WordPress/wp-includes/rest-api/endpoints
Sergey Biryukov b12e78ee0b Ensure that a user can publish_posts before making a post sticky.
Props: danielbachhuber, whyisjake, peterwilson, xknown.

Brings r46893 to the 4.8 branch.

Update `wp_kses_bad_protocol()` to recognize `:` on uri attributes,

`wp_kses_bad_protocol()` makes sure to validate that uri attributes don’t contain invalid/or not allowed protocols. While this works fine in most cases, there’s a risk that by using the colon html5 named entity, one is able to bypass this function.

Brings r46895 to the 4.8 branch.

Props: xknown, nickdaugherty, peterwilsoncc.
Built from https://develop.svn.wordpress.org/branches/4.8@46917


git-svn-id: http://core.svn.wordpress.org/branches/4.8@46717 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-12 18:54:21 +00:00
..
class-wp-rest-attachments-controller.php Docs: Correct rest_insert_* duplicate hook references in REST API. 2017-01-04 13:23:40 +00:00
class-wp-rest-comments-controller.php REST API: Improve a few more strings added after the 4.7 string freeze. 2017-05-10 19:41:41 +00:00
class-wp-rest-controller.php REST API: Remove rest_get_post filter and get_post abstraction. 2016-11-08 13:09:33 +00:00
class-wp-rest-post-statuses-controller.php REST API: Unify object access handling for simplicity. 2017-01-26 13:39:41 +00:00
class-wp-rest-post-types-controller.php REST API: Unify object access handling for simplicity. 2017-01-26 13:39:41 +00:00
class-wp-rest-posts-controller.php Ensure that a user can publish_posts before making a post sticky. 2019-12-12 18:54:21 +00:00
class-wp-rest-revisions-controller.php REST API: Improve a few more strings added after the 4.7 string freeze. 2017-05-10 19:41:41 +00:00
class-wp-rest-settings-controller.php Docs: Misc corrections and additions to inline documentation. 2016-12-27 09:28:40 +00:00
class-wp-rest-taxonomies-controller.php REST API: Unify object access handling for simplicity. 2017-01-26 13:39:41 +00:00
class-wp-rest-terms-controller.php REST API: Improve a few more strings added after the 4.7 string freeze. 2017-05-10 19:41:41 +00:00
class-wp-rest-users-controller.php REST API: Allow fetching multiple users at once via the slug parameter. 2017-04-05 22:25:43 +00:00