WordPress/wp-includes
Sergey Biryukov 4315d85d65 Escape the output in wp_ajax_upload_attachment().
Merges [45936] to the 5.2 branch.
Props whyisjake, sstoqnov.
Built from https://develop.svn.wordpress.org/branches/5.2@45938


git-svn-id: http://core.svn.wordpress.org/branches/5.2@45749 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 16:15:51 +00:00
..
blocks Accessibility: Remove post format filter links from format icons in the Posts list table. 2019-03-21 15:32:01 +00:00
certificates
css Accessibility: Make the Media modal an ARIA modal dialog. 2019-08-20 22:42:51 +00:00
customize Customize: Remove “Update” link for themes on multisite installs. 2019-06-13 15:34:52 +00:00
fonts Administration: Fix Dashicon backwards compatibility issues. 2019-03-27 19:59:52 +00:00
ID3
images Build: Update images following [43684]. 2018-12-19 03:36:27 +00:00
IXR Docs: Fix typo in xmlrpc_chunk_parsing_size filter description. 2019-03-28 16:53:51 +00:00
js Docs: Update @since tag for new JS functions and variables introduced in [45572]. 2019-08-20 22:55:52 +00:00
pomo Docs: Correct the docs for POMO_Reader::setEndian(). 2019-01-16 05:36:48 +00:00
random_compat
Requests
rest-api REST API: Always urlencode_deep() query args in get_items methods. 2019-04-25 00:08:52 +00:00
SimplePie
sodium_compat Upgrade/Install: Update sodium_compat to v1.10.0. 2019-05-17 17:20:53 +00:00
Text
theme-compat Coding Standards: Upgrade WPCS to 1.0.0 2018-08-17 01:51:36 +00:00
widgets Widgets: Add rel="noopener noreferrer" to links with target="_blank" in the Image widget. 2019-04-08 23:23:51 +00:00
admin-bar.php Accessibility: Remove redundant title attribute from the "Exit Recovery Mode" link. 2019-04-25 16:04:53 +00:00
atomlib.php
author-template.php Users: In wp_list_authors(), check for author's post count before getting author's metadata. 2019-04-17 14:50:50 +00:00
blocks.php Editor: Correct since annotation for the excerpt_allowed_blocks filter. 2019-08-19 04:18:53 +00:00
bookmark-template.php Docs: Remove duplicate docblocks for the pre_user_login and link_category filters. 2019-01-16 05:29:49 +00:00
bookmark.php General: Fix problematic string to array parsing. 2019-01-10 21:06:49 +00:00
cache.php Docs: Correct type for WP_Object_Cache::$blog_prefix. 2019-04-11 20:10:53 +00:00
canonical.php Canonical: Ensure redirect query keys are URL encoded. 2019-04-08 01:10:55 +00:00
capabilities.php Site health: Introduce view_site_health_checks capability. 2019-06-10 07:50:53 +00:00
category-template.php Coding Standards: Remove an unnecessary line whitelisting. 2019-01-12 04:53:51 +00:00
category.php Coding Standards: Upgrade WPCS to 1.0.0 2018-08-17 01:51:36 +00:00
class-feed.php
class-http.php HTTP: Add support for the host-only flag to Wp_Http_Cookie. 2019-04-08 05:32:51 +00:00
class-IXR.php
class-json.php Docs: Correct spelling in various comments and DocBlocks, per the conventions in Core Contributor Handbook. 2019-04-17 13:26:51 +00:00
class-oembed.php Embeds: Update the Crowdsignal embed handler so that surveys on subdomains are supported. 2019-03-28 21:27:51 +00:00
class-phpass.php
class-phpmailer.php
class-pop3.php
class-requests.php
class-simplepie.php
class-smtp.php Docs: Correct various spelling mistakes. 2019-03-13 19:32:53 +00:00
class-snoopy.php
class-walker-category-dropdown.php
class-walker-category.php Accessibility: Introduce category_list_link_attributes filter in Walker_Category::start_el() for the HTML attributes applied to a category list item's anchor element. 2019-03-21 10:37:57 +00:00
class-walker-comment.php Comments: Update the message shown when a comment is awaiting moderation. 2019-01-21 22:46:49 +00:00
class-walker-nav-menu.php Menus: Add rel="noopener" to target="_blank" links by default in menus. 2019-04-08 23:06:52 +00:00
class-walker-page-dropdown.php Docs: Correctly specify the $page parameter of list_pages filter as a WP_Post. 2018-12-20 20:04:50 +00:00
class-walker-page.php Menus: Use esc_url() for the href value of page link attributes in Walker_Page::start_el(), for consistency with Walker_Nav_Menu and Walker_Category. 2019-03-21 10:45:51 +00:00
class-wp-admin-bar.php Bootstrap/Load: Introduce a recovery mode for fixing fatal errors. 2019-03-21 21:53:51 +00:00
class-wp-ajax-response.php
class-wp-block-parser.php Block Editor: Update WordPress Packages to solve PHP 5.2.2 parser incompatibility. 2019-02-07 09:02:49 +00:00
class-wp-block-type-registry.php Blocks: Introduce WP_Block_Type and WP_Block_Type_Registry classes. 2018-12-13 09:44:23 +00:00
class-wp-block-type.php REST API: Preserve unknown, respect null in server-side block rendering. 2018-12-17 18:00:52 +00:00
class-wp-comment-query.php Coding Standards: Fix and whitelist variable names. 2019-01-12 06:06:48 +00:00
class-wp-comment.php
class-wp-customize-control.php
class-wp-customize-manager.php Docs: Correct spelling in various comments and DocBlocks, per the conventions in Core Contributor Handbook. 2019-04-17 13:26:51 +00:00
class-wp-customize-nav-menus.php Customizer: Remove a line of commented-out code in WP_Customize_Nav_Menus::customize_register(). 2018-12-19 07:23:47 +00:00
class-wp-customize-panel.php
class-wp-customize-section.php
class-wp-customize-setting.php Docs: Correct spelling in various comments and DocBlocks, per the conventions in Core Contributor Handbook. 2019-04-17 13:26:51 +00:00
class-wp-customize-widgets.php Bootstrap/Load: Remove duplicate leading slashes on inclusion of various files under ABSPATH. 2019-04-13 04:46:52 +00:00
class-wp-dependency.php Docs: Add missing documentation for _WP_Dependency::set_translations(). 2019-01-15 22:48:51 +00:00
class-wp-editor.php TinyMCE: Fix keyboard navigation when the dfw button is present but hidden. Ensure that button is added last in the DOM to match where it appears visually. 2019-04-12 18:08:53 +00:00
class-wp-embed.php Coding Standards: Upgrade WPCS to 1.0.0 2018-08-17 01:51:36 +00:00
class-wp-error.php Docs: Update since annotations WP_Error::has_errors() 2019-01-09 22:42:51 +00:00
class-wp-fatal-error-handler.php Bootstrap/Load: Prevent PHP errors when a drop-in triggers fatal error protection. 2019-05-15 19:54:53 +00:00
class-wp-feed-cache-transient.php
class-wp-feed-cache.php
class-wp-hook.php
class-wp-http-cookie.php HTTP: Add support for the host-only flag to Wp_Http_Cookie. 2019-04-08 05:32:51 +00:00
class-wp-http-curl.php Coding Standards: Upgrade WPCS to 1.0.0 2018-08-17 01:51:36 +00:00
class-wp-http-encoding.php
class-wp-http-ixr-client.php Docs: Document more parameters and properties using typed array notation. 2018-03-25 19:33:31 +00:00
class-wp-http-proxy.php
class-wp-http-requests-hooks.php
class-wp-http-requests-response.php HTTP: Add support for the host-only flag to Wp_Http_Cookie. 2019-04-08 05:32:51 +00:00
class-wp-http-response.php
class-wp-http-streams.php Docs: Update since annotation for new $url parameter for several HTTP related filters. 2019-01-04 21:58:51 +00:00
class-wp-image-editor-gd.php Docs: Add missing periods to param annotations for flip() in WP_Image_Editor_GD. 2019-01-10 22:10:50 +00:00
class-wp-image-editor-imagick.php
class-wp-image-editor.php
class-wp-list-util.php
class-wp-locale-switcher.php REST API: Render response in user locale with ?_locale=user. 2018-12-14 01:32:39 +00:00
class-wp-locale.php Bootstrap/Load: Restore $wp_version global check in WP_Locale::init(), previously replaced with get_bloginfo( 'version' ) in [38459]. 2019-03-27 13:27:52 +00:00
class-wp-matchesmapregex.php
class-wp-meta-query.php Docs: Update since annotations for adding LIKE comparisons with meta keys. 2019-01-09 14:55:49 +00:00
class-wp-metadata-lazyloader.php Docs: Correct and improve various inline documentation. 2018-03-25 19:35:29 +00:00
class-wp-network-query.php Multisite: add new sites_pre_query and networks_pre_query filters to short circuit WP_Site_Query and WP_Network_Query queries. 2019-03-22 17:26:51 +00:00
class-wp-network.php Docs: Document more parameters and properties using typed array notation. 2018-03-25 19:33:31 +00:00
class-wp-oembed-controller.php Embeds: Filter HTML response in oEmbed proxy controller. 2018-12-14 03:20:37 +00:00
class-wp-paused-extensions-storage.php Bootstrap/Load: Introduce a recovery mode for fixing fatal errors. 2019-03-21 21:53:51 +00:00
class-wp-post-type.php
class-wp-post.php Coding Standards: Use strict comparison in WP_Post where possible. 2019-03-15 21:55:50 +00:00
class-wp-query.php Fix setup_postdata() to set the (inside the loop) globals before the_post action is fired. Follow-up from #42814 and [44941]. 2019-05-04 21:08:18 +00:00
class-wp-recovery-mode-cookie-service.php Docs: Add missing @since tag for WP_Recovery_Mode_Cookie_Service::parse_cookie(). 2019-04-19 14:00:51 +00:00
class-wp-recovery-mode-email-service.php Bootstrap/Load: Tweak the recovery mode email text and behaviour. 2019-04-25 00:47:52 +00:00
class-wp-recovery-mode-key-service.php Bootstrap/Load: Allow more than one recovery link to be valid at a time. 2019-04-16 05:09:51 +00:00
class-wp-recovery-mode-link-service.php Bootstrap/Load: Allow more than one recovery link to be valid at a time. 2019-04-16 05:09:51 +00:00
class-wp-recovery-mode.php Bootstrap/Load: Tweak the recovery mode email text and behaviour. 2019-04-25 00:47:52 +00:00
class-wp-rewrite.php Coding Standards: Upgrade WPCS to 1.0.0 2018-08-17 01:51:36 +00:00
class-wp-role.php Docs: Document more parameters and properties using typed array notation. 2018-03-25 19:33:31 +00:00
class-wp-roles.php Docs: Document WP_Roles properties with typed array notation. 2018-03-22 18:56:33 +00:00
class-wp-session-tokens.php Docs: Correct and improve docblocks for user session management functionality. 2018-09-14 13:45:26 +00:00
class-wp-simplepie-file.php
class-wp-simplepie-sanitize-kses.php
class-wp-site-query.php Multisite: add new sites_pre_query and networks_pre_query filters to short circuit WP_Site_Query and WP_Network_Query queries. 2019-03-22 17:26:51 +00:00
class-wp-site.php Docs: Correct spelling in various comments and DocBlocks, per the conventions in Core Contributor Handbook. 2019-04-17 13:26:51 +00:00
class-wp-tax-query.php Coding Standards: Upgrade WPCS to 1.0.0 2018-08-17 01:51:36 +00:00
class-wp-taxonomy.php Taxonomy: Update @since annotations for meta_box_sanitize_cb arg. 2019-01-09 15:11:48 +00:00
class-wp-term-query.php Coding Standards: Upgrade WPCS to 1.0.0 2018-08-17 01:51:36 +00:00
class-wp-term.php
class-wp-text-diff-renderer-inline.php
class-wp-text-diff-renderer-table.php Coding Standards: Fix the Squiz.ControlStructures.ControlSignature.SpaceAfterCloseBrace violations. 2019-01-11 06:40:50 +00:00
class-wp-theme.php Themes: Link to an updated documentation on child themes on developer.wordpress.org, instead of Codex. 2019-04-01 11:55:52 +00:00
class-wp-user-meta-session-tokens.php Docs: Add @see WP_Session_Tokens to the WP_User_Meta_Session_Tokens docblock. 2019-01-09 05:04:50 +00:00
class-wp-user-query.php Docs: Correct @since tag for users_pre_query filter added in [44373]. 2019-01-07 07:56:50 +00:00
class-wp-user.php Users: Add LIMIT 1 to SQL query in WP_User::get_data_by(), as only one row is requested. 2018-09-23 15:33:24 +00:00
class-wp-walker.php
class-wp-widget-factory.php
class-wp-widget.php Coding Standards: Upgrade WPCS to 1.0.0 2018-08-17 01:51:36 +00:00
class-wp-xmlrpc-server.php I18N: Merge similar strings about allowed space allocation in Multisite. 2019-04-01 12:24:51 +00:00
class-wp.php Multisite: Validate activation links. 2018-12-13 01:26:24 +00:00
class.wp-dependencies.php Docs: Document that the $src parameter of WP_Dependencies::add() can be boolean. 2018-09-28 21:51:24 +00:00
class.wp-scripts.php I18N/Script Loader: Support text domains other than "messages". 2019-01-06 16:23:49 +00:00
class.wp-styles.php Script/Style Dependencies: Simplify some logic in WP_Styles::do_item(). 2018-08-11 17:42:24 +00:00
comment-template.php Docs: Correct various spelling mistakes. 2019-03-13 19:32:53 +00:00
comment.php PHPCS: Remove extra tabs added in [44970]. 2019-03-21 21:36:51 +00:00
compat.php General: Add sodium_compat library for crypto APIs in PHP < 7.2 2019-03-21 04:56:52 +00:00
cron.php Cron: Ensure identical single events aren't scheduled less than 10min apart. 2019-03-16 06:42:50 +00:00
date.php Docs: Correct and improve various inline documentation. 2018-03-25 19:35:29 +00:00
default-constants.php Docs: Adjust comments in wp_initial_constants() to conform to WPCS. 2019-04-15 22:10:52 +00:00
default-filters.php Site health: Introduce view_site_health_checks capability. 2019-06-10 07:50:53 +00:00
default-widgets.php
deprecated.php Replace usages of basename() with wp_basename() in order to support multibyte filenames 2019-03-01 20:58:52 +00:00
embed-template.php
embed.php Docs: Correct the documentation for the oEmbed HTML filtering. 2019-03-27 17:14:52 +00:00
error-protection.php Bootstrap/Load: Introduce a recovery mode for fixing fatal errors. 2019-03-21 21:53:51 +00:00
feed-atom-comments.php Feeds: improve structure and naming of feed build date helper function. 2019-04-18 17:08:52 +00:00
feed-atom.php Feeds: improve structure and naming of feed build date helper function. 2019-04-18 17:08:52 +00:00
feed-rdf.php Feeds: improve structure and naming of feed build date helper function. 2019-04-18 17:08:52 +00:00
feed-rss2-comments.php Feeds: improve structure and naming of feed build date helper function. 2019-04-18 17:08:52 +00:00
feed-rss2.php Feeds: improve structure and naming of feed build date helper function. 2019-04-18 17:08:52 +00:00
feed-rss.php Feeds: improve structure and naming of feed build date helper function. 2019-04-18 17:08:52 +00:00
feed.php Feeds: Ensure a feed’s <lastBuildDate> has the correct date. 2019-05-20 14:47:54 +00:00
formatting.php Formatting: Don't convert smilies in ignored tags that have attributes. 2019-08-19 04:24:53 +00:00
functions.php Media: Fix deletion of files on Windows. 2019-05-17 13:31:53 +00:00
functions.wp-scripts.php I18N: Make domain argument optional in wp_set_script_translations() / WP_Scripts::set_translations(). 2019-01-04 21:12:50 +00:00
functions.wp-styles.php Docs: Fix typo in wp_add_inline_script() and wp_add_inline_style() description. 2018-12-20 02:42:48 +00:00
general-template.php Accessibility: In back-compat code added for get_search_form() in [44956], when checking the (previously boolean) $args value, account for non-strict comparison. 2019-05-17 02:24:55 +00:00
http.php HTTP: Don't treat localhost as same host by default. 2018-04-03 15:00:31 +00:00
kses.php KSES: Add background-position and grid-template-columns as safe CSS properties. 2019-04-18 05:56:51 +00:00
l10n.php Docs: Correct @param type for $deprecated and $plugin_rel_path arguments of load_plugin_textdomain(). 2019-04-19 14:21:53 +00:00
link-template.php Docs: Add missing @since tag for [45031]. 2019-04-13 14:17:55 +00:00
load.php Build/Test Tools: Use a non-zero exit code in wp_check_php_mysql_versions() when minimum PHP or MySQL requirements are not met. 2019-05-17 12:38:53 +00:00
locale.php
media-template.php Accessibility: Make the Media modal an ARIA modal dialog. 2019-08-20 22:42:51 +00:00
media.php Media: Revert [44947]. 2019-04-26 00:44:52 +00:00
meta.php Options, Meta APIs: Ensure the $object_id parameter passed to the delete_{$meta_type}_meta and deleted_{$meta_type}_meta filters is always an integer. 2019-03-28 21:59:52 +00:00
ms-blogs.php Multisite: Do not prime site meta caches unless necessary. 2019-03-18 15:56:51 +00:00
ms-default-constants.php
ms-default-filters.php Multisite: Move site-specific metadata integrations from the wrapper functions to the low-level Meta API functions. 2019-01-08 08:48:48 +00:00
ms-deprecated.php Multisite: Update @since tags for site management APIs. 2019-01-08 08:58:49 +00:00
ms-files.php
ms-functions.php I18N: Improvements to and additions of translator comments for various email subject strings. 2019-04-15 22:39:50 +00:00
ms-load.php Networks and Sites: Use numbered placeholder in a mailto: link in ms_site_check(). 2019-04-11 20:15:52 +00:00
ms-network.php Multisite: Introduce ms-site.php and ms-network.php files. 2019-01-08 09:15:49 +00:00
ms-settings.php
ms-site.php Docs: Add arguments passed by wp_insert_site() to wp_initialize_site(). 2019-04-17 20:57:52 +00:00
nav-menu-template.php Privacy: Introduce Privacy Policy page helpers: 2019-03-21 19:48:50 +00:00
nav-menu.php Menus: Trim whitespace from custom link URLs. 2019-08-19 04:07:52 +00:00
option.php Options: Avoid unnecessary DB calls when updating network options. 2019-01-21 04:27:51 +00:00
pluggable-deprecated.php
pluggable.php I18N: Improvements to and additions of translator comments for various email subject strings. 2019-04-15 22:39:50 +00:00
plugin.php
post-formats.php Post Formats: Don't assign a variable inside if statement in get_post_format(). 2018-08-30 09:01:25 +00:00
post-template.php Remove _convert_urlencoded_to_entities() from the get_the_content() callback. 2019-09-04 16:10:52 +00:00
post-thumbnail-template.php Media: Introduce the has_post_thumbnail filter. 2019-01-10 15:28:50 +00:00
post.php Media: move get_available_post_mime_types to wp-includes/post.php making it more generally available. 2019-04-16 20:30:51 +00:00
query.php Privacy: Introduce Privacy Policy page helpers: 2019-03-21 19:48:50 +00:00
registration-functions.php
registration.php
rest-api.php REST API: Ensure "Allow" header is returned for OPTIONS requests. 2019-03-19 03:22:51 +00:00
revision.php Posts: Set a HTTP 403 error when an incorrect post preview nonce is sent. 2019-01-16 03:54:50 +00:00
rewrite.php Permalinks: Avoid a PHP notice in wp_resolve_numeric_slug_conflicts() when visiting a day archive with the /%postname%/ permalink structure. 2019-04-16 15:34:52 +00:00
rss-functions.php
rss.php
script-loader.php Upgrade/Install: Bring some consistency to installation screen styles. 2019-08-19 04:44:53 +00:00
session.php
shortcodes.php Docs: Correct parameter name in strip_shortcodes_tagnames filter DocBlock. 2018-08-02 15:13:27 +00:00
spl-autoload-compat.php
taxonomy.php Docs: Correct various spelling mistakes. 2019-03-13 19:32:53 +00:00
template-loader.php Privacy: Introduce Privacy Policy page helpers: 2019-03-21 19:48:50 +00:00
template.php Docs: Correct @return description for get_privacy_policy_template(). 2019-04-19 13:46:51 +00:00
theme.php Docs: Correct spelling in various comments and DocBlocks, per the conventions in Core Contributor Handbook. 2019-04-17 13:26:51 +00:00
update.php Bootstrap/Load: Remove duplicate leading slashes on inclusion of various files under ABSPATH. 2019-04-13 04:46:52 +00:00
user.php I18N: Improvements to and additions of translator comments for various email subject strings. 2019-04-15 22:39:50 +00:00
vars.php
version.php Escape the output in wp_ajax_upload_attachment(). 2019-09-04 16:15:51 +00:00
widgets.php Docs: Improve documentation of the `$wp_registered_sidebars global. 2019-01-14 23:01:49 +00:00
wlwmanifest.xml
wp-db.php Docs: Correct spelling in various comments and DocBlocks, per the conventions in Core Contributor Handbook. 2019-04-17 13:26:51 +00:00
wp-diff.php