hidden accessibility helper text.

fixes #34388.

Built from https://develop.svn.wordpress.org/trunk@35340


git-svn-id: http://core.svn.wordpress.org/trunk@35306 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-21 18:36:28 +00:00
Andrew Ozz
3451251548 TinyMCE: update to 4.2.6. Changelog: http://www.tinymce.com/develop/changelog/?ctrl=version&act=view&pr_id=1&vr_id=887.
Fixes #34331.
Built from https://develop.svn.wordpress.org/trunk@35306


git-svn-id: http://core.svn.wordpress.org/trunk@35272 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-20 22:06:24 +00:00
Ella Iseulde Van Dorpe
9845e08340 TinyMCE: Drag and drop link with image
Make sure images don't loose their link after drag and drop.

Fixes #28272.

Built from https://develop.svn.wordpress.org/trunk@35261


git-svn-id: http://core.svn.wordpress.org/trunk@35227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-18 11:05:23 +00:00
Ella Iseulde Van Dorpe
47e364de42 Admin: fix repositioning notices
Fixes #34294.
Props afercia.

Built from https://develop.svn.wordpress.org/trunk@35238


git-svn-id: http://core.svn.wordpress.org/trunk@35204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-17 07:04:26 +00:00
Sergey Biryukov
a908d2d4b1 Embeds: Rename files, functions, and hooks added in [34903] to make it more clear what is oEmbed-specific and what isn't.
See https://core.trac.wordpress.org/ticket/34272#comment:7 for full list of renamed functions and hooks.

Props swissspidy.
Fixes #34272.
Built from https://develop.svn.wordpress.org/trunk@35235


git-svn-id: http://core.svn.wordpress.org/trunk@35201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-17 01:21:25 +00:00
Ella Iseulde Van Dorpe
bafdd96ebf TinyMCE: add lang attribute
This is needed to make `hyphens: auto;` work correctly.

Fixes #32555.

Built from https://develop.svn.wordpress.org/trunk@35217


git-svn-id: http://core.svn.wordpress.org/trunk@35183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-16 10:11:27 +00:00
Ella Iseulde Van Dorpe
ef01315cac TinyMCE: make sure markers are removed after first init
This is only relevant to non embeddable URLs.
After first init, markers were set but not removed,
causing an edited URL to revert when switching to text mode
or any paragraph after the URL to just contain that URL.

Fixes #33954.

Built from https://develop.svn.wordpress.org/trunk@35216


git-svn-id: http://core.svn.wordpress.org/trunk@35182 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-16 05:43:26 +00:00
Ella Iseulde Van Dorpe
3eb4a57c27 TinyMCE: make captioned images draggable
See #28003.

Built from https://develop.svn.wordpress.org/trunk@35199


git-svn-id: http://core.svn.wordpress.org/trunk@35165 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-15 15:20:25 +00:00
Andrew Ozz
8dd2a31c38 Plupload: update to 2.1.8. Changelog: https://github.com/moxiecode/plupload/releases.
Hide the editor uploader overlay on all drop events in the window, not only when dropping on the editor uploader element.


Fixes #34251, #22403.
Built from https://develop.svn.wordpress.org/trunk@35019


git-svn-id: http://core.svn.wordpress.org/trunk@34984 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-10 23:50:25 +00:00
John Blackbourn
7b230cafab Abstract the shortcode attribute parsing regex into its own function, update the JavaScript counterpart, and introduce a test to ensure they do not diverge again.
Fixes #34191
Props miqrogroove, johnbillion

Built from https://develop.svn.wordpress.org/trunk@34933


git-svn-id: http://core.svn.wordpress.org/trunk@34898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 03:12:24 +00:00
Gary Pendergast
83c3e3e00e Embeds: Add oEmbed provider support.
For the past 6 years, WordPress has operated as an oEmbed consumer, allowing users to easily embed content from other sites. By adding oEmbed provider support, this allows any oEmbed consumer to embed posts from WordPress sites.

In addition to creating an oEmbed provider, WordPress' oEmbed consumer code has been enhanced to work with any site that provides oEmbed data (as long as it matches some strict security rules), and provides a preview from within the post editor.

For security, embeds appear within a sandboxed iframe - the iframe content is a template that can be styled or replaced entirely by the theme on the provider site.

Props swissspidy, pento, melchoyce, netweb, pfefferle, johnbillion, extendwings, davidbinda, danielbachhuber, SergeyBiryukov, afercia

Fixes #32522.


Built from https://develop.svn.wordpress.org/trunk@34903


git-svn-id: http://core.svn.wordpress.org/trunk@34868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 10:36:25 +00:00
Scott Taylor
c32357a900 External Libraries: update json2.js to the 2015-05-03 version. Crockford does not tag releases: https://github.com/douglascrockford/JSON-js/commits/master
Props mgibbs189, chriscct7.
Fixes #26913.

Built from https://develop.svn.wordpress.org/trunk@34863


git-svn-id: http://core.svn.wordpress.org/trunk@34828 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 14:02:25 +00:00
Scott Taylor
b20e8dbf69 MediaElement, update wp-mediaelement.js:
* create a public `initialize` method on the `wp.mediaelement` namespace
* make it idempotent to prevent nasty side-effects caused by initializing media elements more than once

Props bradyvercher.	
Fixes #32423.

Built from https://develop.svn.wordpress.org/trunk@34346


git-svn-id: http://core.svn.wordpress.org/trunk@34310 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-20 03:17:24 +00:00
Scott Taylor
d2578f84d1 MediaElement: apply monkey patch to include a PR which fixes a breaking change made upstream on a public interface:
ccba8d0b6a

Props bradyvercher.
Fixes #33798.

Built from https://develop.svn.wordpress.org/trunk@34339


git-svn-id: http://core.svn.wordpress.org/trunk@34303 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-20 02:31:24 +00:00
Andrew Ozz
1b24c98739 TinyMCE: remove word-break: break-word; from the default editor CSS to prevent irregular spaces when typing in RTL languages.
Props iehsanir, alireza1375, ankit-k-gupta.
Fixes #33868.
Built from https://develop.svn.wordpress.org/trunk@34317


git-svn-id: http://core.svn.wordpress.org/trunk@34281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-18 23:58:26 +00:00
Scott Taylor
6759f04a24 Media JS: ensure that wp.media.frame (a static reference to the "current" Frame) is reset when a cached frame is opened.
Fixes #33458.

Built from https://develop.svn.wordpress.org/trunk@34254


git-svn-id: http://core.svn.wordpress.org/trunk@34218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-17 00:10:26 +00:00
Dominik Schilling
d36ffeb160 Passwords: Trigger a wp-check-valid-field event when the password field is filled with a password by generatePassword().
Updates event handler in `wpAjax.invalidateForm()` to support `wp-check-valid-field`.

See #33406.
Built from https://develop.svn.wordpress.org/trunk@34114


git-svn-id: http://core.svn.wordpress.org/trunk@34082 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 10:39:27 +00:00
Andrew Ozz
a69e71fafe Settings, password field: fix placement of the error icon and removal of the error class.
Props liljimmi, adamsilverstein.
Fixes #33406 for trunk.
Built from https://develop.svn.wordpress.org/trunk@34068


git-svn-id: http://core.svn.wordpress.org/trunk@34036 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-12 00:10:25 +00:00
Scott Taylor
fa7bc4fda0 Upgrade MediaElement to 2.18.1 - monkey-patches to allow H264 in Chromium.
Changelog: https://github.com/johndyer/mediaelement/compare/2.17.0...2.18.1

See #33798.

Built from https://develop.svn.wordpress.org/trunk@34050


git-svn-id: http://core.svn.wordpress.org/trunk@34018 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 18:35:26 +00:00
Scott Taylor
8ec224c2f9 Revert [34009], broke uploads.
See #24934.


Built from https://develop.svn.wordpress.org/trunk@34047


git-svn-id: http://core.svn.wordpress.org/trunk@34015 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 18:04:26 +00:00
John Blackbourn
9bf86a74d0 Set the secure flag on the wp-saving-post cookie when using HTTPS.
This cookie doesn't contain any sensitive information, but this change brings its behaviour in line with all other core cookies.

Fixes #31056

Built from https://develop.svn.wordpress.org/trunk@34027


git-svn-id: http://core.svn.wordpress.org/trunk@33996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 22:42:23 +00:00