Skip to content
Permalink
Branch: 5.2-branch
Commits on Nov 2, 2019
  1. Bump Akismet external to 4.1.3.

    dd32 committed Nov 2, 2019
    See #WP47269.
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@46426 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Commits on Oct 15, 2019
  1. REST API: Allow for multiple Vary: Origin headers in GET responses.

    whyisjake committed Oct 15, 2019
    Simple fix, we pass false as the second parameter to the header function.
    
    This is something that we added downstream of the 5.2.4 release, but we missed in 5.2/trunk.
    
    Fixes #48309, see also [46544].
    Props xknown, whyisjake.
    
    Built from https://develop.svn.wordpress.org/branches/5.2@46545
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@46342 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Commits on Oct 14, 2019
  1. WordPress 5.2.4.

    desrosj committed Oct 14, 2019
  2. REST API: Send a Vary: Origin header on GET requests.

    whyisjake committed Oct 14, 2019
    Add this header on all GET requests to prevent cached requests.
    
    Fixes some code dulication from [46484] and backports the changes from [46484] to the 5.2 branch.
    Props darthhexx, davidbinda, nickdaugherty, whyisjake.
    
    Built from https://develop.svn.wordpress.org/branches/5.2@46487
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@46285 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  3. Administration: Ensure that admin referer nonce is valid.

    whyisjake committed Oct 14, 2019
    Coding standards, ensure that nonce is valid with identical, rather then equal operator.
    
    Backports [46477] to the 5.2 branch.
    Props vortfu, xknown, whyisjake.
    
    Built from https://develop.svn.wordpress.org/branches/5.2@46486
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@46284 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  4. Filesystem API: Prevent directory travelersals when creating new fold…

    whyisjake committed Oct 14, 2019
    …ers.
    
    Reject file paths that contain sub-directory paths.
    
    Props iandunn, xknown, sstoqnov, whyisjake.
    
    Built from https://develop.svn.wordpress.org/branches/5.2@46484
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@46282 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  5. Filesystem API: Prevent directory travelersals when creating new fold…

    whyisjake committed Oct 14, 2019
    …ers.
    
    Reject file paths that contain sub-directory paths.
    
    Backports [46476] to the 5.2 branch.
    
    Props iandunn, xknown, sstoqnov, whyisjake.
    
    Built from https://develop.svn.wordpress.org/branches/5.2@46482
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@46280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  6. HTTP API: Protect against hex interpretation.

    whyisjake committed Oct 14, 2019
    Return earlier from wp_http_validate_url().
    
    Props: iandunn, xknown, voldemortensen, whyisjake.
    
    Built from https://develop.svn.wordpress.org/branches/5.2@46480
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@46278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  7. Query: Remove the static query property.

    whyisjake committed Oct 14, 2019
    Prevent unauthenticated views of publicly queryables content types.
    
    Props aaroncampbell, whyisjake, nickdaugherty, xknown.
    
    Built from https://develop.svn.wordpress.org/branches/5.2@46479
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@46277 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  8. Formatting: In `wp_validate_redirect()`, normalize the path when vali…

    SergeyBiryukov committed Oct 14, 2019
    …dating the location for relative URLs, to account for Windows paths.
    
    Props peterwilsoncc, rconde, jmmathc, mat-lipe, Sixes, justinahinon, cmagrin, daxelrod, SergeyBiryukov.
    Merges [46472] to the 5.2 branch.
    Fixes #47980.
    Built from https://develop.svn.wordpress.org/branches/5.2@46473
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@46271 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Commits on Oct 5, 2019
Commits on Sep 6, 2019
  1. Remove the extra call for wp-sanitize from the script loader.

    whyisjake committed Sep 6, 2019
    Merges [46073] to the 5.2 branch.
    Fixes #47986.
    
    
    Built from https://develop.svn.wordpress.org/branches/5.2@46074
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45886 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Commits on Sep 5, 2019
Commits on Sep 4, 2019
  1. WordPress 5.2.3.

    whyisjake committed Sep 4, 2019
  2. Help/About: Update the About page for 5.2.3.

    desrosj committed Sep 4, 2019
    Props whyisjake, desrosj.
    Fixes #47923.
    Built from https://develop.svn.wordpress.org/branches/5.2@46046
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  3. Coding Standards: Fix WPCS issue in [45990].

    SergeyBiryukov committed Sep 4, 2019
    Merges [46019] to the 5.2. branch.
    Built from https://develop.svn.wordpress.org/branches/5.2@46022
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45833 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  4. Fix for URL sanitization in `wp_kses_bad_protocol_once()`.

    desrosj committed Sep 4, 2019
    Merges [45997] to the 5.2 branch.
    
    Props irsdl, sstoqnov, whyisjake.
    Built from https://develop.svn.wordpress.org/branches/5.2@46000
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  5. Improve handling the existing `rel` attribute in `wp_rel_nofollow_cal…

    SergeyBiryukov committed Sep 4, 2019
    …lback()`.
    
    Merges [45990] to the 5.2 branch.
    Props xknown, sstoqnov.
    Built from https://develop.svn.wordpress.org/branches/5.2@45991
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45802 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  6. Update wp.a11y.speak() to sanitize HTML before display.

    whyisjake committed Sep 4, 2019
    Merges [45979] to the 5.2 branch
    
    Props iandunn, adamsilverstein, sstoqnov, peterwilsoncc
    
    Built from https://develop.svn.wordpress.org/branches/5.2@45989
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45800 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  7. Improve URL validation in `wp_validate_redirect()`.

    SergeyBiryukov committed Sep 4, 2019
    Merges [45971] to the 5.2 branch.
    Props vortfu, whyisjake, peterwilsoncc.
    Built from https://develop.svn.wordpress.org/branches/5.2@45972
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45783 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  8. Escape the output in `wp_ajax_upload_attachment()`.

    SergeyBiryukov committed Sep 4, 2019
    Merges [45936] to the 5.2 branch.
    Props whyisjake, sstoqnov.
    Built from https://develop.svn.wordpress.org/branches/5.2@45938
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45749 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  9. Remove _convert_urlencoded_to_entities() from the get_the_content() c…

    whyisjake committed Sep 4, 2019
    …allback.
    
    Props vortfu, whyisjake, peterwilsoncc
    
    Built from https://develop.svn.wordpress.org/branches/5.2@45937
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45748 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Commits on Aug 22, 2019
Commits on Aug 21, 2019
  1. Customizer: Trim whitespace from custom link URLs.

    SergeyBiryukov committed Aug 21, 2019
    This complements a similar fix for the Menus screen in [45655].
    
    Props donmhico, audrasjb.
    Merges [45869] to the 5.2 branch.
    Fixes #47888. See #47723.
    Built from https://develop.svn.wordpress.org/branches/5.2@45870
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45681 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Commits on Aug 20, 2019
  1. Docs: Update `@SInCE` tag for new JS functions and variables introduc…

    SergeyBiryukov committed Aug 20, 2019
    …ed in [45572].
    
    Props garrett-eclipse.
    Merges [45867] to the 5.2 branch.
    See #47145.
    Built from https://develop.svn.wordpress.org/branches/5.2@45868
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45679 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  2. Accessibility: Make the Media modal an ARIA modal dialog.

    SergeyBiryukov committed Aug 20, 2019
    For a number of years, the Media modal missed an explicit ARIA role and the required attributes for modal dialogs.
    
    This was confusing for assistive technology users, since they may not realize they're inside a dialog, and that consequently the keyboard interactions may be different from the rest of the page. Lack of an explicit label for the dialog was confusing as well, since assistive technology users didn't have an immediate sense of what the dialog is for.
    
    This change makes the Media modal meet the ARIA Authoring Practices recommendations, helping users better understand the purpose and interactions with the modal. Also, it makes sure to hide the rest of the page content from assistive technologies, until support for `aria-modal="true"` improves.
    
    Additionally:
    - moves the modal H1 heading to the beginning of the modal content 
    - changes the modal left menu position to make visual and DOM order match 
    - improves the `wp.media.view.FocusManager` documentation
    
    Props afercia.
    Merges [45572] to the 5.2 branch.
    Fixes #47145.
    Built from https://develop.svn.wordpress.org/branches/5.2@45866
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45677 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  3. Accessibility: Fix the `alt` attribute of the Gallery images within t…

    SergeyBiryukov committed Aug 20, 2019
    …he Classic Editor.
    
    Passes the images `alt` attribute value to the Gallery template used within the Classic Editor.
    
    Props yarnboy, wpboss.
    Merges [45725] to the 5.2 branch.
    Fixes #47687.
    Built from https://develop.svn.wordpress.org/branches/5.2@45865
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45676 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  4. Twenty Seventeen: Correct height for a Button block without text.

    SergeyBiryukov committed Aug 20, 2019
    Props ianbelanger, laurelfulford, nayana123.
    Merges [45764], [45861], and [45863] to the 5.2 branch.
    Fixes #47414.
    Built from https://develop.svn.wordpress.org/branches/5.2@45864
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45675 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Commits on Aug 19, 2019
  1. Accessibility: Fix the order of the Previous, Next, and Close buttons…

    SergeyBiryukov committed Aug 19, 2019
    … in the Attachment Details modal.
    
    Making the visual and DOM order match benefits keyboard users who navigate documents sequentially and expect the focus order to be consistent with the sequential reading order.
    
    Props afercia.
    Merges [45506] to the 5.2 branch.
    Fixes #47458.
    Built from https://develop.svn.wordpress.org/branches/5.2@45849
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45660 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  2. Block Editor: Fix the link to the classic editor when incompatible me…

    SergeyBiryukov committed Aug 19, 2019
    …ta boxen are detected.
    
    Props tmatsuur, mukesh27.
    Merges [45618] to the 5.2 branch.
    Fixes #45935.
    Built from https://develop.svn.wordpress.org/branches/5.2@45848
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45659 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  3. Twenty Seventeen: Correct the CSS selectors intended to fix hover col…

    SergeyBiryukov committed Aug 19, 2019
    …ors for MediaElement controls.
    
    This is a follow-up to the previous fix in [45146], which didn't work as expected.
    
    Props ryokuhi.
    Merges [45576] to the 5.2 branch.
    Fixes #47543. See #40843.
    Built from https://develop.svn.wordpress.org/branches/5.2@45847
    
    
    git-svn-id: http://core.svn.wordpress.org/branches/5.2@45658 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Older
You can’t perform that action at this time.