WordPress.org
Get WordPress

Make WordPress Core


Ignore:
Timestamp:
10/29/2020 06:44:12 PM (4 years ago)
Author:
whyisjake
Message:

General: WordPress updates

  • XML-RPC: Improve error messages for unprivileged users.
  • External Libraries: Disable deserialization in Requests_Utility_FilteredIterator
  • Embeds: Disable embeds on deactivated Multisite sites.
  • Coding standards: Modify escaping functions to avoid potential false positives.
  • XML-RPC: Return error message if attachment ID is incorrect.
  • Upgrade/install: Improve logic check when determining installation status.
  • Meta: Sanitize meta key before checking protection status.
  • Themes: Ensure that only privileged users can set a background image when a theme is using the deprecated custom background page.

Brings the changes from [49380,49382-49388] to the 5.2 branch.

Props xknown, zieladam, peterwilsoncc, whyisjake, desrosj, dd32.

Location:
branches/5.2
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • branches/5.2

  • branches/5.2/tests/phpunit/tests/functions.php

    r45270 r49394  
    237237    }
    238238
     239
     240    /**
     241     * @dataProvider data_serialize_deserialize_objects
     242     */
     243    function test_deserialize_request_utility_filtered_iterator_objects( $value ) {
     244        $serialized = maybe_serialize( $value );
     245        if ( is_array( $value ) ) {
     246            $deserialized = unserialize( $serialized );
     247            $this->assertNotEquals( reset( $value )->count(), reset( $deserialized )->count() );
     248        } elseif ( get_class( $value ) === 'Requests_Utility_FilteredIterator' ) {
     249            $this->assertNotEquals( $value->count(), unserialize( $serialized )->count() );
     250        } else {
     251            $this->assertEquals( $value->count(), unserialize( $serialized )->count() );
     252        }
     253    }
     254
     255    function data_serialize_deserialize_objects() {
     256        return array(
     257            array( new Requests_Utility_FilteredIterator( array( 1 ), 'md5' ) ),
     258            array( new Requests_Utility_FilteredIterator( array( 1, 2 ), 'sha1' ) ),
     259            array( new ArrayIterator( array( 1, 2, 3 ) ) ),
     260            array( array( new Requests_Utility_FilteredIterator( array( 1 ), 'md5' ) ) ),
     261        );
     262    }
    239263
    240264    /**
Note: See TracChangeset for help on using the changeset viewer.