diff --git a/src/js/_enqueues/admin/user-profile.js b/src/js/_enqueues/admin/user-profile.js index ff4830242c..a45164578f 100644 --- a/src/js/_enqueues/admin/user-profile.js +++ b/src/js/_enqueues/admin/user-profile.js @@ -220,7 +220,7 @@ return; } - strength = wp.passwordStrength.meter( pass1, wp.passwordStrength.userInputBlacklist(), pass1 ); + strength = wp.passwordStrength.meter( pass1, wp.passwordStrength.userInputDisallowedList(), pass1 ); switch ( strength ) { case -1: diff --git a/src/js/_enqueues/wp/password-strength-meter.js b/src/js/_enqueues/wp/password-strength-meter.js index 135095910c..2678d5b9b5 100644 --- a/src/js/_enqueues/wp/password-strength-meter.js +++ b/src/js/_enqueues/wp/password-strength-meter.js @@ -22,16 +22,16 @@ window.wp = window.wp || {}; * * @since 3.7.0 * - * @param {string} password1 The subject password. - * @param {Array} blacklist An array of words that will lower the entropy of - * the password. - * @param {string} password2 The password confirmation. + * @param {string} password1 The subject password. + * @param {Array} disallowedList An array of words that will lower the entropy of + * the password. + * @param {string} password2 The password confirmation. * * @return {number} The password strength score. */ - meter : function( password1, blacklist, password2 ) { - if ( ! $.isArray( blacklist ) ) - blacklist = [ blacklist.toString() ]; + meter : function( password1, disallowedList, password2 ) { + if ( ! $.isArray( disallowedList ) ) + disallowedList = [ disallowedList.toString() ]; if (password1 != password2 && password2 && password2.length > 0) return 5; @@ -41,7 +41,7 @@ window.wp = window.wp || {}; return -1; } - var result = zxcvbn( password1, blacklist ); + var result = zxcvbn( password1, disallowedList ); return result.score; }, @@ -49,20 +49,43 @@ window.wp = window.wp || {}; * Builds an array of words that should be penalized. * * Certain words need to be penalized because it would lower the entropy of a - * password if they were used. The blacklist is based on user input fields such + * password if they were used. The disallowedList is based on user input fields such * as username, first name, email etc. * * @since 3.7.0 + * @deprecated 5.5.0 Use {@see 'userInputBlockList()'} instead. * - * @return {string[]} The array of words to be blacklisted. + * @return {string[]} The array of words to be disallowed. */ userInputBlacklist : function() { + wp.deprecated( 'wp.passwordStrength.userInputBlacklist()', { + version: '5.5.0', + alternative: 'wp.passwordStrength.userInputDisallowedList()', + plugin: 'WordPress', + hint: wp.i18n.__( 'Please consider writing more inclusive code.' ) + } ); + + return wp.passwordStrength.userInputDisallowedList(); + }, + + /** + * Builds an array of words that should be penalized. + * + * Certain words need to be penalized because it would lower the entropy of a + * password if they were used. The disallowed list is based on user input fields such + * as username, first name, email etc. + * + * @since 5.5.0 + * + * @return {string[]} The array of words to be disallowed. + */ + userInputDisallowedList : function() { var i, userInputFieldsLength, rawValuesLength, currentField, rawValues = [], - blacklist = [], + disallowedList = [], userInputFields = [ 'user_login', 'first_name', 'last_name', 'nickname', 'display_name', 'email', 'url', 'description', 'weblog_title', 'admin_email' ]; - // Collect all the strings we want to blacklist. + // Collect all the strings we want to disallow. rawValues.push( document.title ); rawValues.push( document.URL ); @@ -85,7 +108,7 @@ window.wp = window.wp || {}; rawValuesLength = rawValues.length; for ( i = 0; i < rawValuesLength; i++ ) { if ( rawValues[ i ] ) { - blacklist = blacklist.concat( rawValues[ i ].replace( /\W/g, ' ' ).split( ' ' ) ); + disallowedList = disallowedList.concat( rawValues[ i ].replace( /\W/g, ' ' ).split( ' ' ) ); } } @@ -93,15 +116,15 @@ window.wp = window.wp || {}; * Remove empty values, short words and duplicates. Short words are likely to * cause many false positives. */ - blacklist = $.grep( blacklist, function( value, key ) { + disallowedList = $.grep( disallowedList, function( value, key ) { if ( '' === value || 4 > value.length ) { return false; } - return $.inArray( value, blacklist ) === key; + return $.inArray( value, disallowedList ) === key; }); - return blacklist; + return disallowedList; } }; diff --git a/src/wp-admin/includes/admin-filters.php b/src/wp-admin/includes/admin-filters.php index 4e66b28bb8..7f9e09e0ed 100644 --- a/src/wp-admin/includes/admin-filters.php +++ b/src/wp-admin/includes/admin-filters.php @@ -74,7 +74,7 @@ add_filter( 'heartbeat_settings', 'wp_heartbeat_set_suspension' ); add_action( 'admin_head-nav-menus.php', '_wp_delete_orphaned_draft_menu_items' ); // Plugin hooks. -add_filter( 'whitelist_options', 'option_update_filter' ); +add_filter( 'allowed_options', 'option_update_filter' ); // Plugin Install hooks. add_action( 'install_plugins_featured', 'install_dashboard' ); diff --git a/src/wp-admin/includes/class-wp-plugins-list-table.php b/src/wp-admin/includes/class-wp-plugins-list-table.php index 094ff1b97e..b2b74d65db 100644 --- a/src/wp-admin/includes/class-wp-plugins-list-table.php +++ b/src/wp-admin/includes/class-wp-plugins-list-table.php @@ -47,10 +47,10 @@ class WP_Plugins_List_Table extends WP_List_Table { ) ); - $status_whitelist = array( 'active', 'inactive', 'recently_activated', 'upgrade', 'mustuse', 'dropins', 'search', 'paused', 'auto-update-enabled', 'auto-update-disabled' ); + $allowed_statuses = array( 'active', 'inactive', 'recently_activated', 'upgrade', 'mustuse', 'dropins', 'search', 'paused', 'auto-update-enabled', 'auto-update-disabled' ); $status = 'all'; - if ( isset( $_REQUEST['plugin_status'] ) && in_array( $_REQUEST['plugin_status'], $status_whitelist, true ) ) { + if ( isset( $_REQUEST['plugin_status'] ) && in_array( $_REQUEST['plugin_status'], $allowed_statuses, true ) ) { $status = $_REQUEST['plugin_status']; } diff --git a/src/wp-admin/includes/class-wp-site-health.php b/src/wp-admin/includes/class-wp-site-health.php index 7f69cca53c..3beb111bb4 100644 --- a/src/wp-admin/includes/class-wp-site-health.php +++ b/src/wp-admin/includes/class-wp-site-health.php @@ -1776,8 +1776,9 @@ class WP_Site_Health { /** * Test if HTTP requests are blocked. * - * It's possible to block all outgoing communication (with the possibility of whitelisting hosts) via the - * HTTP API. This may create problems for users as many features are running as services these days. + * It's possible to block all outgoing communication (with the possibility of allowing certain + * hosts) via the HTTP API. This may create problems for users as many features are running as + * services these days. * * @since 5.2.0 * @@ -1833,8 +1834,8 @@ class WP_Site_Health { $result['description'] .= sprintf( '

%s

', sprintf( - /* translators: 1: Name of the constant used. 2: List of hostnames whitelisted. */ - __( 'HTTP requests have been blocked by the %1$s constant, with some hosts whitelisted: %2$s.' ), + /* translators: 1: Name of the constant used. 2: List of allowed hostnames. */ + __( 'HTTP requests have been blocked by the %1$s constant, with some allowed hosts: %2$s.' ), 'WP_HTTP_BLOCK_EXTERNAL', implode( ',', $hosts ) ) diff --git a/src/wp-admin/includes/deprecated.php b/src/wp-admin/includes/deprecated.php index a9abf670a5..47201332dd 100644 --- a/src/wp-admin/includes/deprecated.php +++ b/src/wp-admin/includes/deprecated.php @@ -159,8 +159,8 @@ function wp_dropdown_cats( $currentcat = 0, $currentparent = 0, $parent = 0, $le * @deprecated 3.0.0 Use register_setting() * @see register_setting() * - * @param string $option_group A settings group name. Should correspond to a whitelisted option key name. - * Default whitelisted option key names include 'general', 'discussion', 'media', + * @param string $option_group A settings group name. Should correspond to an allowed option key name. + * Default allowed option key names include 'general', 'discussion', 'media', * 'reading', 'writing', 'misc', 'options', and 'privacy'. * @param string $option_name The name of an option to sanitize and save. * @param callable $sanitize_callback A callback function that sanitizes the option's value. @@ -1530,7 +1530,7 @@ class WP_Privacy_Data_Export_Requests_Table extends WP_Privacy_Data_Export_Reque $args['screen'] = 'export-personal-data'; } - parent::__construct( $args ); + parent::__construct( $args ); } } diff --git a/src/wp-admin/includes/plugin.php b/src/wp-admin/includes/plugin.php index 8f0b39f9dd..3492b15ee2 100644 --- a/src/wp-admin/includes/plugin.php +++ b/src/wp-admin/includes/plugin.php @@ -2136,12 +2136,12 @@ function user_can_access_admin_page() { return true; } -/* Whitelist functions */ +/* Allowed list functions */ /** - * Refreshes the value of the options whitelist available via the 'whitelist_options' hook. + * Refreshes the value of the allowed options list available via the 'allowed_options' hook. * - * See the {@see 'whitelist_options'} filter. + * See the {@see 'allowed_options'} filter. * * @since 2.7.0 * @@ -2154,77 +2154,77 @@ function option_update_filter( $options ) { global $new_whitelist_options; if ( is_array( $new_whitelist_options ) ) { - $options = add_option_whitelist( $new_whitelist_options, $options ); + $options = add_option_allowed_list( $new_whitelist_options, $options ); } return $options; } /** - * Adds an array of options to the options whitelist. + * Adds an array of options to the list of allowed options. * * @since 2.7.0 * - * @global array $whitelist_options + * @global array $allowed_options * * @param array $new_options * @param string|array $options * @return array */ -function add_option_whitelist( $new_options, $options = '' ) { +function add_option_allowed_list( $new_options, $options = '' ) { if ( '' === $options ) { - global $whitelist_options; + global $allowed_options; } else { - $whitelist_options = $options; + $allowed_options = $options; } foreach ( $new_options as $page => $keys ) { foreach ( $keys as $key ) { - if ( ! isset( $whitelist_options[ $page ] ) || ! is_array( $whitelist_options[ $page ] ) ) { - $whitelist_options[ $page ] = array(); - $whitelist_options[ $page ][] = $key; + if ( ! isset( $allowed_options[ $page ] ) || ! is_array( $allowed_options[ $page ] ) ) { + $allowed_options[ $page ] = array(); + $allowed_options[ $page ][] = $key; } else { - $pos = array_search( $key, $whitelist_options[ $page ], true ); + $pos = array_search( $key, $allowed_options[ $page ], true ); if ( false === $pos ) { - $whitelist_options[ $page ][] = $key; + $allowed_options[ $page ][] = $key; } } } } - return $whitelist_options; + return $allowed_options; } /** - * Removes a list of options from the options whitelist. + * Removes a list of options from the allowed options list. * - * @since 2.7.0 + * @since 5.5.0 * - * @global array $whitelist_options + * @global array $allowed_options * * @param array $del_options * @param string|array $options * @return array */ -function remove_option_whitelist( $del_options, $options = '' ) { +function remove_option_allowed_list( $del_options, $options = '' ) { if ( '' === $options ) { - global $whitelist_options; + global $allowed_options; } else { - $whitelist_options = $options; + $allowed_options = $options; } foreach ( $del_options as $page => $keys ) { foreach ( $keys as $key ) { - if ( isset( $whitelist_options[ $page ] ) && is_array( $whitelist_options[ $page ] ) ) { - $pos = array_search( $key, $whitelist_options[ $page ], true ); + if ( isset( $allowed_options[ $page ] ) && is_array( $allowed_options[ $page ] ) ) { + $pos = array_search( $key, $allowed_options[ $page ], true ); if ( false !== $pos ) { - unset( $whitelist_options[ $page ][ $pos ] ); + unset( $allowed_options[ $page ][ $pos ] ); } } } } - return $whitelist_options; + return $allowed_options; } /** diff --git a/src/wp-admin/includes/post.php b/src/wp-admin/includes/post.php index e6ad6da6e6..907f92b46a 100644 --- a/src/wp-admin/includes/post.php +++ b/src/wp-admin/includes/post.php @@ -2234,7 +2234,7 @@ function get_block_categories( $post ) { function get_block_editor_server_block_settings() { $block_registry = WP_Block_Type_Registry::get_instance(); $blocks = array(); - $fields_to_pick = array( + $fields_to_pick = array( 'title' => 'title', 'description' => 'description', 'icon' => 'icon', diff --git a/src/wp-admin/includes/schema.php b/src/wp-admin/includes/schema.php index 616c63349c..1104b99871 100644 --- a/src/wp-admin/includes/schema.php +++ b/src/wp-admin/includes/schema.php @@ -446,8 +446,6 @@ function populate_options( array $options = array() ) { 'recently_edited' => '', 'template' => $template, 'stylesheet' => $stylesheet, - 'comment_whitelist' => 1, - 'blacklist_keys' => '', 'comment_registration' => 0, 'html_type' => 'text/html', @@ -532,6 +530,10 @@ function populate_options( array $options = array() ) { // 5.3.0 'admin_email_lifespan' => ( time() + 6 * MONTH_IN_SECONDS ), + + // 5.5.0 + 'blocklist_keys' => '', + 'comment_previously_approved' => 1, ); // 3.3.0 @@ -550,7 +552,7 @@ function populate_options( array $options = array() ) { $options = wp_parse_args( $options, $defaults ); // Set autoload to no for these options. - $fat_options = array( 'moderation_keys', 'recently_edited', 'blacklist_keys', 'uninstall_plugins' ); + $fat_options = array( 'moderation_keys', 'recently_edited', 'blocklist_keys', 'uninstall_plugins' ); $keys = "'" . implode( "', '", array_keys( $options ) ) . "'"; $existing_options = $wpdb->get_col( "SELECT option_name FROM $wpdb->options WHERE option_name in ( $keys )" ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared @@ -1140,7 +1142,7 @@ function populate_network_meta( $network_id, array $meta = array() ) { $allowed_themes[ WP_DEFAULT_THEME ] = true; } - // If WP_DEFAULT_THEME doesn't exist, also whitelist the latest core default theme. + // If WP_DEFAULT_THEME doesn't exist, also include the latest core default theme. if ( ! wp_get_theme( WP_DEFAULT_THEME )->exists() ) { $core_default = WP_Theme::get_core_default_theme(); if ( $core_default ) { diff --git a/src/wp-admin/includes/upgrade.php b/src/wp-admin/includes/upgrade.php index be125f913e..3f45ea6f9b 100644 --- a/src/wp-admin/includes/upgrade.php +++ b/src/wp-admin/includes/upgrade.php @@ -835,7 +835,7 @@ function upgrade_all() { upgrade_530(); } - if ( $wp_current_db_version < 47597 ) { + if ( $wp_current_db_version < 48082 ) { upgrade_550(); } @@ -2168,6 +2168,15 @@ function upgrade_530() { function upgrade_550() { update_option( 'finished_updating_comment_type', 0 ); wp_schedule_single_event( time() + ( 1 * MINUTE_IN_SECONDS ), 'wp_update_comment_type_batch' ); + + // Use more clear and inclusive language. + $blocklist = get_option( 'blacklist_keys', '' ); + update_option( 'blocklist_keys', $blocklist ); + delete_option( 'blacklist_keys' ); + + $comment_previously_approved = get_option( 'comment_whitelist', '' ); + update_option( 'comment_previously_approved', $comment_previously_approved ); + delete_option( 'comment_whitelist' ); } /** diff --git a/src/wp-admin/options-discussion.php b/src/wp-admin/options-discussion.php index d8e33c1adb..7727e70106 100644 --- a/src/wp-admin/options-discussion.php +++ b/src/wp-admin/options-discussion.php @@ -181,7 +181,7 @@ printf( __( 'Comments should be displayed with the %s comments at the top of eac />
- + @@ -206,9 +206,9 @@ printf(
-

+

- +

diff --git a/src/wp-admin/options.php b/src/wp-admin/options.php index 4b02b673c3..5623fca9ee 100644 --- a/src/wp-admin/options.php +++ b/src/wp-admin/options.php @@ -80,7 +80,7 @@ if ( is_multisite() && ! current_user_can( 'manage_network_options' ) && 'update ); } -$whitelist_options = array( +$allowed_options = array( 'general' => array( 'blogname', 'blogdescription', @@ -100,10 +100,10 @@ $whitelist_options = array( 'moderation_notify', 'comment_moderation', 'require_name_email', - 'comment_whitelist', + 'comment_previously_approved', 'comment_max_links', 'moderation_keys', - 'blacklist_keys', + 'blocklist_keys', 'show_avatars', 'avatar_rating', 'avatar_default', @@ -146,36 +146,36 @@ $whitelist_options = array( 'default_post_format', ), ); -$whitelist_options['misc'] = array(); -$whitelist_options['options'] = array(); -$whitelist_options['privacy'] = array(); +$allowed_options['misc'] = array(); +$allowed_options['options'] = array(); +$allowed_options['privacy'] = array(); $mail_options = array( 'mailserver_url', 'mailserver_port', 'mailserver_login', 'mailserver_pass' ); if ( ! in_array( get_option( 'blog_charset' ), array( 'utf8', 'utf-8', 'UTF8', 'UTF-8' ), true ) ) { - $whitelist_options['reading'][] = 'blog_charset'; + $allowed_options['reading'][] = 'blog_charset'; } if ( get_site_option( 'initial_db_version' ) < 32453 ) { - $whitelist_options['writing'][] = 'use_smilies'; - $whitelist_options['writing'][] = 'use_balanceTags'; + $allowed_options['writing'][] = 'use_smilies'; + $allowed_options['writing'][] = 'use_balanceTags'; } if ( ! is_multisite() ) { if ( ! defined( 'WP_SITEURL' ) ) { - $whitelist_options['general'][] = 'siteurl'; + $allowed_options['general'][] = 'siteurl'; } if ( ! defined( 'WP_HOME' ) ) { - $whitelist_options['general'][] = 'home'; + $allowed_options['general'][] = 'home'; } - $whitelist_options['general'][] = 'users_can_register'; - $whitelist_options['general'][] = 'default_role'; + $allowed_options['general'][] = 'users_can_register'; + $allowed_options['general'][] = 'default_role'; - $whitelist_options['writing'] = array_merge( $whitelist_options['writing'], $mail_options ); - $whitelist_options['writing'][] = 'ping_sites'; + $allowed_options['writing'] = array_merge( $allowed_options['writing'], $mail_options ); + $allowed_options['writing'][] = 'ping_sites'; - $whitelist_options['media'][] = 'uploads_use_yearmonth_folders'; + $allowed_options['media'][] = 'uploads_use_yearmonth_folders'; /* * If upload_url_path is not the default (empty), @@ -183,8 +183,8 @@ if ( ! is_multisite() ) { * they can be edited, otherwise they're locked. */ if ( get_option( 'upload_url_path' ) || ( get_option( 'upload_path' ) != 'wp-content/uploads' && get_option( 'upload_path' ) ) ) { - $whitelist_options['media'][] = 'upload_path'; - $whitelist_options['media'][] = 'upload_url_path'; + $allowed_options['media'][] = 'upload_path'; + $allowed_options['media'][] = 'upload_url_path'; } } else { /** @@ -195,18 +195,28 @@ if ( ! is_multisite() ) { * @param bool $enabled Whether post-by-email configuration is enabled. Default true. */ if ( apply_filters( 'enable_post_by_email_configuration', true ) ) { - $whitelist_options['writing'] = array_merge( $whitelist_options['writing'], $mail_options ); + $allowed_options['writing'] = array_merge( $allowed_options['writing'], $mail_options ); } } /** - * Filters the options whitelist. + * Filters the allowed options list. * * @since 2.7.0 + * @deprecated 5.5.0 Use {@see 'allowed_options'} instead. * - * @param array $whitelist_options The options whitelist. + * @param array $allowed_options The allowed options list. */ -$whitelist_options = apply_filters( 'whitelist_options', $whitelist_options ); +$allowed_options = apply_filters_deprecated( 'whitelist_options', array( $allowed_options ), '5.5.0', 'apply_filters_deprecated', __( 'Please consider writing more inclusive code.' ) ); + +/** + * Filters the allowed options list. + * + * @since 5.5.0 + * + * @param array $allowed_options The allowed options list. + */ +$allowed_options = apply_filters( 'allowed_options', $allowed_options ); if ( 'update' === $action ) { // We are saving settings sent from a settings page. if ( 'options' === $option_page && ! isset( $_POST['option_page'] ) ) { // This is for back compat and will eventually be removed. @@ -217,11 +227,11 @@ if ( 'update' === $action ) { // We are saving settings sent from a settings pag check_admin_referer( $option_page . '-options' ); } - if ( ! isset( $whitelist_options[ $option_page ] ) ) { + if ( ! isset( $allowed_options[ $option_page ] ) ) { wp_die( sprintf( /* translators: %s: The options page name. */ - __( 'Error: Options page %s not found in the options whitelist.' ), + __( 'Error: Options page %s not found in the allowed options list.' ), '' . esc_html( $option_page ) . '' ) ); @@ -233,7 +243,7 @@ if ( 'update' === $action ) { // We are saving settings sent from a settings pag } $options = explode( ',', wp_unslash( $_POST['page_options'] ) ); } else { - $options = $whitelist_options[ $option_page ]; + $options = $allowed_options[ $option_page ]; } if ( 'general' === $option_page ) { diff --git a/src/wp-content/themes/twentyfourteen/inc/featured-content.php b/src/wp-content/themes/twentyfourteen/inc/featured-content.php index 65d248f97b..da8b76f715 100644 --- a/src/wp-content/themes/twentyfourteen/inc/featured-content.php +++ b/src/wp-content/themes/twentyfourteen/inc/featured-content.php @@ -233,7 +233,7 @@ class Featured_Content { return; } - // We need to respect post IDs already in the blacklist. + // We need to respect post IDs already in the exclude list. $post__not_in = $query->get( 'post__not_in' ); if ( ! empty( $post__not_in ) ) { diff --git a/src/wp-content/themes/twentynineteen/package.json b/src/wp-content/themes/twentynineteen/package.json index b479c0c77f..2d6e4f935b 100644 --- a/src/wp-content/themes/twentynineteen/package.json +++ b/src/wp-content/themes/twentynineteen/package.json @@ -20,7 +20,6 @@ "options": { "autoRename": false, "autoRenameStrict": false, - "blacklist": {}, "clean": true, "greedy": false, "processUrls": false, diff --git a/src/wp-content/themes/twentytwenty/package.json b/src/wp-content/themes/twentytwenty/package.json index 4d11fa4c52..38916604d9 100644 --- a/src/wp-content/themes/twentytwenty/package.json +++ b/src/wp-content/themes/twentytwenty/package.json @@ -33,7 +33,6 @@ "options": { "autoRename": false, "autoRenameStrict": false, - "blacklist": {}, "clean": true, "greedy": false, "processUrls": false, diff --git a/src/wp-includes/Requests/SSL.php b/src/wp-includes/Requests/SSL.php index 2b0376853a..7d8af850a5 100644 --- a/src/wp-includes/Requests/SSL.php +++ b/src/wp-includes/Requests/SSL.php @@ -125,7 +125,7 @@ class Requests_SSL { * @return boolean Does the domain match? */ public static function match_domain($host, $reference) { - // Check if the reference is blacklisted first + // Check if the reference is blocklisted first if (self::verify_reference_name($reference) !== true) { return false; } @@ -149,4 +149,4 @@ class Requests_SSL { return false; } -} \ No newline at end of file +} diff --git a/src/wp-includes/class-wp-customize-widgets.php b/src/wp-includes/class-wp-customize-widgets.php index 872cef24ed..0aa75168a4 100644 --- a/src/wp-includes/class-wp-customize-widgets.php +++ b/src/wp-includes/class-wp-customize-widgets.php @@ -1684,7 +1684,7 @@ final class WP_Customize_Widgets { * List of the tag names seen for before_widget strings. * * This is used in the {@see 'filter_wp_kses_allowed_html'} filter to ensure that the - * data-* attributes can be whitelisted. + * data-* attributes can be allowed. * * @since 4.5.0 * @var array diff --git a/src/wp-includes/class-wp-date-query.php b/src/wp-includes/class-wp-date-query.php index 6e3dac6331..a86ed6da82 100644 --- a/src/wp-includes/class-wp-date-query.php +++ b/src/wp-includes/class-wp-date-query.php @@ -462,10 +462,10 @@ class WP_Date_Query { /** * Validates a column name parameter. * - * Column names without a table prefix (like 'post_date') are checked against a whitelist of - * known tables, and then, if found, have a table prefix (such as 'wp_posts.') prepended. - * Prefixed column names (such as 'wp_posts.post_date') bypass this whitelist check, - * and are only sanitized to remove illegal characters. + * Column names without a table prefix (like 'post_date') are checked against a list of + * allowed and known tables, and then, if found, have a table prefix (such as 'wp_posts.') + * prepended. Prefixed column names (such as 'wp_posts.post_date') bypass this allowed + * check, and are only sanitized to remove illegal characters. * * @since 3.7.0 * diff --git a/src/wp-includes/class-wp-image-editor-imagick.php b/src/wp-includes/class-wp-image-editor-imagick.php index 57f9df1827..4d49e55b2c 100644 --- a/src/wp-includes/class-wp-image-editor-imagick.php +++ b/src/wp-includes/class-wp-image-editor-imagick.php @@ -305,8 +305,8 @@ class WP_Image_Editor_Imagick extends WP_Image_Editor { ); /** - * Set the filter value if '$filter_name' name is in our whitelist and the related - * Imagick constant is defined or fall back to our default filter. + * Set the filter value if '$filter_name' name is in the allowed list and the related + * Imagick constant is defined or fall back to the default filter. */ if ( in_array( $filter_name, $allowed_filters, true ) && defined( 'Imagick::' . $filter_name ) ) { $filter = constant( 'Imagick::' . $filter_name ); diff --git a/src/wp-includes/class-wp-oembed-controller.php b/src/wp-includes/class-wp-oembed-controller.php index 290d60a66d..31951041ef 100644 --- a/src/wp-includes/class-wp-oembed-controller.php +++ b/src/wp-includes/class-wp-oembed-controller.php @@ -94,7 +94,7 @@ final class WP_oEmbed_Controller { 'sanitize_callback' => 'absint', ), 'discover' => array( - 'description' => __( 'Whether to perform an oEmbed discovery request for non-whitelisted providers.' ), + 'description' => __( 'Whether to perform an oEmbed discovery request for unsanctioned providers.' ), 'type' => 'boolean', 'default' => true, ), diff --git a/src/wp-includes/class-wp-oembed.php b/src/wp-includes/class-wp-oembed.php index 235faa6619..18d38ee757 100644 --- a/src/wp-includes/class-wp-oembed.php +++ b/src/wp-includes/class-wp-oembed.php @@ -131,10 +131,10 @@ class WP_oEmbed { self::$early_providers = array(); /** - * Filters the list of whitelisted oEmbed providers. + * Filters the list of sanctioned oEmbed providers. * * Since WordPress 4.4, oEmbed discovery is enabled for all users and allows embedding of sanitized - * iframes. The providers in this list are whitelisted, meaning they are trusted and allowed to + * iframes. The providers in this list are sanctioned, meaning they are trusted and allowed to * embed any content, such as iframes, videos, JavaScript, and arbitrary HTML. * * Supported providers: diff --git a/src/wp-includes/class-wp.php b/src/wp-includes/class-wp.php index e26e348563..ddaebd75a9 100644 --- a/src/wp-includes/class-wp.php +++ b/src/wp-includes/class-wp.php @@ -275,7 +275,7 @@ class WP { } /** - * Filters the query variables whitelist before processing. + * Filters the query variables allowed before processing. * * Allows (publicly allowed) query vars to be added, removed, or changed prior * to executing the query. Needed to allow custom rewrite rules using your own arguments @@ -283,7 +283,7 @@ class WP { * * @since 1.5.0 * - * @param string[] $public_query_vars The array of whitelisted query variable names. + * @param string[] $public_query_vars The array of allowed query variable names. */ $this->public_query_vars = apply_filters( 'query_vars', $this->public_query_vars ); diff --git a/src/wp-includes/comment.php b/src/wp-includes/comment.php index f95328381a..744af98b9b 100644 --- a/src/wp-includes/comment.php +++ b/src/wp-includes/comment.php @@ -10,15 +10,15 @@ * Check whether a comment passes internal checks to be allowed to add. * * If manual comment moderation is set in the administration, then all checks, - * regardless of their type and whitelist, will fail and the function will + * regardless of their type and substance, will fail and the function will * return false. * * If the number of links exceeds the amount in the administration, then the - * check fails. If any of the parameter contents match the blacklist of words, + * check fails. If any of the parameter contents contain any disallowed words, * then the check fails. * * If the comment author was approved before, then the comment is automatically - * whitelisted. + * approved. * * If all checks pass, the function will return true. * @@ -126,7 +126,7 @@ function check_comment( $author, $email, $url, $comment, $user_ip, $user_agent, * as well as whether there are any moderation keywords (if set) present in the author * email address. If both checks pass, return true. Otherwise, return false. */ - if ( 1 == get_option( 'comment_whitelist' ) ) { + if ( 1 == get_option( 'comment_previously_approved' ) ) { if ( 'trackback' !== $comment_type && 'pingback' !== $comment_type && '' !== $author && '' !== $email ) { $comment_user = get_user_by( 'email', wp_unslash( $email ) ); if ( ! empty( $comment_user->ID ) ) { @@ -815,7 +815,7 @@ function wp_allow_comment( $commentdata, $avoid_die = false ) { $approved = 0; } - if ( wp_blacklist_check( + if ( wp_blocklist_check( $commentdata['comment_author'], $commentdata['comment_author_email'], $commentdata['comment_author_url'], @@ -1262,9 +1262,9 @@ function wp_check_comment_data_max_lengths( $comment_data ) { } /** - * Does comment contain blacklisted characters or words. + * Checks if a comment contains disallowed characters or words. * - * @since 1.5.0 + * @since 5.5.0 * * @param string $author The author of the comment * @param string $email The email of the comment @@ -1272,13 +1272,14 @@ function wp_check_comment_data_max_lengths( $comment_data ) { * @param string $comment The comment content * @param string $user_ip The comment author's IP address * @param string $user_agent The author's browser user agent - * @return bool True if comment contains blacklisted content, false if comment does not + * @return bool True if comment contains disallowed content, false if comment does not */ -function wp_blacklist_check( $author, $email, $url, $comment, $user_ip, $user_agent ) { +function wp_blocklist_check( $author, $email, $url, $comment, $user_ip, $user_agent ) { /** - * Fires before the comment is tested for blacklisted characters or words. + * Fires before the comment is tested for disallowed characters or words. * * @since 1.5.0 + * @deprecated 5.5.0 Use {@see 'wp_blocklist_check'} instead. * * @param string $author Comment author. * @param string $email Comment author's email. @@ -1287,14 +1288,28 @@ function wp_blacklist_check( $author, $email, $url, $comment, $user_ip, $user_ag * @param string $user_ip Comment author's IP address. * @param string $user_agent Comment author's browser user agent. */ - do_action( 'wp_blacklist_check', $author, $email, $url, $comment, $user_ip, $user_agent ); + do_action_deprecated( 'wp_blacklist_check', array( $author, $email, $url, $comment, $user_ip, $user_agent ), '5.5.0', 'wp_blocklist_check', __( 'Please consider writing more inclusive code.' ) ); - $mod_keys = trim( get_option( 'blacklist_keys' ) ); + /** + * Fires before the comment is tested for disallowed characters or words. + * + * @since 5.5.0 + * + * @param string $author Comment author. + * @param string $email Comment author's email. + * @param string $url Comment author's URL. + * @param string $comment Comment content. + * @param string $user_ip Comment author's IP address. + * @param string $user_agent Comment author's browser user agent. + */ + do_action( 'wp_blocklist_check', $author, $email, $url, $comment, $user_ip, $user_agent ); + + $mod_keys = trim( get_option( 'blocklist_keys' ) ); if ( '' === $mod_keys ) { return false; // If moderation keys are empty. } - // Ensure HTML tags are not being used to bypass the blacklist. + // Ensure HTML tags are not being used to bypass the list of disallowed characters and words. $comment_without_html = wp_strip_all_tags( $comment ); $words = explode( "\n", $mod_keys ); diff --git a/src/wp-includes/default-filters.php b/src/wp-includes/default-filters.php index c9024e7ae0..18c91c0a4e 100644 --- a/src/wp-includes/default-filters.php +++ b/src/wp-includes/default-filters.php @@ -96,7 +96,7 @@ add_filter( 'pre_post_mime_type', 'sanitize_mime_type' ); add_filter( 'post_mime_type', 'sanitize_mime_type' ); // Meta. -add_filter( 'register_meta_args', '_wp_register_meta_args_whitelist', 10, 2 ); +add_filter( 'register_meta_args', '_wp_register_meta_args_allowed_list', 10, 2 ); // Post meta. add_action( 'added_post_meta', 'wp_cache_set_posts_last_changed' ); diff --git a/src/wp-includes/deprecated.php b/src/wp-includes/deprecated.php index 1024e7cc6d..7a55903f4d 100644 --- a/src/wp-includes/deprecated.php +++ b/src/wp-includes/deprecated.php @@ -3995,3 +3995,83 @@ function wp_unregister_GLOBALS() { // phpcs:ignore WordPress.NamingConventions. // register_globals was deprecated in PHP 5.3 and removed entirely in PHP 5.4. _deprecated_function( __FUNCTION__, '5.5.0' ); } + +/** + * Does comment contain disallowed characters or words. + * + * @since 1.5.0 + * @deprecated 5.5.0 Use wp_blocklist_check() instead. + * Please consider writing more inclusive code. + * + * @param string $author The author of the comment + * @param string $email The email of the comment + * @param string $url The url used in the comment + * @param string $comment The comment content + * @param string $user_ip The comment author's IP address + * @param string $user_agent The author's browser user agent + * @return bool True if comment contains disallowed content, false if comment does not + */ +function wp_blacklist_check( $author, $email, $url, $comment, $user_ip, $user_agent ) { + _deprecated_function( __FUNCTION__, '5.5.0', 'wp_blocklist_check()' ); + + return wp_blocklist_check( $author, $email, $url, $comment, $user_ip, $user_agent ); +} + +/** + * Filters out `register_meta()` args based on an allowed list. + * + * `register_meta()` args may change over time, so requiring the allowed list + * to be explicitly turned off is a warranty seal of sorts. + * + * @access private + * @since 4.6.0 + * @deprecated 5.5.0 Use _wp_register_meta_args_allowed_list() instead. + * Please consider writing more inclusive code. + * + * @param array $args Arguments from `register_meta()`. + * @param array $default_args Default arguments for `register_meta()`. + * @return array Filtered arguments. + */ +function _wp_register_meta_args_whitelist( $args, $default_args ) { + _deprecated_function( __FUNCTION__, '5.5.0', '_wp_register_meta_args_allowed_list()' ); + + return _wp_register_meta_args_allowed_list( $args, $default_args ); +} + +/** + * Adds an array of options to the list of allowed options. + * + * @since 2.7.0 + * @deprecated 5.5.0 Use add_option_allowed_list() instead. + * Please consider writing more inclusive code. + * + * @global array $allowed_options + * + * @param array $new_options + * @param string|array $options + * @return array + */ +function add_option_whitelist( $new_options, $options = '' ) { + _deprecated_function( __FUNCTION__, '5.5.0', 'add_option_allowed_list()' ); + + return add_option_allowed_list( $new_options, $options ); +} + +/** + * Removes a list of options from the allowed options list. + * + * @since 2.7.0 + * @deprecated 5.5.0 Use remove_option_allowed_list() instead. + * Please consider writing more inclusive code. + * + * @global array $allowed_options + * + * @param array $del_options + * @param string|array $options + * @return array + */ +function remove_option_whitelist( $del_options, $options = '' ) { + _deprecated_function( __FUNCTION__, '5.5.0', 'remove_option_allowed_list()' ); + + return remove_option_allowed_list( $del_options, $options ); +} diff --git a/src/wp-includes/formatting.php b/src/wp-includes/formatting.php index 348c1a680b..4ef6582267 100644 --- a/src/wp-includes/formatting.php +++ b/src/wp-includes/formatting.php @@ -2048,7 +2048,7 @@ function sanitize_file_name( $filename ) { /* * Loop over any intermediate extensions. Postfix them with a trailing underscore - * if they are a 2 - 5 character long alpha string not in the extension whitelist. + * if they are a 2 - 5 character long alpha string not in the allowed extension list. */ foreach ( (array) $parts as $part ) { $filename .= '.' . $part; @@ -4852,7 +4852,7 @@ function sanitize_option( $option, $value ) { break; case 'moderation_keys': - case 'blacklist_keys': + case 'blocklist_keys': $value = $wpdb->strip_invalid_text_for_column( $wpdb->options, 'option_value', $value ); if ( is_wp_error( $value ) ) { $error = $value->get_error_message(); diff --git a/src/wp-includes/http.php b/src/wp-includes/http.php index 7d71f39cd5..d4acb41330 100644 --- a/src/wp-includes/http.php +++ b/src/wp-includes/http.php @@ -593,7 +593,7 @@ function wp_http_validate_url( $url ) { } /** - * Whitelists allowed redirect hosts for safe HTTP requests as well. + * Mark allowed redirect hosts safe for HTTP requests as well. * * Attached to the {@see 'http_request_host_is_external'} filter. * @@ -611,7 +611,8 @@ function allowed_http_request_hosts( $is_external, $host ) { } /** - * Whitelists any domain in a multisite installation for safe HTTP requests. + * Adds any domain in a multisite installation for safe HTTP requests to the + * allowed list. * * Attached to the {@see 'http_request_host_is_external'} filter. * diff --git a/src/wp-includes/kses.php b/src/wp-includes/kses.php index b838d37c95..c157bd0fc6 100644 --- a/src/wp-includes/kses.php +++ b/src/wp-includes/kses.php @@ -1720,13 +1720,14 @@ function wp_kses_bad_protocol_once( $string, $allowed_protocols, $count = 1 ) { * Callback for `wp_kses_bad_protocol_once()` regular expression. * * This function processes URL protocols, checks to see if they're in the - * whitelist or not, and returns different data depending on the answer. + * list of allowed protocols or not, and returns different data depending + * on the answer. * * @access private * @ignore * @since 1.0.0 * - * @param string $string URI scheme to check against the whitelist. + * @param string $string URI scheme to check against the list of allowed protocols. * @param string[] $allowed_protocols Array of allowed URL protocols. * @return string Sanitized content. */ @@ -1772,7 +1773,7 @@ function wp_kses_normalize_entities( $string, $context = 'html' ) { // Disarm all entities by converting & to & $string = str_replace( '&', '&', $string ); - // Change back the allowed entities in our entity whitelist. + // Change back the allowed entities in our list of allowed entities. if ( 'xml' === $context ) { $string = preg_replace_callback( '/&([A-Za-z]{2,8}[0-9]{0,2});/', 'wp_kses_xml_named_entities', $string ); } else { @@ -1912,7 +1913,7 @@ function valid_unicode( $i ) { * * This function decodes numeric HTML entities (`A` and `A`). * It doesn't do anything with named entities like `ä`, but we don't - * need them in the URL protocol whitelisting system anyway. + * need them in the allowed URL protocols system anyway. * * @since 1.0.0 * diff --git a/src/wp-includes/meta.php b/src/wp-includes/meta.php index e31e6d4a1a..5251258b8c 100644 --- a/src/wp-includes/meta.php +++ b/src/wp-includes/meta.php @@ -1396,19 +1396,19 @@ function get_registered_metadata( $object_type, $object_id, $meta_key = '' ) { } /** - * Filters out `register_meta()` args based on a whitelist. + * Filters out `register_meta()` args based on an allowed list. * - * `register_meta()` args may change over time, so requiring the whitelist + * `register_meta()` args may change over time, so requiring the allowed list * to be explicitly turned off is a warranty seal of sorts. * * @access private - * @since 4.6.0 + * @since 5.5.0 * * @param array $args Arguments from `register_meta()`. * @param array $default_args Default arguments for `register_meta()`. * @return array Filtered arguments. */ -function _wp_register_meta_args_whitelist( $args, $default_args ) { +function _wp_register_meta_args_allowed_list( $args, $default_args ) { return array_intersect_key( $args, $default_args ); } diff --git a/src/wp-includes/ms-blogs.php b/src/wp-includes/ms-blogs.php index 3da331ef12..d2da311f0b 100644 --- a/src/wp-includes/ms-blogs.php +++ b/src/wp-includes/ms-blogs.php @@ -720,9 +720,9 @@ function update_blog_status( $blog_id, $pref, $value, $deprecated = null ) { _deprecated_argument( __FUNCTION__, '3.1.0' ); } - $pref_whitelist = array( 'site_id', 'domain', 'path', 'registered', 'last_updated', 'public', 'archived', 'mature', 'spam', 'deleted', 'lang_id' ); + $allowed_field_names = array( 'site_id', 'domain', 'path', 'registered', 'last_updated', 'public', 'archived', 'mature', 'spam', 'deleted', 'lang_id' ); - if ( ! in_array( $pref, $pref_whitelist, true ) ) { + if ( ! in_array( $pref, $allowed_field_names, true ) ) { return $value; } diff --git a/src/wp-includes/ms-default-filters.php b/src/wp-includes/ms-default-filters.php index 0f93d37610..d0054b502e 100644 --- a/src/wp-includes/ms-default-filters.php +++ b/src/wp-includes/ms-default-filters.php @@ -124,5 +124,5 @@ add_action( 'update_option_home', 'clean_site_details_cache', 10, 0 ); // If the network upgrade hasn't run yet, assume ms-files.php rewriting is used. add_filter( 'default_site_option_ms_files_rewriting', '__return_true' ); -// Whitelist multisite domains for HTTP requests. +// Allow multisite domains for HTTP requests. add_filter( 'http_request_host_is_external', 'ms_allowed_http_request_hosts', 20, 2 ); diff --git a/src/wp-includes/ms-functions.php b/src/wp-includes/ms-functions.php index 53335a56dc..c2af99ef55 100644 --- a/src/wp-includes/ms-functions.php +++ b/src/wp-includes/ms-functions.php @@ -441,7 +441,8 @@ function is_email_address_unsafe( $user_email ) { * Sanitize and validate data required for a user sign-up. * * Verifies the validity and uniqueness of user names and user email addresses, - * and checks email addresses against admin-provided domain whitelists and blacklists. + * and checks email addresses against allowed and disallowed domains provided by + * administrators. * * The {@see 'wpmu_validate_user_signup'} hook provides an easy way to modify the sign-up * process. The value $result, which is passed to the hook, contains both the user-provided @@ -1358,7 +1359,7 @@ function wpmu_create_blog( $domain, $path, $title, $user_id, $options = array(), wp_installing( true ); } - $site_data_whitelist = array( 'public', 'archived', 'mature', 'spam', 'deleted', 'lang_id' ); + $allowed_data_fields = array( 'public', 'archived', 'mature', 'spam', 'deleted', 'lang_id' ); $site_data = array_merge( array( @@ -1366,14 +1367,14 @@ function wpmu_create_blog( $domain, $path, $title, $user_id, $options = array(), 'path' => $path, 'network_id' => $network_id, ), - array_intersect_key( $options, array_flip( $site_data_whitelist ) ) + array_intersect_key( $options, array_flip( $allowed_data_fields ) ) ); // Data to pass to wp_initialize_site(). $site_initialization_data = array( 'title' => $title, 'user_id' => $user_id, - 'options' => array_diff_key( $options, array_flip( $site_data_whitelist ) ), + 'options' => array_diff_key( $options, array_flip( $allowed_data_fields ) ), ); $blog_id = wp_insert_site( array_merge( $site_data, $site_initialization_data ) ); @@ -1840,12 +1841,12 @@ function get_most_recent_post_of_user( $user_id ) { // /** - * Check an array of MIME types against a whitelist. + * Check an array of MIME types against a list of allowed types. * * WordPress ships with a set of allowed upload filetypes, * which is defined in wp-includes/functions.php in * get_allowed_mime_types(). This function is used to filter - * that list against the filetype whitelist provided by Multisite + * that list against the filetypes allowed provided by Multisite * Super Admins at wp-admin/network/settings.php. * * @since MU (3.0.0) diff --git a/src/wp-includes/ms-site.php b/src/wp-includes/ms-site.php index 4ba9d8ed20..56d14f7eb5 100644 --- a/src/wp-includes/ms-site.php +++ b/src/wp-includes/ms-site.php @@ -114,10 +114,10 @@ function wp_insert_site( array $data ) { $meta['WPLANG'] = get_network_option( $new_site->network_id, 'WPLANG' ); } - // Rebuild the data expected by the `wpmu_new_blog` hook prior to 5.1.0 using whitelisted keys. - // The `$site_data_whitelist` matches the one used in `wpmu_create_blog()`. - $site_data_whitelist = array( 'public', 'archived', 'mature', 'spam', 'deleted', 'lang_id' ); - $meta = array_merge( array_intersect_key( $data, array_flip( $site_data_whitelist ) ), $meta ); + // Rebuild the data expected by the `wpmu_new_blog` hook prior to 5.1.0 using allowed keys. + // The `$allowed_data_fields` matches the one used in `wpmu_create_blog()`. + $allowed_data_fields = array( 'public', 'archived', 'mature', 'spam', 'deleted', 'lang_id' ); + $meta = array_merge( array_intersect_key( $data, array_flip( $allowed_data_fields ) ), $meta ); /** * Fires immediately after a new site is created. @@ -492,8 +492,8 @@ function wp_prepare_site_data( $data, $defaults, $old_site = null ) { */ $data = apply_filters( 'wp_normalize_site_data', $data ); - $whitelist = array( 'domain', 'path', 'network_id', 'registered', 'last_updated', 'public', 'archived', 'mature', 'spam', 'deleted', 'lang_id' ); - $data = array_intersect_key( wp_parse_args( $data, $defaults ), array_flip( $whitelist ) ); + $allowed_data_fields = array( 'domain', 'path', 'network_id', 'registered', 'last_updated', 'public', 'archived', 'mature', 'spam', 'deleted', 'lang_id' ); + $data = array_intersect_key( wp_parse_args( $data, $defaults ), array_flip( $allowed_data_fields ) ); $errors = new WP_Error(); diff --git a/src/wp-includes/option.php b/src/wp-includes/option.php index 28ef635466..b1d553bf7a 100644 --- a/src/wp-includes/option.php +++ b/src/wp-includes/option.php @@ -2097,8 +2097,8 @@ function register_initial_settings() { * @global array $new_whitelist_options * @global array $wp_registered_settings * - * @param string $option_group A settings group name. Should correspond to a whitelisted option key name. - * Default whitelisted option key names include 'general', 'discussion', 'media', + * @param string $option_group A settings group name. Should correspond to an allowed option key name. + * Default allowed option key names include 'general', 'discussion', 'media', * 'reading', 'writing', 'misc', 'options', and 'privacy'. * @param string $option_name The name of an option to sanitize and save. * @param array $args { diff --git a/src/wp-includes/pluggable.php b/src/wp-includes/pluggable.php index bdf86913b2..2ebfb405c4 100644 --- a/src/wp-includes/pluggable.php +++ b/src/wp-includes/pluggable.php @@ -1466,7 +1466,7 @@ if ( ! function_exists( 'wp_validate_redirect' ) ) : $wpp = parse_url( home_url() ); /** - * Filters the whitelist of hosts to redirect to. + * Filters the list of allowed hosts to redirect to. * * @since 2.3.0 * diff --git a/src/wp-includes/rest-api/class-wp-rest-server.php b/src/wp-includes/rest-api/class-wp-rest-server.php index baf0246a0f..232c48339e 100644 --- a/src/wp-includes/rest-api/class-wp-rest-server.php +++ b/src/wp-includes/rest-api/class-wp-rest-server.php @@ -605,7 +605,7 @@ class WP_REST_Server { $embedded = array(); foreach ( $data['_links'] as $rel => $links ) { - // If a list of relations was specified, and the link relation is not in the whitelist, don't process the link. + // If a list of relations was specified, and the link relation is not in the list of allowed relations, don't process the link. if ( is_array( $embed ) && ! in_array( $rel, $embed, true ) ) { continue; } diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-settings-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-settings-controller.php index 0fbdb4f5c9..5bee39b1a8 100644 --- a/src/wp-includes/rest-api/endpoints/class-wp-rest-settings-controller.php +++ b/src/wp-includes/rest-api/endpoints/class-wp-rest-settings-controller.php @@ -251,7 +251,7 @@ class WP_REST_Settings_Controller extends WP_REST_Controller { } /* - * Whitelist the supported types for settings, as we don't want invalid types + * Allow the supported types for settings, as we don't want invalid types * to be updated with arbitrary values that we can't do decent sanitizing for. */ if ( ! in_array( $rest_args['schema']['type'], array( 'number', 'integer', 'string', 'boolean', 'array', 'object' ), true ) ) { @@ -304,7 +304,7 @@ class WP_REST_Settings_Controller extends WP_REST_Controller { * * By default, the schema of settings will throw an error if a value is set to * `null` as it's not a valid value for something like "type => string". We - * provide a wrapper sanitizer to whitelist the use of `null`. + * provide a wrapper sanitizer to allow the use of `null`. * * @since 4.7.0 * diff --git a/src/wp-includes/script-loader.php b/src/wp-includes/script-loader.php index 27fac092cf..f31ae3b32c 100644 --- a/src/wp-includes/script-loader.php +++ b/src/wp-includes/script-loader.php @@ -1064,7 +1064,7 @@ function wp_default_scripts( $scripts ) { ) ); - $scripts->add( 'password-strength-meter', "/wp-admin/js/password-strength-meter$suffix.js", array( 'jquery', 'zxcvbn-async' ), false, 1 ); + $scripts->add( 'password-strength-meter', "/wp-admin/js/password-strength-meter$suffix.js", array( 'jquery', 'wp-deprecated', 'zxcvbn-async' ), false, 1 ); did_action( 'init' ) && $scripts->localize( 'password-strength-meter', 'pwsL10n', @@ -1077,6 +1077,7 @@ function wp_default_scripts( $scripts ) { 'mismatch' => _x( 'Mismatch', 'password mismatch' ), ) ); + $scripts->set_translations( 'password-strength-meter' ); $scripts->add( 'user-profile', "/wp-admin/js/user-profile$suffix.js", array( 'jquery', 'password-strength-meter', 'wp-util' ), false, 1 ); did_action( 'init' ) && $scripts->localize( diff --git a/src/wp-includes/sodium_compat/src/Core/Ed25519.php b/src/wp-includes/sodium_compat/src/Core/Ed25519.php index 72286441de..16ae1d2e88 100644 --- a/src/wp-includes/sodium_compat/src/Core/Ed25519.php +++ b/src/wp-includes/sodium_compat/src/Core/Ed25519.php @@ -376,8 +376,8 @@ abstract class ParagonIE_Sodium_Core_Ed25519 extends ParagonIE_Sodium_Core_Curve */ public static function small_order($R) { - /** @var array> $blacklist */ - $blacklist = array( + /** @var array> $blocklist */ + $blocklist = array( /* 0 (order 4) */ array( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, @@ -463,13 +463,13 @@ abstract class ParagonIE_Sodium_Core_Ed25519 extends ParagonIE_Sodium_Core_Curve 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff ) ); - /** @var int $countBlacklist */ - $countBlacklist = count($blacklist); + /** @var int $countBlocklist */ + $countBlocklist = count($blocklist); - for ($i = 0; $i < $countBlacklist; ++$i) { + for ($i = 0; $i < $countBlocklist; ++$i) { $c = 0; for ($j = 0; $j < 32; ++$j) { - $c |= self::chrToInt($R[$j]) ^ (int) $blacklist[$i][$j]; + $c |= self::chrToInt($R[$j]) ^ (int) $blocklist[$i][$j]; } if ($c === 0) { return true; diff --git a/src/wp-includes/sodium_compat/src/Core32/Ed25519.php b/src/wp-includes/sodium_compat/src/Core32/Ed25519.php index c4ecc55757..927d11e109 100644 --- a/src/wp-includes/sodium_compat/src/Core32/Ed25519.php +++ b/src/wp-includes/sodium_compat/src/Core32/Ed25519.php @@ -378,7 +378,7 @@ abstract class ParagonIE_Sodium_Core32_Ed25519 extends ParagonIE_Sodium_Core32_C */ public static function small_order($R) { - static $blacklist = array( + static $blocklist = array( /* 0 (order 4) */ array( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, @@ -464,13 +464,13 @@ abstract class ParagonIE_Sodium_Core32_Ed25519 extends ParagonIE_Sodium_Core32_C 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff ) ); - /** @var array> $blacklist */ - $countBlacklist = count($blacklist); + /** @var array> $blocklist */ + $countBlocklist = count($blocklist); - for ($i = 0; $i < $countBlacklist; ++$i) { + for ($i = 0; $i < $countBlocklist; ++$i) { $c = 0; for ($j = 0; $j < 32; ++$j) { - $c |= self::chrToInt($R[$j]) ^ $blacklist[$i][$j]; + $c |= self::chrToInt($R[$j]) ^ $blocklist[$i][$j]; } if ($c === 0) { return true; diff --git a/src/wp-includes/theme.php b/src/wp-includes/theme.php index d74cc6b5ae..24a5fbb093 100644 --- a/src/wp-includes/theme.php +++ b/src/wp-includes/theme.php @@ -2823,7 +2823,7 @@ function get_theme_support( $feature, ...$args ) { * @return bool|void Whether feature was removed. */ function remove_theme_support( $feature ) { - // Blacklist: for internal registrations not used directly by themes. + // Do not remove internal registrations that are not used directly by themes. if ( in_array( $feature, array( 'editor-style', 'widgets', 'menus' ), true ) ) { return false; } @@ -2832,11 +2832,11 @@ function remove_theme_support( $feature ) { } /** - * Do not use. Removes theme support internally, ignorant of the blacklist. + * Do not use. Removes theme support internally without knowledge of those not used by + * themes directly. * * @access private * @since 3.1.0 - * * @global array $_wp_theme_features * @global Custom_Image_Header $custom_image_header * @global Custom_Background $custom_background diff --git a/src/wp-includes/user.php b/src/wp-includes/user.php index 2d535964fd..15ea259292 100644 --- a/src/wp-includes/user.php +++ b/src/wp-includes/user.php @@ -1593,11 +1593,11 @@ function wp_insert_user( $userdata ) { } /** - * Filters the list of blacklisted usernames. + * Filters the list of disallowed usernames. * * @since 4.4.0 * - * @param array $usernames Array of blacklisted usernames. + * @param array $usernames Array of disallowed usernames. */ $illegal_logins = (array) apply_filters( 'illegal_user_logins', array() ); diff --git a/src/wp-includes/version.php b/src/wp-includes/version.php index 41636eecf4..8c5171077b 100644 --- a/src/wp-includes/version.php +++ b/src/wp-includes/version.php @@ -20,7 +20,7 @@ $wp_version = '5.5-alpha-47426-src'; * * @global int $wp_db_version */ -$wp_db_version = 48072; +$wp_db_version = 48121; /** * Holds the TinyMCE version. diff --git a/src/wp-includes/widgets.php b/src/wp-includes/widgets.php index b56e99446c..3aca6278c0 100644 --- a/src/wp-includes/widgets.php +++ b/src/wp-includes/widgets.php @@ -1282,7 +1282,7 @@ function retrieve_widgets( $theme_changed = false ) { } /** - * Compares a list of sidebars with their widgets against a whitelist. + * Compares a list of sidebars with their widgets against an allowed list. * * @since 4.9.0 * @since 4.9.2 Always tries to restore widget assignments from previous data, not just if sidebars needed mapping. @@ -1457,22 +1457,22 @@ function wp_map_sidebars_widgets( $existing_sidebars_widgets ) { } /** - * Compares a list of sidebars with their widgets against a whitelist. + * Compares a list of sidebars with their widgets against an allowed list. * * @since 4.9.0 * - * @param array $sidebars_widgets List of sidebars and their widget instance IDs. - * @param array $whitelist Optional. List of widget IDs to compare against. Default: Registered widgets. - * @return array Sidebars with whitelisted widgets. + * @param array $sidebars_widgets List of sidebars and their widget instance IDs. + * @param array $allowed_widget_ids Optional. List of widget IDs to compare against. Default: Registered widgets. + * @return array Sidebars with allowed widgets. */ -function _wp_remove_unregistered_widgets( $sidebars_widgets, $whitelist = array() ) { - if ( empty( $whitelist ) ) { - $whitelist = array_keys( $GLOBALS['wp_registered_widgets'] ); +function _wp_remove_unregistered_widgets( $sidebars_widgets, $allowed_widget_ids = array() ) { + if ( empty( $allowed_widget_ids ) ) { + $allowed_widget_ids = array_keys( $GLOBALS['wp_registered_widgets'] ); } foreach ( $sidebars_widgets as $sidebar => $widgets ) { if ( is_array( $widgets ) ) { - $sidebars_widgets[ $sidebar ] = array_intersect( $widgets, $whitelist ); + $sidebars_widgets[ $sidebar ] = array_intersect( $widgets, $allowed_widget_ids ); } } diff --git a/tests/phpunit/includes/factory/class-wp-unittest-factory-for-blog.php b/tests/phpunit/includes/factory/class-wp-unittest-factory-for-blog.php index 98b46c441f..aba7f0d378 100644 --- a/tests/phpunit/includes/factory/class-wp-unittest-factory-for-blog.php +++ b/tests/phpunit/includes/factory/class-wp-unittest-factory-for-blog.php @@ -40,12 +40,12 @@ class WP_UnitTest_Factory_For_Blog extends WP_UnitTest_Factory_For_Thing { } if ( isset( $args['meta'] ) ) { - // The `$site_data_whitelist` matches the one used in `wpmu_create_blog()`. - $site_data_whitelist = array( 'public', 'archived', 'mature', 'spam', 'deleted', 'lang_id' ); + // The `$allowed_data_fields` matches the one used in `wpmu_create_blog()`. + $allowed_data_fields = array( 'public', 'archived', 'mature', 'spam', 'deleted', 'lang_id' ); foreach ( $args['meta'] as $key => $value ) { - // Promote whitelisted keys to top-level arguments, add others to the options array. - if ( in_array( $key, $site_data_whitelist, true ) ) { + // Promote allowed keys to top-level arguments, add others to the options array. + if ( in_array( $key, $allowed_data_fields, true ) ) { $args[ $key ] = $value; } else { $args['options'][ $key ] = $value; diff --git a/tests/phpunit/tests/admin/includesSchema.php b/tests/phpunit/tests/admin/includesSchema.php index 54b0f0379c..21feca72c4 100644 --- a/tests/phpunit/tests/admin/includesSchema.php +++ b/tests/phpunit/tests/admin/includesSchema.php @@ -159,7 +159,7 @@ class Tests_Admin_Includes_Schema extends WP_UnitTestCase { 'use_quicktags' => '1', ), array( - // This option is on a blacklist and should never exist. + // This option disallowed and should never exist. 'use_quicktags' => false, ), ), diff --git a/tests/phpunit/tests/comment/checkComment.php b/tests/phpunit/tests/comment/checkComment.php index 44d3e524b9..fc4cfa9e83 100644 --- a/tests/phpunit/tests/comment/checkComment.php +++ b/tests/phpunit/tests/comment/checkComment.php @@ -4,7 +4,7 @@ * @group comment */ class Tests_Comment_CheckComment extends WP_UnitTestCase { - public function test_should_return_true_when_comment_whitelist_is_disabled() { + public function test_should_return_true_when_comment_previously_approved_is_disabled() { $author = 'BobtheBuilder'; $author_email = 'bob@example.com'; $author_url = 'http://example.com'; @@ -13,12 +13,12 @@ class Tests_Comment_CheckComment extends WP_UnitTestCase { $user_agent = ''; $comment_type = ''; - update_option( 'comment_whitelist', 0 ); + update_option( 'comment_previously_approved', 0 ); $results = check_comment( $author, $author_email, $author_url, $comment, $author_ip, $user_agent, $comment_type ); $this->assertTrue( $results ); } - public function test_should_return_false_when_comment_whitelist_is_enabled_and_author_does_not_have_approved_comment() { + public function test_should_return_false_when_comment_previously_approved_is_enabled_and_author_does_not_have_approved_comment() { $author = 'BobtheBuilder'; $author_email = 'bob@example.com'; $author_url = 'http://example.com'; @@ -27,13 +27,13 @@ class Tests_Comment_CheckComment extends WP_UnitTestCase { $user_agent = ''; $comment_type = ''; - update_option( 'comment_whitelist', 1 ); + update_option( 'comment_previously_approved', 1 ); $results = check_comment( $author, $author_email, $author_url, $comment, $author_ip, $user_agent, $comment_type ); $this->assertFalse( $results ); } - public function test_should_return_true_when_comment_whitelist_is_enabled_and_author_has_approved_comment() { + public function test_should_return_true_when_comment_previously_approved_is_enabled_and_author_has_approved_comment() { $post_id = self::factory()->post->create(); $prev_args = array( 'comment_post_ID' => $post_id, @@ -44,7 +44,7 @@ class Tests_Comment_CheckComment extends WP_UnitTestCase { ); $prev_comment_id = self::factory()->comment->create( $prev_args ); - update_option( 'comment_whitelist', 1 ); + update_option( 'comment_previously_approved', 1 ); $author = 'BobtheBuilder'; $author_email = 'bob@example.com'; @@ -69,7 +69,7 @@ class Tests_Comment_CheckComment extends WP_UnitTestCase { } public function test_should_return_false_when_content_matches_moderation_key() { - update_option( 'comment_whitelist', 0 ); + update_option( 'comment_previously_approved', 0 ); $author = 'WendytheBuilder'; $author_email = 'wendy@example.com'; @@ -85,7 +85,7 @@ class Tests_Comment_CheckComment extends WP_UnitTestCase { } public function test_should_return_true_when_content_does_not_match_moderation_keys() { - update_option( 'comment_whitelist', 0 ); + update_option( 'comment_previously_approved', 0 ); $author = 'WendytheBuilder'; $author_email = 'wendy@example.com'; @@ -101,7 +101,7 @@ class Tests_Comment_CheckComment extends WP_UnitTestCase { } public function test_should_return_false_when_link_count_exceeds_comment_max_length_setting() { - update_option( 'comment_whitelist', 0 ); + update_option( 'comment_previously_approved', 0 ); $author = 'BobtheBuilder'; $author_email = 'bob@example.com'; @@ -117,7 +117,7 @@ class Tests_Comment_CheckComment extends WP_UnitTestCase { } public function test_should_return_true_when_link_count_does_not_exceed_comment_max_length_setting() { - update_option( 'comment_whitelist', 0 ); + update_option( 'comment_previously_approved', 0 ); $author = 'BobtheBuilder'; $author_email = 'bob@example.com'; @@ -135,7 +135,7 @@ class Tests_Comment_CheckComment extends WP_UnitTestCase { /** * @ticket 28603 */ - public function test_should_return_true_when_comment_whitelist_is_enabled_and_user_has_previously_approved_comments_with_different_email() { + public function test_should_return_true_when_comment_previously_approved_is_enabled_and_user_has_previously_approved_comments_with_different_email() { $subscriber_id = $this->factory()->user->create( array( 'role' => 'subscriber', @@ -158,7 +158,7 @@ class Tests_Comment_CheckComment extends WP_UnitTestCase { wp_update_user( $subscriber_user ); - update_option( 'comment_whitelist', 1 ); + update_option( 'comment_previously_approved', 1 ); $results = check_comment( 'foo', 'newsub@example.com', 'http://example.com', 'This is a comment.', '66.155.40.249', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:35.0) Gecko/20100101 Firefox/35.0', 'comment', 4 ); $this->assertTrue( $results ); @@ -167,7 +167,7 @@ class Tests_Comment_CheckComment extends WP_UnitTestCase { /** * @ticket 28603 */ - public function test_should_return_false_when_comment_whitelist_is_enabled_and_user_does_not_have_a_previously_approved_comment_with_any_email() { + public function test_should_return_false_when_comment_previously_approved_is_enabled_and_user_does_not_have_a_previously_approved_comment_with_any_email() { $subscriber_id = $this->factory()->user->create( array( 'role' => 'subscriber', @@ -180,7 +180,7 @@ class Tests_Comment_CheckComment extends WP_UnitTestCase { wp_update_user( $subscriber_user ); - update_option( 'comment_whitelist', 1 ); + update_option( 'comment_previously_approved', 1 ); $results = check_comment( 'bar', 'zag@example.com', 'http://example.com', 'This is my first comment.', '66.155.40.249', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:35.0) Gecko/20100101 Firefox/35.0', 'comment', 4 ); $this->assertFalse( $results ); diff --git a/tests/phpunit/tests/comment/wpAllowComment.php b/tests/phpunit/tests/comment/wpAllowComment.php index a1404b624c..5c5cb4e088 100644 --- a/tests/phpunit/tests/comment/wpAllowComment.php +++ b/tests/phpunit/tests/comment/wpAllowComment.php @@ -22,14 +22,14 @@ class Tests_Comment_WpAllowComment extends WP_UnitTestCase { ) ); - update_option( 'comment_whitelist', 0 ); + update_option( 'comment_previously_approved', 0 ); } function tearDown() { wp_delete_post( self::$post_id, true ); wp_delete_comment( self::$comment_id, true ); - update_option( 'comment_whitelist', 1 ); + update_option( 'comment_previously_approved', 1 ); } public function test_allow_comment_if_comment_author_emails_differ() { diff --git a/tests/phpunit/tests/comment/wpBlacklistCheck.php b/tests/phpunit/tests/comment/wpBlacklistCheck.php index 6b708d651f..e0dd951b85 100644 --- a/tests/phpunit/tests/comment/wpBlacklistCheck.php +++ b/tests/phpunit/tests/comment/wpBlacklistCheck.php @@ -3,9 +3,9 @@ /** * @group comment */ -class Tests_WP_Blacklist_Check extends WP_UnitTestCase { +class Tests_WP_Blocklist_Check extends WP_UnitTestCase { - public function test_should_return_true_when_content_matches_blacklist_keys() { + public function test_should_return_true_when_content_matches_blocklist_keys() { $author = 'Sting'; $author_email = 'sting@example.com'; $author_url = 'http://example.com'; @@ -13,9 +13,9 @@ class Tests_WP_Blacklist_Check extends WP_UnitTestCase { $author_ip = '192.168.0.1'; $user_agent = ''; - update_option( 'blacklist_keys', "well\nfoo" ); + update_option( 'blocklist_keys', "well\nfoo" ); - $result = wp_blacklist_check( $author, $author_email, $author_url, $comment, $author_ip, $user_agent ); + $result = wp_blocklist_check( $author, $author_email, $author_url, $comment, $author_ip, $user_agent ); $this->assertTrue( $result ); } @@ -23,7 +23,7 @@ class Tests_WP_Blacklist_Check extends WP_UnitTestCase { /** * @ticket 37208 */ - public function test_should_return_true_when_content_with_html_matches_blacklist_keys() { + public function test_should_return_true_when_content_with_html_matches_blocklist_keys() { $author = 'Sting'; $author_email = 'sting@example.com'; $author_url = 'http://example.com'; @@ -31,14 +31,14 @@ class Tests_WP_Blacklist_Check extends WP_UnitTestCase { $author_ip = '192.168.0.1'; $user_agent = ''; - update_option( 'blacklist_keys', "halfway\nfoo" ); + update_option( 'blocklist_keys', "halfway\nfoo" ); - $result = wp_blacklist_check( $author, $author_email, $author_url, $comment, $author_ip, $user_agent ); + $result = wp_blocklist_check( $author, $author_email, $author_url, $comment, $author_ip, $user_agent ); $this->assertTrue( $result ); } - public function test_should_return_true_when_author_matches_blacklist_keys() { + public function test_should_return_true_when_author_matches_blocklist_keys() { $author = 'Sideshow Mel'; $author_email = 'mel@example.com'; $author_url = 'http://example.com'; @@ -46,14 +46,14 @@ class Tests_WP_Blacklist_Check extends WP_UnitTestCase { $author_ip = '192.168.0.1'; $user_agent = ''; - update_option( 'blacklist_keys', "sideshow\nfoo" ); + update_option( 'blocklist_keys', "sideshow\nfoo" ); - $result = wp_blacklist_check( $author, $author_email, $author_url, $comment, $author_ip, $user_agent ); + $result = wp_blocklist_check( $author, $author_email, $author_url, $comment, $author_ip, $user_agent ); $this->assertTrue( $result ); } - public function test_should_return_true_when_url_matches_blacklist_keys() { + public function test_should_return_true_when_url_matches_blocklist_keys() { $author = 'Rainier Wolfcastle'; $author_email = 'rainier@wolfcastle.com'; $author_url = 'http://example.com'; @@ -61,9 +61,9 @@ class Tests_WP_Blacklist_Check extends WP_UnitTestCase { $author_ip = '192.168.0.1'; $user_agent = ''; - update_option( 'blacklist_keys', "example\nfoo" ); + update_option( 'blocklist_keys', "example\nfoo" ); - $result = wp_blacklist_check( $author, $author_email, $author_url, $comment, $author_ip, $user_agent ); + $result = wp_blocklist_check( $author, $author_email, $author_url, $comment, $author_ip, $user_agent ); $this->assertTrue( $result ); } @@ -71,7 +71,7 @@ class Tests_WP_Blacklist_Check extends WP_UnitTestCase { /** * @ticket 37208 */ - public function test_should_return_true_when_link_matches_blacklist_keys() { + public function test_should_return_true_when_link_matches_blocklist_keys() { $author = 'Rainier Wolfcastle'; $author_email = 'rainier@wolfcastle.com'; $author_url = 'http://example.com'; @@ -79,9 +79,9 @@ class Tests_WP_Blacklist_Check extends WP_UnitTestCase { $author_ip = '192.168.0.1'; $user_agent = ''; - update_option( 'blacklist_keys', '/spam/' ); + update_option( 'blocklist_keys', '/spam/' ); - $result = wp_blacklist_check( $author, $author_email, $author_url, $comment, $author_ip, $user_agent ); + $result = wp_blocklist_check( $author, $author_email, $author_url, $comment, $author_ip, $user_agent ); $this->assertTrue( $result ); } @@ -94,9 +94,9 @@ class Tests_WP_Blacklist_Check extends WP_UnitTestCase { $author_ip = '192.168.0.1'; $user_agent = ''; - update_option( 'blacklist_keys', "sideshow\nfoobar" ); + update_option( 'blocklist_keys', "sideshow\nfoobar" ); - $result = wp_blacklist_check( $author, $author_email, $author_url, $comment, $author_ip, $user_agent ); + $result = wp_blocklist_check( $author, $author_email, $author_url, $comment, $author_ip, $user_agent ); $this->assertFalse( $result ); } diff --git a/tests/phpunit/tests/media.php b/tests/phpunit/tests/media.php index 3621711749..2b040d93ad 100644 --- a/tests/phpunit/tests/media.php +++ b/tests/phpunit/tests/media.php @@ -1473,7 +1473,7 @@ EOF; $expected = ''; foreach ( $image_meta['sizes'] as $name => $size ) { - // Whitelist the sizes that should be included so we pick up 'medium_large' in 4.4. + // Allow the sizes that should be included so we pick up 'medium_large' in 4.4. if ( in_array( $name, $intermediates, true ) ) { $expected .= $uploads_dir_url . $year_month . '/' . $size['file'] . ' ' . $size['width'] . 'w, '; } @@ -1518,7 +1518,7 @@ EOF; $expected = ''; foreach ( $image_meta['sizes'] as $name => $size ) { - // Whitelist the sizes that should be included so we pick up 'medium_large' in 4.4. + // Allow the sizes that should be included so we pick up 'medium_large' in 4.4. if ( in_array( $name, $intermediates, true ) ) { $expected .= $uploads_dir_url . $size['file'] . ' ' . $size['width'] . 'w, '; } @@ -1595,7 +1595,7 @@ EOF; $expected = ''; foreach ( $image_meta['sizes'] as $name => $size ) { - // Whitelist the sizes that should be included so we pick up 'medium_large' in 4.4. + // Allow the sizes that should be included so we pick up 'medium_large' in 4.4. if ( in_array( $name, $intermediates, true ) ) { $expected .= $uploads_dir_url . $year_month . '/' . $size['file'] . ' ' . $size['width'] . 'w, '; } @@ -1874,7 +1874,7 @@ EOF; $expected = ''; foreach ( $image_meta['sizes'] as $name => $size ) { - // Whitelist the sizes that should be included so we pick up 'medium_large' in 4.4. + // Allow the sizes that should be included so we pick up 'medium_large' in 4.4. if ( in_array( $name, $intermediates, true ) ) { $expected .= $uploads_dir . $year_month . '/' . $size['file'] . ' ' . $size['width'] . 'w, '; } diff --git a/tests/phpunit/tests/multisite/site.php b/tests/phpunit/tests/multisite/site.php index de4a79f52d..0abbeb5ac4 100644 --- a/tests/phpunit/tests/multisite/site.php +++ b/tests/phpunit/tests/multisite/site.php @@ -2461,14 +2461,14 @@ if ( is_multisite() ) : public function data_wpmu_new_blog_action_backward_commpatible() { return array( - 'default values' => array( + 'default values' => array( array(), array( 'public' => 0, // `public` is one of the default metas in `wpmu_create_blog()' function prior to WordPress 5.1.0. 'WPLANG' => 'en_US', // WPLANG is another default meta in `wpmu_create_blog()` function prior to WordPress 5.1.0. ), ), - 'public site' => array( + 'public site' => array( array( 'public' => 1, ), @@ -2477,7 +2477,7 @@ if ( is_multisite() ) : 'WPLANG' => 'en_US', ), ), - 'all whitelisted' => array( + 'allowed_keys' => array( array( 'public' => -1, 'archived' => 0, @@ -2497,7 +2497,7 @@ if ( is_multisite() ) : 'lang_id' => 11, ), ), - 'extra meta key' => array( + 'extra meta key' => array( array( 'foo' => 'bar', ), diff --git a/tests/phpunit/tests/multisite/siteDetails.php b/tests/phpunit/tests/multisite/siteDetails.php index b705129054..78b392c487 100644 --- a/tests/phpunit/tests/multisite/siteDetails.php +++ b/tests/phpunit/tests/multisite/siteDetails.php @@ -9,101 +9,101 @@ if ( is_multisite() ) : */ class Tests_Multisite_Site_Details extends WP_UnitTestCase { /** - * @dataProvider data_whitelisted_options + * @dataProvider data_allowed_options * * @ticket 40063 */ - public function test_update_whitelisted_option_deletes_site_details_cache( $whitelisted_option, $temporary_value ) { + public function test_update_allowed_option_deletes_site_details_cache( $allowed_option, $temporary_value ) { $site = get_site(); - $original_value = $site->$whitelisted_option; - update_option( $whitelisted_option, $temporary_value ); + $original_value = $site->$allowed_option; + update_option( $allowed_option, $temporary_value ); $cached_result = wp_cache_get( $site->id, 'site-details' ); /* Reset to original value. */ - update_option( $whitelisted_option, $original_value ); + update_option( $allowed_option, $original_value ); $this->assertFalse( $cached_result ); } /** - * @dataProvider data_whitelisted_options + * @dataProvider data_allowed_options * * @ticket 40063 */ - public function test_update_whitelisted_option_deletes_blog_details_cache( $whitelisted_option, $temporary_value ) { + public function test_update_allowed_option_deletes_blog_details_cache( $allowed_option, $temporary_value ) { $blog_details = get_blog_details(); - $original_value = $blog_details->$whitelisted_option; - update_option( $whitelisted_option, $temporary_value ); + $original_value = $blog_details->$allowed_option; + update_option( $allowed_option, $temporary_value ); $cached_result = wp_cache_get( $blog_details->id, 'blog-details' ); /* Reset to original value. */ - update_option( $whitelisted_option, $original_value ); + update_option( $allowed_option, $original_value ); $this->assertFalse( $cached_result ); } /** - * @dataProvider data_whitelisted_options + * @dataProvider data_allowed_options * * @ticket 40063 */ - public function test_update_whitelisted_option_does_not_delete_site_cache( $whitelisted_option, $temporary_value ) { + public function test_update_allowed_option_does_not_delete_site_cache( $allowed_option, $temporary_value ) { $site = get_site(); - $original_value = $site->$whitelisted_option; - update_option( $whitelisted_option, $temporary_value ); + $original_value = $site->$allowed_option; + update_option( $allowed_option, $temporary_value ); $cached_result = wp_cache_get( $site->id, 'sites' ); /* Reset to original value. */ - update_option( $whitelisted_option, $original_value ); + update_option( $allowed_option, $original_value ); $this->assertNotFalse( $cached_result ); } /** - * @dataProvider data_whitelisted_options + * @dataProvider data_allowed_options * * @ticket 40063 */ - public function test_update_whitelisted_option_does_not_delete_short_blog_details_cache( $whitelisted_option, $temporary_value ) { + public function test_update_allowed_option_does_not_delete_short_blog_details_cache( $allowed_option, $temporary_value ) { $blog_details = get_blog_details( null, false ); - $original_value = get_option( $whitelisted_option ); - update_option( $whitelisted_option, $temporary_value ); + $original_value = get_option( $allowed_option ); + update_option( $allowed_option, $temporary_value ); $cached_result = wp_cache_get( $blog_details->id . 'short', 'blog-details' ); /* Reset to original value. */ - update_option( $whitelisted_option, $original_value ); + update_option( $allowed_option, $original_value ); $this->assertNotFalse( $cached_result ); } /** - * @dataProvider data_whitelisted_options + * @dataProvider data_allowed_options * * @ticket 40063 */ - public function test_update_whitelisted_option_does_not_update_sites_last_changed( $whitelisted_option, $temporary_value ) { + public function test_update_allowed_option_does_not_update_sites_last_changed( $allowed_option, $temporary_value ) { $last_changed = wp_cache_get_last_changed( 'sites' ); - $original_value = get_option( $whitelisted_option ); - update_option( $whitelisted_option, $temporary_value ); + $original_value = get_option( $allowed_option ); + update_option( $allowed_option, $temporary_value ); $new_last_changed = wp_cache_get_last_changed( 'sites' ); /* Reset to original value. */ - update_option( $whitelisted_option, $original_value ); + update_option( $allowed_option, $original_value ); $this->assertSame( $new_last_changed, $last_changed ); } - public function data_whitelisted_options() { + public function data_allowed_options() { return array( array( 'blogname', 'Custom Site' ), array( 'home', 'http://custom-site-url.org' ), diff --git a/tests/phpunit/tests/multisite/wpmuValidateUserSignup.php b/tests/phpunit/tests/multisite/wpmuValidateUserSignup.php index 02fee8ae5f..2187890cf8 100644 --- a/tests/phpunit/tests/multisite/wpmuValidateUserSignup.php +++ b/tests/phpunit/tests/multisite/wpmuValidateUserSignup.php @@ -54,7 +54,7 @@ if ( is_multisite() ) : remove_filter( 'is_email', '__return_false' ); } - public function test_should_fail_for_emails_from_non_whitelisted_domains() { + public function test_should_fail_for_emails_from_disallowed_domains() { $domains = array( 'foo.com', 'bar.org' ); update_site_option( 'limited_email_domains', $domains ); @@ -62,7 +62,7 @@ if ( is_multisite() ) : $this->assertContains( 'user_email', $v['errors']->get_error_codes() ); } - public function test_should_not_fail_for_emails_from_whitelisted_domains_with_mixed_case() { + public function test_should_not_fail_for_emails_from_allowed_domains_with_mixed_case() { $domains = array( 'foo.com', 'bar.org' ); update_site_option( 'limited_email_domains', $domains ); diff --git a/tests/phpunit/tests/post/attachments.php b/tests/phpunit/tests/post/attachments.php index 86f167ef2d..458447cf69 100644 --- a/tests/phpunit/tests/post/attachments.php +++ b/tests/phpunit/tests/post/attachments.php @@ -466,7 +466,7 @@ class Tests_Post_Attachments extends WP_UnitTestCase { public function test_wp_attachment_is_default() { // On Multisite, psd is not an allowed mime type by default. if ( is_multisite() ) { - add_filter( 'upload_mimes', array( $this, 'whitelist_psd_mime_type' ), 10, 2 ); + add_filter( 'upload_mimes', array( $this, 'allow_psd_mime_type' ), 10, 2 ); } $filename = DIR_TESTDATA . '/images/test-image.psd'; @@ -481,7 +481,7 @@ class Tests_Post_Attachments extends WP_UnitTestCase { $this->assertFalse( wp_attachment_is( 'video', $attachment_id ) ); if ( is_multisite() ) { - remove_filter( 'upload_mimes', array( $this, 'whitelist_psd_mime_type' ), 10, 2 ); + remove_filter( 'upload_mimes', array( $this, 'allow_psd_mime_type' ), 10, 2 ); } } @@ -493,21 +493,21 @@ class Tests_Post_Attachments extends WP_UnitTestCase { $this->assertFalse( $upload['error'] ); - add_filter( 'upload_mimes', array( $this, 'blacklist_jpg_mime_type' ) ); + add_filter( 'upload_mimes', array( $this, 'disallow_jpg_mime_type' ) ); $upload = wp_upload_bits( wp_basename( $filename ), null, $contents ); - remove_filter( 'upload_mimes', array( $this, 'blacklist_jpg_mime_type' ) ); + remove_filter( 'upload_mimes', array( $this, 'disallow_jpg_mime_type' ) ); $this->assertNotEmpty( $upload['error'] ); } - public function whitelist_psd_mime_type( $mimes ) { + public function allow_psd_mime_type( $mimes ) { $mimes['psd'] = 'application/octet-stream'; return $mimes; } - public function blacklist_jpg_mime_type( $mimes ) { + public function disallow_jpg_mime_type( $mimes ) { unset( $mimes['jpg|jpeg|jpe'] ); return $mimes; } diff --git a/tests/phpunit/tests/post/wpUniquePostSlug.php b/tests/phpunit/tests/post/wpUniquePostSlug.php index a18e0df940..70b43ee947 100644 --- a/tests/phpunit/tests/post/wpUniquePostSlug.php +++ b/tests/phpunit/tests/post/wpUniquePostSlug.php @@ -128,9 +128,9 @@ class Tests_Post_WpUniquePostSlug extends WP_UnitTestCase { } /** - * @dataProvider whitelist_post_statuses + * @dataProvider allowed_post_statuses */ - public function test_whitelisted_post_statuses_should_not_be_forced_to_be_unique( $status ) { + public function test_allowed_post_statuses_should_not_be_forced_to_be_unique( $status ) { $p1 = self::factory()->post->create( array( 'post_type' => 'post', @@ -149,7 +149,7 @@ class Tests_Post_WpUniquePostSlug extends WP_UnitTestCase { $this->assertSame( 'foo', $actual ); } - public function whitelist_post_statuses() { + public function allowed_post_statuses() { return array( array( 'draft' ), array( 'pending' ), diff --git a/tests/phpunit/tests/rest-api.php b/tests/phpunit/tests/rest-api.php index f3cac8ede5..bdbce398db 100644 --- a/tests/phpunit/tests/rest-api.php +++ b/tests/phpunit/tests/rest-api.php @@ -378,7 +378,7 @@ class Tests_REST_API extends WP_UnitTestCase { } /** - * Ensure that result fields are not whitelisted if no request['_fields'] is present. + * Ensure that result fields are not allowed if no request['_fields'] is present. */ public function test_rest_filter_response_fields_no_request_filter() { $response = new WP_REST_Response(); @@ -390,7 +390,7 @@ class Tests_REST_API extends WP_UnitTestCase { } /** - * Ensure that result fields are whitelisted if request['_fields'] is present. + * Ensure that result fields are allowed if request['_fields'] is present. */ public function test_rest_filter_response_fields_single_field_filter() { $response = new WP_REST_Response(); @@ -410,7 +410,7 @@ class Tests_REST_API extends WP_UnitTestCase { } /** - * Ensure that multiple comma-separated fields may be whitelisted with request['_fields']. + * Ensure that multiple comma-separated fields may be allowed with request['_fields']. */ public function test_rest_filter_response_fields_multi_field_filter() { $response = new WP_REST_Response(); @@ -440,7 +440,7 @@ class Tests_REST_API extends WP_UnitTestCase { } /** - * Ensure that multiple comma-separated fields may be whitelisted + * Ensure that multiple comma-separated fields may be allowed * with request['_fields'] using query parameter array syntax. */ public function test_rest_filter_response_fields_multi_field_filter_array() { @@ -472,7 +472,7 @@ class Tests_REST_API extends WP_UnitTestCase { } /** - * Ensure that request['_fields'] whitelists apply to items in response collections. + * Ensure that request['_fields'] allowed list apply to items in response collections. */ public function test_rest_filter_response_fields_numeric_array() { $response = new WP_REST_Response(); @@ -520,7 +520,7 @@ class Tests_REST_API extends WP_UnitTestCase { } /** - * Ensure that nested fields may be whitelisted with request['_fields']. + * Ensure that nested fields may be allowed with request['_fields']. * * @ticket 42094 */ diff --git a/tests/phpunit/tests/widgets.php b/tests/phpunit/tests/widgets.php index 59a047620f..bc63a81d87 100644 --- a/tests/phpunit/tests/widgets.php +++ b/tests/phpunit/tests/widgets.php @@ -1054,9 +1054,9 @@ class Tests_Widgets extends WP_UnitTestCase { 'array_version' => 3, ); - $whitelist = array( 'tag_cloud-1', 'text-1' ); + $allowed_widgets = array( 'tag_cloud-1', 'text-1' ); - $filtered_widgets = _wp_remove_unregistered_widgets( $widgets, $whitelist ); + $filtered_widgets = _wp_remove_unregistered_widgets( $widgets, $allowed_widgets ); $this->assertInternalType( 'array', $filtered_widgets ); $this->assertArrayHasKey( 'fantasy', $filtered_widgets ); diff --git a/tests/phpunit/tests/widgets/text-widget.php b/tests/phpunit/tests/widgets/text-widget.php index 8c2c9cff7f..f4d4c58a4e 100644 --- a/tests/phpunit/tests/widgets/text-widget.php +++ b/tests/phpunit/tests/widgets/text-widget.php @@ -602,7 +602,7 @@ class Test_WP_Widget_Text extends WP_UnitTestCase { $this->assertTrue( $widget->is_legacy_instance( $instance ), 'Legacy when not-wpautop and there is HTML that is not liable to be mutated.' ); } - // Check text examples that will migrate to TinyMCE, where elements and attributes are not in whitelist. + // Check text examples that will migrate to TinyMCE, where elements and attributes are not in the allowed list. $migratable_text_examples = array( 'Check out Example', 'Img', diff --git a/tests/qunit/fixtures/wp-api-generated.js b/tests/qunit/fixtures/wp-api-generated.js index 280144750d..2598fb894f 100644 --- a/tests/qunit/fixtures/wp-api-generated.js +++ b/tests/qunit/fixtures/wp-api-generated.js @@ -137,7 +137,7 @@ mockedApiResponse.Schema = { "discover": { "required": false, "default": true, - "description": "Whether to perform an oEmbed discovery request for non-whitelisted providers.", + "description": "Whether to perform an oEmbed discovery request for unsanctioned providers.", "type": "boolean" } } @@ -4702,7 +4702,7 @@ mockedApiResponse.oembed = { "discover": { "required": false, "default": true, - "description": "Whether to perform an oEmbed discovery request for non-whitelisted providers.", + "description": "Whether to perform an oEmbed discovery request for unsanctioned providers.", "type": "boolean" } } diff --git a/tests/qunit/wp-admin/js/password-strength-meter.js b/tests/qunit/wp-admin/js/password-strength-meter.js index 78f4c4e02a..9c232600d3 100644 --- a/tests/qunit/wp-admin/js/password-strength-meter.js +++ b/tests/qunit/wp-admin/js/password-strength-meter.js @@ -80,23 +80,23 @@ jQuery( function() { } }); - QUnit.test( 'blacklisted words in password should be penalized', function( assert ) { + QUnit.test( 'disallowed words in password should be penalized', function( assert ) { var allowedPasswordScore, penalizedPasswordScore, allowedPassword = 'a[janedoefoe]4', penalizedPassword = 'a[johndoefoe]4', - blacklist = [ 'extra', 'johndoefoe', 'superfluous' ]; + disallowedList = [ 'extra', 'johndoefoe', 'superfluous' ]; - allowedPasswordScore = passwordStrength( allowedPassword, blacklist, allowedPassword ); - penalizedPasswordScore = passwordStrength( penalizedPassword, blacklist, penalizedPassword ); + allowedPasswordScore = passwordStrength( allowedPassword, disallowedList, allowedPassword ); + penalizedPasswordScore = passwordStrength( penalizedPassword, disallowedList, penalizedPassword ); assert.ok( penalizedPasswordScore < allowedPasswordScore, 'Penalized password scored ' + penalizedPasswordScore + '; allowed password scored: ' + allowedPasswordScore ); }); - QUnit.test( 'user input blacklist array should contain expected words', function( assert ) { - var blacklist = wp.passwordStrength.userInputBlacklist(); + QUnit.test( 'user input disallowed list array should contain expected words', function( assert ) { + var disallowedList = wp.passwordStrength.userInputDisallowedList(); - assert.ok( jQuery.isArray( blacklist ), 'blacklist is an array' ); - assert.ok( jQuery.inArray( 'WordPress', blacklist ) > -1, 'blacklist contains "WordPress" from page title' ); - assert.ok( jQuery.inArray( 'tests', blacklist ) > -1, 'blacklist contains "tests" from site URL' ); + assert.ok( jQuery.isArray( disallowedList ), 'disallowed list is an array' ); + assert.ok( jQuery.inArray( 'WordPress', disallowedList ) > -1, 'disallowed list contains "WordPress" from page title' ); + assert.ok( jQuery.inArray( 'tests', disallowedList ) > -1, 'disallowed list contains "tests" from site URL' ); }); });