WordPress/wp-admin
John Blackbourn 9b7814a4a1 Security: Loosen the admin referrer policy header value to allow the referring host to be sent from the admin area in all cases.
This allows referrer-restricted content from third parties (such as images and fonts) to continue working in the admin area.

Props aranwer104, qcmiao

Fixes #43285

Merges [42830] to the 4.9 branch.

Built from https://develop.svn.wordpress.org/branches/4.9@42831


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42661 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-12 10:59:39 +00:00
..
css Build/Test Tools: Update prefixed CSS properties in about.css. 2018-03-08 19:41:44 +00:00
images Customize: Add a RTL version of "browser.png" for the site icon preview. 2016-07-05 11:32:29 +00:00
includes Security: Loosen the admin referrer policy header value to allow the referring host to be sent from the admin area in all cases. 2018-03-12 10:59:39 +00:00
js General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00
maint I18N: Make the translator comment added in [37858] more explicit and consistent with other similar instances. 2016-07-04 13:10:30 +00:00
network General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00
user Administration: Ensure the new Privacy Policy screen appears when within the Network Admin and User Admin. 2017-11-06 18:17:54 +00:00
about.php Bump the 4.9 branch to version 4.9.4. 2018-02-06 15:42:43 +00:00
admin-ajax.php Dashboard: Remove "Try Gutenberg" callout. 2017-10-23 20:48:47 +00:00
admin-footer.php Docs: Remove incorrect @param tags for admin_print_footer_scripts-{$hook_suffix} and admin_footer-{$hook_suffix} dynamic actiona. 2017-01-09 14:38:41 +00:00
admin-functions.php Docs: Use 3-digit, x.x.x-style semantic versioning for _doing_it_wrong(), _deprecated_function(), _deprecated_argument(), and _deprecated_file() throughout core. 2016-07-06 12:40:29 +00:00
admin-header.php I18n: Introduce more translator comments for strings that contain placeholders but don't have an accompanying translator comment. 2016-11-21 02:46:30 +00:00
admin-post.php
admin.php Transients: After [41963], add missing cron task for delete_expired_transients(). 2017-10-24 23:00:47 +00:00
async-upload.php Remove SWFUpload, 2017-09-21 16:35:48 +00:00
comment.php Accessibility: Remove target=_blank from the comment/edit-comments help tabs links. 2016-10-04 06:54:30 +00:00
credits.php About: Synchronize 4.9 tagline across about pages for credits, freedoms, and privacy. 2017-11-12 20:00:37 +00:00
custom-background.php Docs: Remove @access notations from method DocBlocks in wp-admin/* classes. 2017-07-27 00:40:43 +00:00
custom-header.php General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00
customize.php General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00
edit-comments.php General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00
edit-form-advanced.php Editor: Disable wp_keep_scroll_position in IE11 since buggy; fix matches polyfill conflict with ME.js by doing runtime feature detection in context window. 2017-11-15 19:00:38 +00:00
edit-form-comment.php Accessibility: Standardize the remove/delete/cancel links in the Menus screen and Publish meta boxes. 2016-09-17 15:39:30 +00:00
edit-link-form.php Accessibility: Remove inappropriate content from the Link Manager screens headings. 2016-12-07 20:18:46 +00:00
edit-tag-form.php Taxonomy: Introduce a back_to_items taxonomy label. 2017-09-27 14:39:45 +00:00
edit-tags.php General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00
edit.php General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00
export.php Accessibility: Remove target=_blank from the help tab links on several admin screens. 2016-10-04 20:27:33 +00:00
freedoms.php About: Synchronize 4.9 tagline across about pages for credits, freedoms, and privacy. 2017-11-12 20:00:37 +00:00
import.php Accessibility: Remove target=_blank from the help tab links on several admin screens. 2016-10-04 20:27:33 +00:00
index.php Dashboard: Remove "Try Gutenberg" callout. 2017-10-23 20:48:47 +00:00
install-helper.php
install.php I18N: Allow numbers in locales during installation. 2017-09-04 19:30:43 +00:00
link-add.php Text Changes: Unify permission error messages. 2016-06-29 15:16:29 +00:00
link-manager.php Accessibility: Remove inappropriate content from the Link Manager screens headings. 2016-12-07 20:18:46 +00:00
link-parse-opml.php General: Check to see that the PHP-XML module is enabled before using XML functions. 2016-10-24 04:45:31 +00:00
link.php Docs: Standardize capitalization of Ajax throughout core documentation per the core spelling guide. 2016-07-10 00:51:30 +00:00
load-scripts.php Bootstrap: do not go gentle into that good night r38411, r38412, and parts of r38389. 2016-08-31 16:31:29 +00:00
load-styles.php Bootstrap: do not go gentle into that good night r38411, r38412, and parts of r38389. 2016-08-31 16:31:29 +00:00
media-new.php Accessibility: Remove target=_blank from the help tab links on several admin screens. 2016-10-04 20:27:33 +00:00
media-upload.php General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00
media.php Accessibility: Remove inappropriate content from the old Edit Media screen heading. 2016-12-07 23:30:40 +00:00
menu-header.php Administration: Admin menu: Use aria-current for the current active page. 2017-09-09 14:50:43 +00:00
menu.php Role/Capability: Introduce capabilities dedicated to installing and updating language files. 2017-08-18 18:31:44 +00:00
moderation.php
ms-admin.php
ms-delete-site.php I18N: Unify permission error message in wp-admin/ms-delete-site.php. 2017-10-19 00:48:50 +00:00
ms-edit.php
ms-options.php
ms-sites.php
ms-themes.php
ms-upgrade-network.php Don't rely on include_path to include files. 2013-09-25 00:18:11 +00:00
ms-users.php
my-sites.php Users: Remove some links to the dashboard from My Sites for users who cannot access it. 2017-10-09 15:22:46 +00:00
nav-menus.php General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00
network.php General: Improve terminology used when referring to installations of WordPress and its extensions. 2017-08-22 11:52:48 +00:00
options-discussion.php Comments: Change IP references in moderation option labels and email notifications to IP address for clarity. 2017-10-03 13:09:47 +00:00
options-general.php Role/Capability: Make install_languages capability check less restrictive. 2018-01-24 22:59:38 +00:00
options-head.php Docs: Standardize on 'backward compatibility/compatible' nomenclature in core inline docs. 2016-05-13 18:41:31 +00:00
options-media.php Settings: Widen image size input fields on Media Settings page. 2017-10-12 03:48:47 +00:00
options-permalink.php Permalinks: Change mention of URI to URL in the description of %category% tag. 2017-10-25 11:11:45 +00:00
options-reading.php Customize: Rename "Static front page" to just "Homepage". 2017-09-10 16:20:44 +00:00
options-writing.php I18N: Remove <code> and <kbd> tags from translatable strings on Settings screens. 2017-10-24 10:51:52 +00:00
options.php General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00
plugin-editor.php Code Editors: Update copy in warning modals. 2017-10-24 18:47:47 +00:00
plugin-install.php General: Improve terminology used when referring to installations of WordPress and its extensions. 2017-08-22 11:52:48 +00:00
plugins.php Dashboard: Remove "Try Gutenberg" callout. 2017-10-23 20:48:47 +00:00
post-new.php General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00
post.php Editor: Add the replace_editor filter. 2017-10-11 12:06:48 +00:00
press-this.php General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00
privacy.php About: Synchronize 4.9 tagline across about pages for credits, freedoms, and privacy. 2017-11-12 20:00:37 +00:00
profile.php
revision.php I18n: Begin introducing translator comments for strings which include placeholders but no accompanying translator comment. 2016-11-21 01:22:32 +00:00
setup-config.php I18N: Replace hardcoded file name in translatable strings in wp-admin/setup-config.php with a placeholder. 2017-10-18 15:27:53 +00:00
term.php General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00
theme-editor.php Theme Editor: Translate the URL to the Child Themes Codex page. 2017-11-27 03:53:40 +00:00
theme-install.php Themes: Improve line wrapping in feature filter on Theme Install screen and in the Customizer. 2018-01-15 19:30:40 +00:00
themes.php General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00
tools.php Retire Press This and extract it to a plugin. First run. 2017-09-24 14:22:54 +00:00
update-core.php Plugins: Tweak the plugin icons added in [41695]. 2017-10-04 23:43:46 +00:00
update.php Customize: Eliminate use of customize-loader in core so Customizer is opened consistently in top window. 2017-10-09 16:04:48 +00:00
upgrade-functions.php Docs: Use 3-digit, x.x.x-style semantic versioning for _doing_it_wrong(), _deprecated_function(), _deprecated_argument(), and _deprecated_file() throughout core. 2016-07-06 12:40:29 +00:00
upgrade.php
upload.php Accessibility: Improve the Media Library inline uploader accessibility. 2017-03-31 17:38:43 +00:00
user-edit.php Taxonomy/Users: Use correct escaping function for URLs. 2017-09-19 21:14:47 +00:00
user-new.php General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00
users.php General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00
widgets.php General: Replace Cheatin’ uh? with friendlier error messages. 2018-03-09 00:15:42 +00:00