Commit Graph

36178 Commits

Author SHA1 Message Date
Rachel Baker
df256f9fee REST API: Remove errant annotation from test_get_items_pagination_headers() method.
Removes the debugging group notation left in the `WP_Test_REST_Users_Controller` and `WP_Test_REST_Posts_Controller` classes pagination headers method. Introduced in [38832].

Props sanket.parmar.
Fixes #39398.

Built from https://develop.svn.wordpress.org/trunk@39643


git-svn-id: http://core.svn.wordpress.org/trunk@39583 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-27 18:04:43 +00:00
Rachel Baker
82c7fd2493 Comments: Fix placement of the wp_update_comment_data filter to safeguard filtered data from triggering a database error.
Introduced in [38674], the `wp_update_comment_data` filter took place after the `$data` was sliced and prepared for the database update statement. The location of the filter assumed the result of anyone applying it would not change the data type or make structural modifications or additions to the $data array. 😅

This moves the `wp_update_comment_data` filter to take place before the `$data` is sliced and prepared for the database update statement.

Props dshanske for initial patch.

Fixes #39380.

Built from https://develop.svn.wordpress.org/trunk@39640


git-svn-id: http://core.svn.wordpress.org/trunk@39580 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-27 17:22:45 +00:00
John Blackbourn
80a839de13 Docs: Misc corrections and additions to inline documentation.
See #39130
Props keesiemeijer

Built from https://develop.svn.wordpress.org/trunk@39639


git-svn-id: http://core.svn.wordpress.org/trunk@39579 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-27 09:28:40 +00:00
John Blackbourn
d327c92e4b Docs: Add and correct @since docs for a variety of functions and methods.
Props keesiemeijer, chris_dev
Fixes #39343, #39357, #39344
See #39130

Built from https://develop.svn.wordpress.org/trunk@39638


git-svn-id: http://core.svn.wordpress.org/trunk@39578 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-27 09:21:44 +00:00
Boone Gorges
a3ea7ea2e9 Taxonomy: Eliminate redundant and inaccurate dupe check when creating categories from post.php.
The `term_exists()` check is not needed because of existing dupe
checks in `wp_insert_term()`. Furthermore, `term_exists()` conflates
term names and sanitized slugs, so incorrectly marks terms like
'C' and 'C+' as duplicates of one another.

Props garyc40, SergeyBiryukov, kovshenin, MikeHansenMe.
Fixes #16567.
Built from https://develop.svn.wordpress.org/trunk@39637


git-svn-id: http://core.svn.wordpress.org/trunk@39577 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-23 03:11:40 +00:00
Boone Gorges
af885f45cf Query: Improve documentation for orderby=relevance in WP_Query.
Props dots.
Fixes #39336.
Built from https://develop.svn.wordpress.org/trunk@39636


git-svn-id: http://core.svn.wordpress.org/trunk@39576 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-23 02:31:41 +00:00
David A. Kennedy
7a8e17d50a Twenty Seventeen: Fix incorrect $content_width value in theme
This addresses a major bug. Incorrectly setting the `$content_width` causes media embeds to end up with the wrong aspect ratio, among other issues. This fix uses `template_redirect`,  to ensure conditional theme tags can be used. It also defines a default value at `after_theme_setup` so that plugins have something to work with at `init`.

Props sstoqnov, laurelfulford, obenland.

Fixes #39272.

Built from https://develop.svn.wordpress.org/trunk@39635


git-svn-id: http://core.svn.wordpress.org/trunk@39575 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-22 23:24:44 +00:00
Gary Pendergast
443bcb03bd Tests: Restore the database connection earlier when switching test groups.
When plugins don't disable the `backupGlobals` PHPUnit option in their own tests, `$wpdb` is backed up and restored between classes of tests. The serialisation process used for this broke the database connection. This previously wasn't a problem, as it was reconnecting before each test.

[38398] introduced some changes that required the connection to be available in `setUpBeforeClass()`, earlier than in was previously reconnecting. This didn't cause warnings in Core, but it did cause warnings for plugins that don't disable the `backupGlobals` option.

The database connection now reconnects in `setUpBeforeClass()`. This change also fixes a few Core tests that weren't calling `parent::setUpBeforeClass()` or `parent::tearDown()` correctly.

Fixes #39327.


Built from https://develop.svn.wordpress.org/trunk@39626


git-svn-id: http://core.svn.wordpress.org/trunk@39566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-21 04:59:43 +00:00
Boone Gorges
3ef41856bb Taxonomy: Ensure that mods to query vars in pre_term_query callbacks have an effect.
Previously, it was possible to modify the `query_vars` array, but
the changes would be ignored after `pre_term_query` had finished
running.

Props jfarthing84.
Fixes #39354.
Built from https://develop.svn.wordpress.org/trunk@39625


git-svn-id: http://core.svn.wordpress.org/trunk@39565 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-21 03:02:40 +00:00
David A. Kennedy
4177e37593 Twenty Seventeen: Hardens the logic for calling featured image in header.php
This change uses `get_queried_object_id()` here since the `$post` global may not be set before a call to `the_post()`.

Props westonruter.

Fixes #39302.

Built from https://develop.svn.wordpress.org/trunk@39624


git-svn-id: http://core.svn.wordpress.org/trunk@39564 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-20 23:00:43 +00:00
David A. Kennedy
7d70dabf59 Twenty Seventeen: Ensure functions in customize-controls.js don't count on Customizer sections always being present
Before, the code assumed the `theme_options` section is always present, but it can be removed by plugins. This way, if it is, no JavaScript errors occur.

Props westonruter.

Fixes #39335.

Built from https://develop.svn.wordpress.org/trunk@39623


git-svn-id: http://core.svn.wordpress.org/trunk@39563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-20 22:17:40 +00:00
Weston Ruter
f7ba137f19 Customize: Fix visible edit shortcuts for wp_nav_menu() instances using the menu arg (such as in the Custom Menu widget) instead of the theme_location arg.
Also fix logic for `focus-control-for-setting` handler to focus on the first control (lowest `priority` value) associated with a given setting instead of the last control encountered when iterating over all controls, as this ensures the first control in a `nav_menu` section is focused rather than the last one.

Props westonruter, sirbrillig.
See #27403.
Fixes #39101.

Built from https://develop.svn.wordpress.org/trunk@39622


git-svn-id: http://core.svn.wordpress.org/trunk@39562 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-20 22:05:43 +00:00
James Nylen
5b39869860 REST API: Improve the rest_*_collection_params filter docs and fix the terms filter.
The `rest_{$taxonomy}_collection_params` filter in 4.7 is incorrectly using
single quotes instead of double quotes, which means it is not working correctly
as a dynamic filter.  This fixes the quotes around the filter name, and also
updates the docblocks for the other 3 similar filters for better conformance to
the documentation standards.

Props shazahm1hotmailcom, JPry, jnylen0.
Fixes #39300.

Built from https://develop.svn.wordpress.org/trunk@39621


git-svn-id: http://core.svn.wordpress.org/trunk@39561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-20 01:37:40 +00:00
James Nylen
d515e20a1a REST API: Fix PHP warnings when get_theme_support( 'post-formats' ) is not an array.
If `add_theme_support( 'post-formats' )` is called with no additional
arguments, then `get_theme_support( 'post-formats' )` returns `true` rather
than an array of supported formats.  Avoid generating PHP warnings in this
situation.

Props dreamon11, ChopinBach.
Fixes #39293.

Built from https://develop.svn.wordpress.org/trunk@39620


git-svn-id: http://core.svn.wordpress.org/trunk@39560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-20 00:56:44 +00:00
Ella Iseulde Van Dorpe
c7988f1f03 Editor: Let the Add New link disappear in DFW mode.
The link was moved outside the heading in [38983].

Fixes #39313 for trunk.


Built from https://develop.svn.wordpress.org/trunk@39619


git-svn-id: http://core.svn.wordpress.org/trunk@39559 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-17 10:23:43 +00:00
David A. Kennedy
7ad554f955 Twenty Seventeen: Improves code readability and code standards in files
Adds better DocBlock comments and fixes some spacing issues based on PHP_CodeSniffer WordPress coding standards.

Props sstoqnov.

Fixes #39152.

Built from https://develop.svn.wordpress.org/trunk@39618


git-svn-id: http://core.svn.wordpress.org/trunk@39558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-16 22:08:47 +00:00
Joe McGill
efb191c2ed Media: Allow PDF fallbacks filter to process custom sizes.
This fixes an oversight in [39246], which added a hook for filtering
the array of sizes used for PDF thumbnails, but failed to provide a way
for sizes added through `add_image_size()` to be processed.

Props gitlost.
Fixes #39231. See #38594.
Built from https://develop.svn.wordpress.org/trunk@39617


git-svn-id: http://core.svn.wordpress.org/trunk@39557 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-16 20:30:42 +00:00
Weston Ruter
15ddaa269e Customize: Bump wp_custom_css_cb from running at wp_head priority 11 to 101 to ensure Custom CSS overrides other CSS.
Aligns `wp_head` action priority with Jetpack's Custom CSS.

Amends [38829].
See #35395, #38672.
Fixes #39270.

Built from https://develop.svn.wordpress.org/trunk@39616


git-svn-id: http://core.svn.wordpress.org/trunk@39556 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-16 07:29:42 +00:00
Dion Hulse
1d342fcdc6 Feeds: Replace the RSS2 lastBuildDate date field with the r date specifier.
See #39141.

Built from https://develop.svn.wordpress.org/trunk@39614


git-svn-id: http://core.svn.wordpress.org/trunk@39554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-16 06:42:40 +00:00
Dion Hulse
f794939ed3 Feeds: Do not translate the lastBuildDate field in RSS feeds.
Props stevenkword, dd32.
Fixes #39141

Built from https://develop.svn.wordpress.org/trunk@39613


git-svn-id: http://core.svn.wordpress.org/trunk@39553 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-16 06:39:41 +00:00
Dion Hulse
c92e916866 Media: Move a variable definition outside of conditionals to ensure it's always available.
This fixes cases where the URL to a PDF preview may be incorrectly calculated when no thumbnails were generated for the PDF (and avoids a PHP Notice at the same time).

Fixes #39250.

Built from https://develop.svn.wordpress.org/trunk@39612


git-svn-id: http://core.svn.wordpress.org/trunk@39552 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-16 06:21:41 +00:00
Adam Silverstein
bc7a03a33b WP-API: JavaScript client - fix setup of models used by wp.api.collections objects.
Correct setup for the `model` attribute of `wp.api.collections` objects. Set the collection model as a function that returns a new model of the underlying type, instead of setting it as the model prototype. Fixes an issue where models for fetched collections weren't set up properly and didn't have the expected mixin methods such as `getCategories` available.

Props jesseenterprises.
Fixes #39070.

Built from https://develop.svn.wordpress.org/trunk@39603


git-svn-id: http://core.svn.wordpress.org/trunk@39543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-15 12:54:42 +00:00
Ella Iseulde Van Dorpe
4ec102c189 Editor: Remove target=_blank when unchecked in the link modal.
Fixes #39276 for trunk.


Built from https://develop.svn.wordpress.org/trunk@39601


git-svn-id: http://core.svn.wordpress.org/trunk@39541 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-14 20:30:44 +00:00
John Blackbourn
4548b08236 General: Use interpolation instead of concatenation for all dynamic hook names.
This fixes the rendering of the hook names on developer.wordpress.org.

Props keesiemeijer
Fixes #39148

Built from https://develop.svn.wordpress.org/trunk@39600


git-svn-id: http://core.svn.wordpress.org/trunk@39540 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-14 04:18:42 +00:00
John Blackbourn
efa99585e3 Posts, Post Types: Ensure is_page_template() can only return true when viewing a singular post query.
Props natereist, dlh
Fixes #39211

Built from https://develop.svn.wordpress.org/trunk@39599


git-svn-id: http://core.svn.wordpress.org/trunk@39539 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-14 03:43:43 +00:00
James Nylen
505e135f4c REST API: Add support for filename search in media endpoint.
In [38625], the functionality to search for attachments by filename was added
via the `posts_clauses` filter and the `_filter_query_attachment_filenames()`
function.  This moves `_filter_query_attachment_filenames()` from
`wp-admin/includes/post.php` to `wp-includes/post.php` so that it can be
applied in the same manner in the REST API media endpoint.

Props jblz, tyxla.
Fixes #39092.

Built from https://develop.svn.wordpress.org/trunk@39598


git-svn-id: http://core.svn.wordpress.org/trunk@39538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-13 14:09:42 +00:00
James Nylen
7cc41e47ac REST API: Allow sending an empty or no-op comment update.
In general, updates that don't actually change anything should succeed.
[39371] added tests for other object types, and this commit fixes empty updates
for comments and adds the missing test.

Fixes #38700.

Built from https://develop.svn.wordpress.org/trunk@39597


git-svn-id: http://core.svn.wordpress.org/trunk@39537 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-13 13:53:45 +00:00
Gary Pendergast
7d9b5b14b5 Libraries: Update zxcvbn from version 1.0 to 4.4.1
This includes masses of bug fixes, as well as tweaks to how passwords are scored.

QUnit tests have been updated to reflect tha scoring changes.

Full changelog: https://github.com/dropbox/zxcvbn/compare/v1.0...v4.4.1

Fixes #31647.


Built from https://develop.svn.wordpress.org/trunk@39596


git-svn-id: http://core.svn.wordpress.org/trunk@39536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-13 11:23:42 +00:00
James Nylen
d7ab7fdf5a REST API: Do not include the password argument when getting media items
Currently, `attachment` is the only post type exposed via the REST API that
does not support password protection, but it's possible for other post types to
remove password support.

Fixes #38977.

Built from https://develop.svn.wordpress.org/trunk@39595


git-svn-id: http://core.svn.wordpress.org/trunk@39535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-13 03:51:44 +00:00
James Nylen
0b599cce41 REST API: Do not error on empty JSON body
It's fairly common for clients to send `Content-Type: application/json` with an
empty body.  While technically not valid JSON, we've historically supported
this behaviour, so it shouldn't cause an error.

Props JPry.
Fixes #39150.

Built from https://develop.svn.wordpress.org/trunk@39594


git-svn-id: http://core.svn.wordpress.org/trunk@39534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-13 03:34:41 +00:00
Boone Gorges
aa644128d6 Taxonomy: Use get_term_link() instead of get_category_link() in get_term_parents_list().
`get_category_link()` is a wrapper for `get_term_link()`. Using the
unwrapped function makes more sense semantically (it's taxonomy-
agnostic) and it's also more parsimonious (the `WP_Error` check in
`get_category_link()` is redundant with similar checks just before
in `get_term_link()`).

Props keesiemeijer.
Fixes #17069.
Built from https://develop.svn.wordpress.org/trunk@39593


git-svn-id: http://core.svn.wordpress.org/trunk@39533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-13 02:57:41 +00:00
Ryan McCue
20aa5d7150 General: Correctly detect trailing newline when prepending.
We need to check that the final line is actually an artifact of explode(), not just an empty input string.

See #37082.

Built from https://develop.svn.wordpress.org/trunk@39592


git-svn-id: http://core.svn.wordpress.org/trunk@39532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-13 02:48:41 +00:00
Ryan McCue
fbc00b31ef General: Remove most uses of create_function()
create_function() is equivalent to eval(), and most of our uses can be refactored. This is simpler, more secure, and slightly more performant.

Props sgolemon.
Fixes #37082.

Built from https://develop.svn.wordpress.org/trunk@39591


git-svn-id: http://core.svn.wordpress.org/trunk@39531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-13 01:49:39 +00:00
Felix Arntz
6e2d9af8b6 Tests: Use wp_delete_user() during teardown to delete a single site's user.
Fixes failing tests for `get_dashboard_url()`.

Fixes #39065.

Built from https://develop.svn.wordpress.org/trunk@39590


git-svn-id: http://core.svn.wordpress.org/trunk@39530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 23:18:40 +00:00
Felix Arntz
d784b5552c Multisite: Replace is_super_admin() with manage_network in get_dashboard_url().
Unit tests for `get_dashboard_url()` have been added.

Props iaaxpage.
Fixes #39065. See #37616.

Built from https://develop.svn.wordpress.org/trunk@39589


git-svn-id: http://core.svn.wordpress.org/trunk@39529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 22:41:39 +00:00
Felix Arntz
f704fc808a Multisite: Handle capability check for removing oneself via map_meta_cap().
Site administrators should not be able to remove themselves from a site. This moves the enforcement of this rule from `wp-admin/users.php` to `remove_user_from_blog()` via the `remove_user` capability, which furthermore allows us to get rid of two additional clauses and their `is_super_admin()` checks in `wp-admin/users.php`. A unit test for the new behavior has been added.

Fixes #39063. See #37616.

Built from https://develop.svn.wordpress.org/trunk@39588


git-svn-id: http://core.svn.wordpress.org/trunk@39528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 21:42:42 +00:00
Konstantin Obenland
ee36cf9214 Themes: Add missing square bracket in jQuery selector.
Fixes a bug in Safari where the UI wasn't updated after deleting a theme due to
the incomplete selector.

Props Hristo Sg.
Fixes #39246.

Built from https://develop.svn.wordpress.org/trunk@39586


git-svn-id: http://core.svn.wordpress.org/trunk@39526 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 09:32:41 +00:00
Weston Ruter
c9b863fc40 Customize: Prevent navigation in preview when clicking on child elements of preview links that have non-previewable URLs.
Fixes #39098.

Built from https://develop.svn.wordpress.org/trunk@39584


git-svn-id: http://core.svn.wordpress.org/trunk@39524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 08:09:41 +00:00
Dion Hulse
5edd9b03e7 Remove the WordPress version number from readme.html.
See #35554 

Built from https://develop.svn.wordpress.org/trunk@39583


git-svn-id: http://core.svn.wordpress.org/trunk@39523 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 08:01:39 +00:00
Weston Ruter
8a89a50c69 Customize: Prevent edit shortcut from losing event handler after selective refresh.
Props sirbrillig.
See #27403.
Fixes #39100.

Built from https://develop.svn.wordpress.org/trunk@39581


git-svn-id: http://core.svn.wordpress.org/trunk@39521 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 07:52:43 +00:00
Dion Hulse
0a349c9641 PDF Images: Avoid a PHP Warning when attempting to process a file without an extension.
Props chandrapatel for initial patch.
Fixes #39195.

Built from https://develop.svn.wordpress.org/trunk@39580


git-svn-id: http://core.svn.wordpress.org/trunk@39520 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 06:19:41 +00:00
Dion Hulse
883689c816 Taxonomy: Restore the ability to use string-based $args in wp_get_object_terms().
Props tyxla.
Fixes #39215

Built from https://develop.svn.wordpress.org/trunk@39578


git-svn-id: http://core.svn.wordpress.org/trunk@39518 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 05:47:42 +00:00
Weston Ruter
826a0323a2 Build/Test Tools: Facilitate SVN and Git being co-located in the same directory.
Ignore .svn in .gitignore, and ignore .git in svn:ignore.

Fixes #39245.

Built from https://develop.svn.wordpress.org/trunk@39577


git-svn-id: http://core.svn.wordpress.org/trunk@39517 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 05:12:44 +00:00
Dion Hulse
bdf6087450 Bootstrap: Re-initialize any hooks added manually by object-cache.php.
Prior to 3.1 if a object cache dropin wanted to add actions, they needed to use `$wp_filter` directly.

Props jorbin.
Fixes #39132.

Built from https://develop.svn.wordpress.org/trunk@39565


git-svn-id: http://core.svn.wordpress.org/trunk@39505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 01:29:42 +00:00
Peter Wilson
c21907ca1e Options: Prevent unnecessary SQL updates by update_option.
Previously an option containing an object would trigger an SQL `UPDATE` on all calls to `update_option`, even if the old and new values were identical. This was due to the old and new values having differing resource IDs.

This change compares the old and new values as serialized data to remove the resource ID from the comparison.

Props salcode, bradyvercher, peterwilsoncc.
Fixes #38903.

Built from https://develop.svn.wordpress.org/trunk@39564


git-svn-id: http://core.svn.wordpress.org/trunk@39504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-11 21:43:43 +00:00
Rachel Baker
d054b9afba REST API: Allow schema sanitization_callback to be set to null to bypass fallback sanitization functions.
The logic in WP_REST_Request->sanitize_params() added in [39091] did not account for `null` or `false` being the sanitization_callback preventing overriding `rest_parse_request_arg()`. This fixes that oversight, allowing the built in sanitization function to be bypassed. See #38593.

Props kkoppenhaver, rachelbaker, jnylen0.
Fixes #39042.

Built from https://develop.svn.wordpress.org/trunk@39563


git-svn-id: http://core.svn.wordpress.org/trunk@39503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-11 21:26:43 +00:00
Weston Ruter
9669c60397 Customize: Fix ability to shift-click on placeholder/pre-saved nav menu items in preview to focus on corresponding control.
Fixes #39102.

Built from https://develop.svn.wordpress.org/trunk@39562


git-svn-id: http://core.svn.wordpress.org/trunk@39502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-10 23:47:41 +00:00
Weston Ruter
57830bf2be Customize: Deprecate page_home nav menu item starter content in favor of home_link; replace usage in Twenty Seventeen.
Props celloexpressions, westonruter.
Amends [38991].
See #38615, #38114.
Fixes #39104.

Built from https://develop.svn.wordpress.org/trunk@39561


git-svn-id: http://core.svn.wordpress.org/trunk@39501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-10 23:39:43 +00:00
Weston Ruter
a366e58135 Customize: Trim whitespace for URLs supplied for external_header_video to prevent esc_url_raw() from making them invalid.
Props tyxla.
See #38172.
Fixes #39125.

Built from https://develop.svn.wordpress.org/trunk@39560


git-svn-id: http://core.svn.wordpress.org/trunk@39500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-10 07:00:45 +00:00
Weston Ruter
6527c24ab1 Customize: Prevent single quotes (apostrophes) in custom_css values from unexpectedly causing false positives for unbalanced character validation errors.
See #39218, #35395.
Fixes #39198.

Built from https://develop.svn.wordpress.org/trunk@39559


git-svn-id: http://core.svn.wordpress.org/trunk@39499 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-10 06:45:42 +00:00