- Progressive enhancement for optional compression improvements and stripping meta.
- Whitelist IPTC and XMP profiles to maintain Copyright and Rights Usage Terms.
- Whitelist EXIF profile to maintain orientation information. If handled on upload in the future, it can be stripped as well.
Fixes#33642. See #28634.
Props joemcgill, juliobox, ahockley, markoheijnen, adamsilverstein, wonderboymusic, mikeschroder.
Built from https://develop.svn.wordpress.org/trunk@36891
git-svn-id: http://core.svn.wordpress.org/trunk@36858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Request full refresh if there are nav menu instances that lack partials for a changed setting.
* Restore `WP_Customize_Nav_Menus::$preview_nav_menu_instance_args` and `WP_Customize_Nav_Menus::export_preview_data()` from 4.3, and keeping a tally of all `wp_nav_menu()` calls regardless of whether they can use selective refresh.
* Ensure that all instances of `wp_nav_menu()` are tallied, regardless of whether they are made during the initial preview call or during subsequent partial renderings. Export `nav_menu_instance_args` with each partial rendering response just as they are returned when rendering the preview as a whole.
* Fix issues with Custom Menu widget where nav menu items would fail to render when switching between menus when a menu lacked items to begin with.
* Make sure the fallback behavior is invoked when the partial is no longer associated with a menu.
* Do fallback behavior to refresh preview when all menu items are removed from a menu.
Follows [36586].
See #27355.
Fixes#35362.
Built from https://develop.svn.wordpress.org/trunk@36889
git-svn-id: http://core.svn.wordpress.org/trunk@36856 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The media library can contain files which aren't attached yet. When attaching a file you currently get "Media attachment reattached.", or the opposite "Media attachment detached.". That's redundant and can be inaccurate. It's also not easy to translate in some languages.
This change generalizes the strings to refer to a "media file" instead.
Props SergeyBiryukov, ocean90, netweb.
Fixes#36089.
Built from https://develop.svn.wordpress.org/trunk@36887
git-svn-id: http://core.svn.wordpress.org/trunk@36854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The test assumes that if a CSS file was added to `$_old_files` all three files (.css, .min.css, -rtl.min.css; it's actually missing the fourth case, -rtl.css) don't exist anymore. But this isn't always the case. The test is also incredible slow because it does three `file_exists()` checks for each file — the global contains 646 files currently.
It's important what we have in the /build directory and that's covered by `test_new_files_are_not_in_old_files_array_compiled()`.
Fixes#36083.
Built from https://develop.svn.wordpress.org/trunk@36885
git-svn-id: http://core.svn.wordpress.org/trunk@36852 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows themes to directly override the default template. The order in which the template is retrieved is as follows: `embed-$post_type-$post_format.php` -> `embed-$post_type.php` -> `embed.php`.
The `embed_template` filter gets replaced by the dynamic `{$type}_template` filter in `get_query_template()`.
Props ChriCo, swissspidy.
See #34561. Fixes#34278.
Built from https://develop.svn.wordpress.org/trunk@36876
git-svn-id: http://core.svn.wordpress.org/trunk@36843 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is a follow-up to [36604].
When processing dependencies `$this->group` will be the minimum of the script's registered group and all preceding siblings. This is wrong because only a scripts ancestors in the dependency chain should affect where it is loaded. Effectively `$this->group` introduced a form of global state which potentially corrupted the group of dependencies. Sorting covers up this problem.
The issue in #35873 was that script were not moving their dependencies to a lower group when necessary.
The fix:
* In `WP_Dependencies::all_deps()` pass the new `$group` value to `WP_Dependencies::all_deps()`. Previously the wrong value was passed because the parent script could have moved with `WP_Scripts::set_group()`.
* In `WP_Scripts::all_deps()` pass the `$group` parameter to `WP_Dependencies::all_deps()` so it doesn't always use `false` for `$group`. Same for `WP_Styles::all_deps()`.
Props stephenharris, gitlost.
Fixes#35956.
Built from https://develop.svn.wordpress.org/trunk@36871
git-svn-id: http://core.svn.wordpress.org/trunk@36838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp-login.php` uses `wp_safe_redirect()` for all redirects, even those that do not involve unsafe data from the request or referer.
When a user of a subdomain site attempts to login to a network site they do not have access to, the host in the redirect URL is treated as unsafe by `wp_safe_redirect()` as it has no immediate awareness as to which hosts are valid on the network. On a subdirectoy network, everything works as expected because the host is the same.
In this specific block of `wp-login.php`, all URLs are generated by WordPress and we can use `wp_redirect()` to handle the redirects. Users authenticating via other network sites will now be redirected properly. Hosts passed via the `redirect_to` query var will continue to be handled by `wp_safe_redirect()`.
Fixes#30598.
Built from https://develop.svn.wordpress.org/trunk@36867
git-svn-id: http://core.svn.wordpress.org/trunk@36834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Tested scenarios include: using the default (which is the post type description), Setting a custom description for that individual menu item, and setting a custom description that is blank. Introduced in r35382.
Props Toro_Unit, mayukojpn, extendwings, jorbin.
Fixes#35324. See #16075.
Built from https://develop.svn.wordpress.org/trunk@36859
git-svn-id: http://core.svn.wordpress.org/trunk@36826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[36510] introduced a fix to allow users to save large menus on the Edit Menu screen (70+ menu items). The form data is stored as JSON which is used to inject the `$_POST` variable in the form submission handler. This injection was not setting form items with named array elements properly (e.g. `menu-locations[primary]`), which did not save theme location data in a large form.
Props keraweb.
See #14134.
Built from https://develop.svn.wordpress.org/trunk@36852
git-svn-id: http://core.svn.wordpress.org/trunk@36819 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Removes double `margin-bottom` from all the media controls.
* All media controls now send `{settingId}-attachment-data` messages to the preview when a media setting is updated so that the preview has access to the attachment data.
* Fixes receiving of `attachment-data` message for `custom_logo` which resulted in instant JS-applied preview not working. See #36096.
See #33755.
Fixes#35941.
Built from https://develop.svn.wordpress.org/trunk@36851
git-svn-id: http://core.svn.wordpress.org/trunk@36818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Change the newly added `press_this_save_post_content` filter to `press_this_save_post` and pass the $post_data array to it.
- Remove the newly added `press_this_useful_html_elements`. It only runs in compatibility mode when a URL is typed by the user.
- Remove the `press_this_suggested_content` filter. It is redundant as the suggested HTML for the editor is already filtered by `press_this_suggested_html`.
- Add some more inline docs and rename couple of vars to make the code more readable.
Fixes#34455.
Built from https://develop.svn.wordpress.org/trunk@36848
git-svn-id: http://core.svn.wordpress.org/trunk@36815 1a063a9b-81f0-0310-95a4-ce76da25c4cd
An OPTIONS request was incorrectly returning an "Accept" header which
was a typo of "Allow". This meant Accept was showing "GET, POST" for example,
however it was also not running the permission checks on the endpoints.
Instead, the correct route needs to be set on the request object, which means
the normal handling for the Allow header will kick in. This technically
breaks backwards compatibility, however given the value of Accept was also wrong
then this should not be an issue.
Fixes#35975.
Built from https://develop.svn.wordpress.org/trunk@36829
git-svn-id: http://core.svn.wordpress.org/trunk@36796 1a063a9b-81f0-0310-95a4-ce76da25c4cd
IE 11's implementation of MutationObserver is buggy. It unnecessarily splits text nodes when it encounters a HTML template interpolation symbol ( "{{", for example ). So, we join the text nodes back together as a work-around.
Fixes#35977 for trunk.
Built from https://develop.svn.wordpress.org/trunk@36817
git-svn-id: http://core.svn.wordpress.org/trunk@36784 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As new sets of emoji are added to Unicode, and browsers add support for them at random intervals, we'll inevitably need to add new tests to the emoji loader. This change makes it much easier to add new tests as they're needed.
Fixes#35300.
Built from https://develop.svn.wordpress.org/trunk@36816
git-svn-id: http://core.svn.wordpress.org/trunk@36783 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Locales are codes to identify a language in WordPress which can be different from the specification for language tags, see https://www.w3.org/International/articles/language-tags/.
An example is `de_DE_formal` or `nl_NL_formal` where the subtag `formal` isn't officially supported.
To give translators the possibility to specify the language tag of their language introduce a string `html_lang_attribute` which can be translated into the language tag which conforms to the specification.
Props SergeyBiryukov.
Fixes#33511.
Built from https://develop.svn.wordpress.org/trunk@36802
git-svn-id: http://core.svn.wordpress.org/trunk@36769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Removes overly-zealous filtering of autofocus panels, sections, and controls which are unrecognized or for which the user doesn't have the capability to focus (in which case it would no-op anyway). Also defers autofocus logic until instances are created, even after initial `ready` event. This ensures that autofocus can apply for any panels, sections, or controls that get created via the loaded preview.
See #28650.
Fixes#36018.
Built from https://develop.svn.wordpress.org/trunk@36796
git-svn-id: http://core.svn.wordpress.org/trunk@36763 1a063a9b-81f0-0310-95a4-ce76da25c4cd