`Pragma` is supposed to be a request header, but we've been including it in responses since the beginning of time.
This is a relic dating all the way back to b2, probably originally added because Internet Explorer version 5 and earlier didn't understand the `Cache-Control` header in responses, but they did (incorrectly) obey the `Pragma` header.
Internet Explorer 6 and 7 will obey the `Pragma` response header only if no other cache-related response headers are present (in our case, they are always present), and all other browsers ignore the `Pragma` response header.
Props geekysoft.
Fixes#37250.
Built from https://develop.svn.wordpress.org/trunk@37944
git-svn-id: http://core.svn.wordpress.org/trunk@37885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prevents JavaScript errors by checking zxcvbn is defined before calling.
Changes `wp.passwordStrength.meter()` to return `-1` if the strength of the password is unknown.
On the user profile screen, `generatePassword()` checks if the user has entered the password before setting the value of the password input box.
Props peterwilsoncc, adamsilverstein.
Fixes#34905.
Built from https://develop.svn.wordpress.org/trunk@37940
git-svn-id: http://core.svn.wordpress.org/trunk@37881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [37888], the comment text was initially updated, however an opportunity to make the text less trivializing of actions that users will take was missed. To quote Helen Hou-Sandi: "It's important not to trivialize actions that are perfectly reasonable for a user to find tricky (where to go to log in is not exactly intuitive, even with the rewrites we have now)."
The text of the comment now reads:
> Hi, this is a comment.
> To get started with moderating, editing, and deleting comments, please visit the Comments screen in the dashboard.
> Commenter avatars come from <a href="https://gravatar.com">Gravatar</a>.
Some interesting reading on the topic of "Simple" and "Easy" and how they relate to software development can be found at http://andrewspittle.com/2012/01/31/avoiding-easy/ and written by andrewspittle.
Props helen.
Fixes#36702.
Built from https://develop.svn.wordpress.org/trunk@37921
git-svn-id: http://core.svn.wordpress.org/trunk@37862 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Resource hints allow browsers to prefetch specific pages or render them in the background to perform DNS lookups or to begin the connection handshake (DNS, TCP, TLS) in the background.
By default, `wp_resource_hints()` prints hints for "s.w.org" (the WordPress.org CDN) and for all scripts and styles which are enqueued from external hosts.
Use the `wp_resource_hints` filter to add custom domains and URLs for `dns-prefetch`, `preconnect`, `prefetch` or `prerender`.
Props voldemortensen, swissspidy.
Fixes#34292.
Built from https://develop.svn.wordpress.org/trunk@37920
git-svn-id: http://core.svn.wordpress.org/trunk@37861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The new format looks like "Sorry, you are not allowed to <action>.". This provides a consistent experience for all error messages related to missing permissions. It also reduces the number of similar strings and allows translators to provide a consistent style in their language.
Props ramiy, Presskopp.
Fixes#34521.
Built from https://develop.svn.wordpress.org/trunk@37914
git-svn-id: http://core.svn.wordpress.org/trunk@37855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The string is used during the network installation process to inform the user about where to store additional configuration data. Since the wp-config.php file can be translated the string should be too.
Props julesaus.
Fixes#36945.
Built from https://develop.svn.wordpress.org/trunk@37902
git-svn-id: http://core.svn.wordpress.org/trunk@37843 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changes the global `$wp_post_types` to an array of `WP_Post_Type` objects. `WP_Post_Type` includes methods to handle post type supports, rewrite rules, meta boxes, hooks, and taxonomies.
Each post type argument becomes a property of `WP_Post_Type`.
Props swissspidy, flixos90.
Fixes#36217.
Built from https://develop.svn.wordpress.org/trunk@37890
git-svn-id: http://core.svn.wordpress.org/trunk@37831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The new comment:
> A WordPress Commenter <!wapuu@wordpress.example>:
>
> Hi, this is a comment.
> To moderate comments, just log in. There you will have the option to edit or delete them.
> Commenter avatars come from <a href="!https://gravatar.com">Gravatar</a>.
Also introduces a network setting to set the email address of the first comment author on a new site.
Props Ipstenu, rachelbaker, jorbin, jeremyfelt.
Fixes#36702, #14268.
Built from https://develop.svn.wordpress.org/trunk@37888
git-svn-id: http://core.svn.wordpress.org/trunk@37829 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a new action hook, `wp_edit_form_attachment_display` to
`edit_form_image_editor()`, which can be used as a fallback to render
previews of an attachment that isn't an image, audio, or video file
included in the media library.
Props georgestephanis.
Fixes#36502.
Built from https://develop.svn.wordpress.org/trunk@37879
git-svn-id: http://core.svn.wordpress.org/trunk@37820 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[36510] allowed larger menus to be created in the Edit Menu screen by JSON-encoding the entire form into a single input field. However, it did not correctly handle nested arrays.
This introduces a new `_wp_expand_nav_menu_post_data()` helper function to handle this POST data which uses `array_replace_recursive()` internally. Since the latter is only available on PHP 5.3+, we add a compatibility function to ensure PHP 5.2 support.
Props ericlewis, neverything, swissspidy.
Fixes#36590 for trunk. See #14134.
Built from https://develop.svn.wordpress.org/trunk@37748
git-svn-id: http://core.svn.wordpress.org/trunk@37713 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Custom permalink structures require at least one valid structure tag, e.g. `%postname%`. If none is included, it would leave users with broken permalinks.
Let's make sure this won't happen by validating the permalink structure.
Adds unit tests.
Props rockwell15 for initial patch.
Fixes#35936.
Built from https://develop.svn.wordpress.org/trunk@37747
git-svn-id: http://core.svn.wordpress.org/trunk@37712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
UI controls that "do something" on a page shouldn't be links. This link behaves
like a toggle to expand the uploader panel and should be a `button` element with
an aria-expanded attribute. Also:
- improves consistency with the Plugin uploader
- keeps the themes list visible when the uploader is open
- displays a notice when JavaScript is off
- adds some `hide-if-no-js` CSS classes
- removes the `themes.router.navigate()` "upload" route: seems unnecessary and breaks history
Fixes#35457.
Built from https://develop.svn.wordpress.org/trunk@37742
git-svn-id: http://core.svn.wordpress.org/trunk@37707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When Open Sans was in use, the `300`, `400`, and `600` weights were loaded. `400` is the equivalent of `normal`; however, `bold` is equivalent to `700`, not `600`. With the move to system fonts, we need to be specific rather than relying on the lack of a `700` weight. Not all system fonts include a `600` weight; in those instances, they will use the `bold`/`700` weight.
The WordPress CSS Coding Standards have been updated accordingly.
props coderste.
see #36753.
Built from https://develop.svn.wordpress.org/trunk@37740
git-svn-id: http://core.svn.wordpress.org/trunk@37705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`WP_Site_Query` provides for a cleaner `prepare_items()` method. It significantly improves the search experience in the sites list table:
* In a subdomain configuration, domain and path are searched for a provided terms.
* In a subdirectory configuration, path is searched for a provided term.
* The full domain is searched in a subdomain configuration rather than the portion not matching the network's domain.
* Terms are searched as `%term%` by default. Adding `*` in the middle of a term will search `%te%rm%`.
Props flixos90, Fab1en.
Fixes#33185, #24833, #21837, #36675.
Built from https://develop.svn.wordpress.org/trunk@37736
git-svn-id: http://core.svn.wordpress.org/trunk@37701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Gone are the days of isolation and feelings of "meh", brought on by The Bleak Screen of Sadness. For a shiny knight has arrived to usher our plugins and themes along their arduous journey of installation, updates, and the inevitable fate of ultimate deletion.
Props swissspidy, adamsilverstein, mapk, afragen, ocean90, ryelle, j-falk, michael-arestad, melchoyce, DrewAPicture, AdamSoucie, ethitter, pento, dd32, kraftbj, Ipstenu, jorbin, afercia, stephdau, paulwilde, jipmoors, khag7, svovaf, jipmoors, obenland.
Fixes#22029, #25828, #31002, #31529, #31530, #31773, #33637, #35032.
Built from https://develop.svn.wordpress.org/trunk@37714
git-svn-id: http://core.svn.wordpress.org/trunk@37680 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Send back setting validities with full refreshes and selective refreshes so that invalid settings can have notifications displayed immediately before attempting save, and so that these notifications can be cleared as soon as the input is corrected.
* Splits out JS logic for listing controls into separate methods `wp.customize.Setting.prototype.findControls()` and `wp.customize.findControlsForSettings()`.
* Adds a `setting` property to the `data` on notifications added to controls that are synced from their settings.
* Adds `selective-refresh-setting-validities` message sent from preview to pane.
* Changes `WP_Customize_Manager::validate_setting_values()` to return when settings are valid as well as invalid.
* Adds `WP_Customize_Manager::prepare_setting_validity_for_js()`.
* Add setting validities to data exported to JS in Customizer Preview and in selective refresh responses.
Fixes#36944.
Built from https://develop.svn.wordpress.org/trunk@37700
git-svn-id: http://core.svn.wordpress.org/trunk@37666 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `?tab=upload` page still exists for no-js support and for users who may
access it directly (e.g. from bookmarks or history) or plugins doing the same.
In this page, the "Browse plugins" link should always behave like a link.
Fixes#35429.
Built from https://develop.svn.wordpress.org/trunk@37681
git-svn-id: http://core.svn.wordpress.org/trunk@37647 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Avoid references to "visual" positions in favour of positions in the document
structure. The help text shouldn't assume users can see.
Also, in the Posts screen don't mention specific types of posts and use a more
generic text instead.
Props odysseygate, pansotdev, zakb8.
Fixes#34761.
Built from https://develop.svn.wordpress.org/trunk@37680
git-svn-id: http://core.svn.wordpress.org/trunk@37646 1a063a9b-81f0-0310-95a4-ce76da25c4cd