`wp_get_attachment_url()`, via `wp_upload_dir()`, uses 'siteurl' to generate
attachment URLs. When a site is SSL-optional on the front end - ie, 'siteurl'
is non-HTTPS, but SSL is available - a number of situations can arise where
non-HTTPS attachment URLs cause browser mixed-content warnings:
a) SSL is forced in the admin and `wp_get_attachment_url()` is used to generate the `<img>` tag for an inserted image. In these cases, the post content will contain non-HTTPS. Viewing/editing this post in the Dashboard will result in non-HTTPS images being served in an SSL environment.
b) `wp_get_attachment_url()` is used in a theme to generate an `<img>` `src` attribute on a public page. When viewing that page over SSL, the images will have HTTP URLs.
This changeset switches attachment URLs to HTTPS when it's determined that the
host supports SSL. This happens when 'siteurl' is non-SSL, but the current page
request *is* over SSL, and the host of the current request matches the host of
the URL being generated.
Props joemcgill, boonebgorges.
Fixes#15928.
Built from https://develop.svn.wordpress.org/trunk@31614
git-svn-id: http://core.svn.wordpress.org/trunk@31595 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Improve handling of the data, both from the bookmarklet and from server-side parsing.
- Standardize on processing the data in PHP and remove duplicate code from JS.
- Improve the bookmarklet code and remove pre-filtering of the data.
Part props stephdau, see #31373.
Built from https://develop.svn.wordpress.org/trunk@31609
git-svn-id: http://core.svn.wordpress.org/trunk@31590 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The accessibility helpers previously processed all items when editing a menu, which was quite slow to the point of being unresponsive for large menus. They now only process items when they are expanded or a user comes near them in some way, such as hover or focus.
Also simplifies a redundant set of click event handlers down to one, which further enhances performance.
props atimmer, sevenspark.
fixes#25698.
Built from https://develop.svn.wordpress.org/trunk@31604
git-svn-id: http://core.svn.wordpress.org/trunk@31585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Simplify `getSuggestedContent()` and helpers. No need to override the global `data`.
- Replace the `press_this_source_string` and `press_this_source_link` filters with `press_this_suggested_html` that allows filtering of the link and the wrapper HTML tags.
See #31373.
Built from https://develop.svn.wordpress.org/trunk@31595
git-svn-id: http://core.svn.wordpress.org/trunk@31576 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Add missing actions for printing styles/scripts.
* Since `$hook_suffix` is null, hardcode `press-this.php`.
* Restore body classes, add filter.
* Use boolean value instead of `__return_false()`.
* Use `wp_json_encode()`.
* Update docs for filters in script-loader.php.
* Make `<a href="%1$s">%2$s</a>` not translatable.
see #31373.
Built from https://develop.svn.wordpress.org/trunk@31588
git-svn-id: http://core.svn.wordpress.org/trunk@31569 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While RFC 3986 does not specify which character sets are allowed in URIs, Section 2.5 states that octects matching UTF-8 character encoding should be percent-encoded, then unreserved octets outside of the UTF-8 range should be percent-encoded. As browsers tend to only implement support for UTF-8 in URLs, this change only implements the UTF-8 encoding part. We may revisit the second part if it becomes an issue.
Fixes#31486
Built from https://develop.svn.wordpress.org/trunk@31587
git-svn-id: http://core.svn.wordpress.org/trunk@31568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The existing 'wp_get_object_terms' filter accepts a parameter `$taxonomies`,
which is a list of taxonomy names formatted for direct use in a MySQL IN clause.
This formatting makes it difficult to make use of the taxonomy list in filter
callbacks. However, changing the parameters passed to the existing filter
raises backward compatibility concerns, so we introduce a new filter that
receives a structured `$taxonomy_array` parameter.
We also take this opportunity to correct and clean up some of the documentation
on the 'wp_get_object_terms' filter.
Props postpostmodern, doublesharp, wonderboymusic, nacin.
Fixes#18828.
Built from https://develop.svn.wordpress.org/trunk@31581
git-svn-id: http://core.svn.wordpress.org/trunk@31562 1a063a9b-81f0-0310-95a4-ce76da25c4cd
CSSJanus (introduced in [26107]), we had a great time with you, but sadly you don't like our fancy CSS.
RTLCSS is a framework for converting CSS from LTR to RTL, same as CSSJanus, with support for more CSS properties like `transform`, `transition` or multiple box and text shadows.
Changes:
* devDependencies: Remove `grunt-cssjanus`, add `grunt-rtlcss`.
* RTLCSS uses `/* rtl:ignore */` to ignore a rule, switch existing `/* @noflip */` to the new directive.
* RTLCSS supports the `transform` property, means we can remove some ignore rules.
* RTLCSS supports string maps for custom replace rules. This commit includes a rule `import-rtl-stylesheet` which replaces ".css" with "-rtl.css" in URLs.
Notes for core development:
* The file generation task is still `grunt rtl`.
* If you have used `grunt cssjanus` before, use `grunt rtlcss` now.
* Remember the new directive `/* rtl:ignore */`.
fixes#31332.
Build: https://build.trac.wordpress.org/changeset/31554
Built from https://develop.svn.wordpress.org/trunk@31573
git-svn-id: http://core.svn.wordpress.org/trunk@31554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Add missing form labels.
- Add some screen-reader-text and aria-hidden attributes.
- Focus handling improvements.
- Change tagcloud-link into a button.
- Add missing ID attribute in tools.php.
Props afercia. Fixes#31449.
Built from https://develop.svn.wordpress.org/trunk@31566
git-svn-id: http://core.svn.wordpress.org/trunk@31547 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* In `grid` mode, when the page loads and `s` is in the URL, all attachments are loaded and then the search value is set, which will filter the attachments. If the page loads with the attachments already filtered, the library will have to be requery'd to get the full set, which will require weirder code.
* When a user searches, the mode-switcher link for `list` view is updated dynamically to represent the current `location.href` in the proper `mode=` and `s=` context.
Fixes#30583.
Built from https://develop.svn.wordpress.org/trunk@31562
git-svn-id: http://core.svn.wordpress.org/trunk@31543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This new update includes the following changes:
* The tools directory can now be patched along with a handful of other root level files that were failing
* If patching fails or otherwise issues a prompt, you can now interact with the prompt
* Only save the watch file to your directory if you pass the --debug flag
* Default to selecting the newest patch rather then the oldest patch
props ocean90 ntwb kadamwhite aaronjorbin
Fixes#31466
Built from https://develop.svn.wordpress.org/trunk@31557
git-svn-id: http://core.svn.wordpress.org/trunk@31538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Users are frequently confused as to why the content they've entered or the page template they've selected doesn't apply for this one page. Showing and saving items that don't do anything hurts trust.
Developers can elect to turn on the editor should they be using it for something. If the content isn't empty, the editor will show so that users still have access to their content.
props alexkingorg for the initial, long-suffering patch.
fixes#17470.
Built from https://develop.svn.wordpress.org/trunk@31550
git-svn-id: http://core.svn.wordpress.org/trunk@31531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Better structure, simpler "view" registration, better extensibility.
- Better inline documentation.
- Don't show a placeholder for pasted link until we know the link is "embeddable'.
And many more improvements. Props iseulde. See #31412.
Built from https://develop.svn.wordpress.org/trunk@31546
git-svn-id: http://core.svn.wordpress.org/trunk@31527 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Adds a file header separate from the `WP_Customize_Setting` class block
* Fixes formatting for the `WP_Customize_Setting`, `WP_Customize_Filter_Setting`, `WP_Customize_Header_Image_Setting`, and `WP_Customize_Background_Image_Setting` class DocBlocks.
See #31446.
Built from https://develop.svn.wordpress.org/trunk@31543
git-svn-id: http://core.svn.wordpress.org/trunk@31524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Adds a file header separate from the `WP_Customize_Control` class block
* Fixes formatting for the `WP_Customize_Control`, `WP_Customize_Color_Control`, `WP_Customize_Upload_Control`, `WP_Customize_Image_Control`, `WP_Customize_Background_Image_Control`, `WP_Customize_Theme_Control`, `WP_Customize_New_Theme_Control`, `WP_Widget_Area_Customize_Control`, and `WP_Widget_Form_Customize_Control` class DocBlocks.
* Adds a missing class DocBlock for `WP_Customize_Header_Image_Control`
See #31446.
Built from https://develop.svn.wordpress.org/trunk@31539
git-svn-id: http://core.svn.wordpress.org/trunk@31520 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Hard-code the minified bookmarklet js. Adding the non-minified bookmarklet to the browser bookmarks bar may have unexpected effect.
- Fix type juggling when checking the bookmarklet version.
Props stephdau, see #31373.
Built from https://develop.svn.wordpress.org/trunk@31535
git-svn-id: http://core.svn.wordpress.org/trunk@31516 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Brings into core the Customizer Theme Switcher feature plugin
* You can now browse, preview, and activate themes right from the Customizer
fixes#31303.
props celloexpressions, afercia, westonruter, folletto, designsimply
Built from https://develop.svn.wordpress.org/trunk@31533
git-svn-id: http://core.svn.wordpress.org/trunk@31514 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These actions are fired in a number of different places, and in some cases
the tax name is passed, while in others the taxonomy object is passed. This
inconsistency made it difficult for plugins to use the `$taxonomy` value.
Props ipm-frommen.
Fixes#30999.
Built from https://develop.svn.wordpress.org/trunk@31525
git-svn-id: http://core.svn.wordpress.org/trunk@31506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Add labels previously missing for many inputs throughout the network admin screen.
* Add proper `aria-describedby` attributes to provide better descriptions.
* Wrap grouped inputs with `fieldset` elements.
* Remove now unneeded `title` attributes when appropriate.
Props cfoellmann, afercia, rianrietveld.
Fixes#38406.
Built from https://develop.svn.wordpress.org/trunk@31517
git-svn-id: http://core.svn.wordpress.org/trunk@31498 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, if “No role on this site” was assigned to a user AND that user did not have an empty role array stored for the site, the `$blog_prefix . ‘capabilities’` meta for that user would be deleted completely after changes to the user were saved. Any custom capabilities stored (i.e. `$user->add_role()`) would be removed as well.
This removes the code controlling the old WPMU handling of “no role” and allows custom stored capabilities to remain. Users with no role and custom capabilities will now appear in the users list table with “None” as the role.
In the process we’re able to better clarify the multisite specific pieces that do occur.
Props PeteMall, jeremyfelt.
Fixes#18934.
Built from https://develop.svn.wordpress.org/trunk@31516
git-svn-id: http://core.svn.wordpress.org/trunk@31497 1a063a9b-81f0-0310-95a4-ce76da25c4cd