Context Navigation

← Previous Change
Next Change →

Changeset 47967 for branches/4.9

Timestamp:

06/10/2020 06:26:13 PM (5 years ago)

Author:

desrosj

Message:

General: Backport several commits for release.

Editor: Prevent HTML decoding on by setting the proper editor context.
Formatting: Ensure that wp_validate_redirect() sanitizes a wider variety of characters.
Themes: Ensure a broken theme name is returned properly.
Administration: Add a new filter to extend set-screen-option.

Merges [47948-47951] to the 4.9 branch.
Props xknown, sstoqnov, vortfu, SergeyBiryukov, whyisjake.

Location:

branches/4.9

Files:

: 5 edited

. (modified) (1 prop)
src/wp-admin/includes/media.php (modified) (1 diff)
src/wp-admin/includes/misc.php (modified) (1 diff)
src/wp-admin/themes.php (modified) (1 diff)
src/wp-includes/pluggable.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

branches/4.9
- Property svn:mergeinfo changed
  /trunk merged: 47949-47951

branches/4.9/src/wp-admin/includes/media.php

-                      r42450
+                      r47967
     if ( preg_match( '#^(audio|video)/#', $post->post_mime_type ) ) {
         echo ': ' . __( 'Displayed on attachment pages.' );
+    } ?></label>
+    <?php wp_editor( $post->post_content, 'attachment_content', $editor_args ); ?>
+    }
+    ?>
+    </label>
+    <?php wp_editor( format_to_edit( $post->post_content ), 'attachment_content', $editor_args ); ?>
     </div>

branches/4.9/src/wp-admin/includes/misc.php

-                      r43639
+                      r47967
                 break;
             default:
+                if ( '_page' === substr( $option, -5 ) || 'layout_columns' === $option ) {
+                    /**
+                     * Filters a screen option value before it is set.
+                     *
+                     * The filter can also be used to modify non-standard [items]_per_page
+                     * settings. See the parent function for a full list of standard options.
+                     *
+                     * Returning false to the filter will skip saving the current option.
+                     *
+                     * @since 2.8.0
+                     * @since 5.4.2 Only applied to options ending with '_page',
+                     *              or the 'layout_columns' option.
+                     *
+                     * @see set_screen_options()
+                     *
+                     * @param bool   $keep   Whether to save or skip saving the screen option value.
+                     *                       Default false.
+                     * @param string $option The option name.
+                     * @param int    $value  The number of rows to use.
+                     */
+                    $value = apply_filters( 'set-screen-option', false, $option, $value ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
+                }
                 /**
                  * Filters a screen option value before it is set.
+                 *
+                 * The filter can also be used to modify non-standard [items]_per_page
+                 * settings. See the parent function for a full list of standard options.
+                 * The dynamic portion of the hook, `$option`, refers to the option name.
+                 *
                  * Returning false to the filter will skip saving the current option.
+                 *
                  * @since 2.8.0
+                 * @since 5.4.2
+                 *
                  * @see set_screen_options()
+                 *
+                 * @param bool|int $value  Screen option value. Default false to skip.
+                 * @param string   $option The option name.
+                 * @param int      $value  The number of rows to use.
+                 * @param bool   $keep   Whether to save or skip saving the screen option value.
+                 *                       Default false.
+                 * @param string $option The option name.
+                 * @param int    $value  The number of rows to use.
                  */
                 $value = apply_filters( 'set-screen-option', false, $option, $value );
+                $value = apply_filters( "set_screen_option_{$option}", false, $option, $value );
                 if ( false === $value )

branches/4.9/src/wp-admin/themes.php

r42811	r47967
338	338	<?php foreach ( $broken_themes as $broken_theme ) : ?>
339	339	<tr>
340		<td><?php echo $broken_theme->get( 'Name' ) ? $broken_theme->display( 'Name' ) : ~~$broken_theme->get_stylesheet(~~); ?></td>
	340	<td><?php echo $broken_theme->get( 'Name' ) ? $broken_theme->display( 'Name' ) : esc_html( $broken_theme->get_stylesheet() ); ?></td>
341	341	<td><?php echo $broken_theme->errors()->get_error_message(); ?></td>
342	342	<?php

branches/4.9/src/wp-includes/pluggable.php

r46493	r47967
1324	1324	**/
1325	1325	function wp_validate_redirect($location, $default = '') {
1326		$location = ~~trim( $location, " \t\n\r\0\x08\x0B"~~ );
	1326	$location = wp_sanitize_redirect( trim( $location, " \t\n\r\0\x08\x0B" ) );
1327	1327	// browsers will assume 'http' is your protocol, and will obey a redirect to a URL starting with '//'
1328	1328	if ( substr($location, 0, 2) == '//' )

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Make WordPress Core