Context Navigation

← Previous Change
Next Change →

media.php

Timestamp:

05/16/2023 03:18:41 PM (3 years ago)

Author:

audrasjb

Message:

Grouped backports to the 6.0 branch.

Media: Prevent CSRF setting attachment thumbnails.
Embeds: Add protocol validation for WordPress Embed code.
I18N: Introduce sanitization function for locale.
Editor: Ensure block comments are of a valid form.
Editor: Remove shortcode support from block templates.

Merges [55760-55764] to the 6.0 branch.
Props dd32, isabel_brison, martinkrcho, matveb, ocean90, paulkevan, peterwilsoncc, timothyblynjacobs, xknown, youknowriad.

File:

: 1 edited

branches/6.0/src/wp-includes/media.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

branches/6.0/src/wp-includes/media.php

-                      r53149
+                      r55773
         'captions'          => ! apply_filters( 'disable_captions', '' ),
         'nonce'             => array(
+            'sendToEditor' => wp_create_nonce( 'media-send-to-editor' ),
+            'sendToEditor'           => wp_create_nonce( 'media-send-to-editor' ),
+            'setAttachmentThumbnail' => wp_create_nonce( 'set-attachment-thumbnail' ),
         ),
         'post'              => array(

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Make WordPress Core

Context Navigation

Changeset 55773 for branches/6.0/src/wp-includes/media.php

Legend:

branches/6.0/src/wp-includes/media.php

Download in other formats: