Dominik Schilling
3f478808ae
Embeds: URL encode YouTube video IDs for broader compatibility.
...
Merge of [40160] to the 4.4 branch.
Built from https://develop.svn.wordpress.org/branches/4.4@40164
git-svn-id: http://core.svn.wordpress.org/branches/4.4@40103 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-06 12:06:34 +00:00
Pascal Birchler
0a517e47ec
Embeds: Improve performance when embedding a post from the current site.
...
When the post being embedded is from the same site, there's no reason to do an HTTP request for it. The data can be fetched directly using `get_oembed_response_data()`.
Merge of [37708], [37710] and [37729] to the 4.4 branch.
Fixes #36767 .
Built from https://develop.svn.wordpress.org/branches/4.4@37798
git-svn-id: http://core.svn.wordpress.org/branches/4.4@37763 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-21 14:42:29 +00:00
Pascal Birchler
eb51235b19
Embeds: Improve how iframes are loaded after being initially hidden.
...
Use a more accessible way to initially hide the iframe. After that, only display an iframe when it was successfully loaded.
Merge of [36648] and [36708] to the 4.4 branch.
Fixes #35894 .
Built from https://develop.svn.wordpress.org/branches/4.4@37093
git-svn-id: http://core.svn.wordpress.org/branches/4.4@37060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-30 10:57:27 +00:00
Gary Pendergast
9f78d3f9c3
Embeds: Don't show embed discovery link on a static front page.
...
There's currently no iframe content being generated for a static front page. Giving out a link to that isn't an ideal user experience.
Props peterwilsoncc.
Merge of [36059] to the 4.4 branch.
Fixes #35194 .
Built from https://develop.svn.wordpress.org/branches/4.4@36060
git-svn-id: http://core.svn.wordpress.org/branches/4.4@36025 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-22 10:55:26 +00:00
Scott Taylor
8cf8e2c66d
WP oEmbed: validate the secret
send via postMessage
in wp.receiveEmbedMessage
. Also, compare window
instances.
...
In the data sent to us from the embedded iframe by postMessage(), the secret value is being used directly in a document.querySelectorAll() call without first being validated or escaped.
In theory, this could lead to some broken embeds.
Props mdawaffe.
Fixes #34831 .
Built from https://develop.svn.wordpress.org/trunk@35761
git-svn-id: http://core.svn.wordpress.org/trunk@35725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-03 20:17:25 +00:00
Dominik Schilling
22fe87c3b3
Build: Update source for includes:embed
after [35718].
...
See #33413 .
Built from https://develop.svn.wordpress.org/trunk@35720
git-svn-id: http://core.svn.wordpress.org/trunk@35684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-20 15:37:26 +00:00
Andrew Nacin
1579e45d41
Simplify the include graph after work to split out classes.
...
see #33413 . More details there.
Built from https://develop.svn.wordpress.org/trunk@35718
git-svn-id: http://core.svn.wordpress.org/trunk@35682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-20 07:24:30 +00:00