Add `aria-label` and `aria-describedby` to provide embed form fields with accessible names and ensure each embed has a unique ID attribute to prevent duplicate IDs.
Props afercia, swissspidy.
Fixes#55664.
git-svn-id: https://develop.svn.wordpress.org/trunk@53912 602fd350-edb4-49c9-b593-d223f7449a82
This aims to improve performance by calling `sanitize_url()` directly, instead of the `esc_url_raw()` wrapper. As of WordPress 6.1, `sanitize_url()` is the recommended function for sanitizing a URL for database or redirect usage.
Follow-up to [11383], [13096], [51597], [53452].
Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
Fixes#55852.
git-svn-id: https://develop.svn.wordpress.org/trunk@53455 602fd350-edb4-49c9-b593-d223f7449a82
This change fixes oEmbed host script enqueueing on front-end when using block themes.
It deprecates `wp_oembed_add_host_js` in favor of `wp_maybe_enqueue_oembed_host_js`. The action is still triggered in `default-filters.php` to ensure backward compatibility for websites that are removing the action. There is now a `has_action()` check in `wp_maybe_enqueue_oembed_host_js()` to see if `wp_oembed_add_host_js()` has not been unhooked from running at the `wp_head` action.
Follow-up to [52132], [52151], [52153], [52325].
Props swissspidy, westonruter, flixos90, kafleg.
Fixes#44632.
git-svn-id: https://develop.svn.wordpress.org/trunk@52437 602fd350-edb4-49c9-b593-d223f7449a82
Due to the way that the `blockquote` and `iframe` are being parsed with a regular expression in `wp_filter_oembed_result()`, if there is any content at all before the `blockquote` start tag then it will fail to be included in the first matching group. By appending the `wp-embed` script instead of prepending it in `get_post_embed_html()`, then the parsing issue is avoided.
Also use non-greedy match `wp_maybe_enqueue_oembed_host_js()`.
Amends [52132].
Fixes#44632.
git-svn-id: https://develop.svn.wordpress.org/trunk@52153 602fd350-edb4-49c9-b593-d223f7449a82
* Prevent loading `wp-embed` script unconditionally on every page in favor of conditionally enqueueing when a post embed is detected. The `wp-embed` script is also explicitly marked as being in the footer group. Sites which currently disable post embed scripts from being enqueued via `remove_action( 'wp_head', 'wp_oembed_add_host_js' )` will continue to do so.
* Send a `ready` message from the host page to each post embed window in case the `iframe` loads before the `wp-embed` script does. When the `ready` message is received by the post embed window, it sends the same `height` message as it sends when it loads.
* Eliminate use of `grunt-include` to inject emoji script and the post embed script. Instead obtain the script contents via `file_get_contents()` (as is done elsewhere in core) and utilize `wp_print_inline_script_tag()`/`wp_get_inline_script_tag()` to construct out the script. This simplifies the logic and allows the running of src without `SCRIPT_DEBUG` enabled.
* For the embed code that users are provided to copy for embedding outside of WP, add the `secret` on the `blockquote` and `iframe`. This ensures the `blockquote` will be hidden when the `iframe` loads. The embed code in question is accessed here via `get_post_embed_html()`.
Props westonruter, swissspidy, pento, flixos90, ocean90.
Fixes#44632, #44306.
git-svn-id: https://develop.svn.wordpress.org/trunk@52132 602fd350-edb4-49c9-b593-d223f7449a82
While this has no effect on the code, it fixes a minor inconsistency with the rest of core.
Props laxman-prajapati.
Fixes#52870.
git-svn-id: https://develop.svn.wordpress.org/trunk@50556 602fd350-edb4-49c9-b593-d223f7449a82
Previously, only posts with the `publish` status could be embedded.
Props goaroundagain, peterwilsoncc, poena.
Fixes#47574.
git-svn-id: https://develop.svn.wordpress.org/trunk@50401 602fd350-edb4-49c9-b593-d223f7449a82
This changeset introduces a filter-based Robots API, providing central control over the `robots` meta tag.
* Introduces `wp_robots()` function which should be called anywhere a `robots` meta tag should be included.
* Introduces `wp_robots` filter which allows adding or modifying directives for the `robots` meta tag. The `wp_robots()` function is entirely filter-based, i.e. if no filter is added to `wp_robots`, no directives will be present, and therefore the entire `robots` meta tag will be omitted.
* Introduces the following `wp_robots` filter functions which replace similar existing functions that were manually rendering a `robots` meta tag:
* `wp_robots_noindex()` replaces `noindex()`, which has been deprecated.
* `wp_robots_no_robots()` replaces `wp_no_robots()`, which has been deprecated.
* `wp_robots_sensitive_page()` replaces `wp_sensitive_page_meta()`, which has been deprecated. Its rendering of the `referrer` meta tag has been moved to another new function `wp_strict_cross_origin_referrer()`.
Migration to the new functions is straightforward. For example, a call to `add_action( 'wp_head', 'wp_no_robots' )` should be replaced with `add_filter( 'wp_robots', 'wp_robots_no_robots' )`.
Plugins and themes that render their own `robots` meta tags are encouraged to switch to rely on the `wp_robots` filter in order to use the central management layer now provided by WordPress core.
Props adamsilverstein, flixos90, timothyblynjacobs, westonruter.
See #51511.
git-svn-id: https://develop.svn.wordpress.org/trunk@49992 602fd350-edb4-49c9-b593-d223f7449a82
Link to `wp_oembed_get()` as the canonical source when documenting additional arguments in various `WP_oEmbed` methods.
Follow-up to [49620].
See #51269.
git-svn-id: https://develop.svn.wordpress.org/trunk@49626 602fd350-edb4-49c9-b593-d223f7449a82
Using the canonical function name for PHP functions is strongly recommended, as aliases may be deprecated or removed without (much) warning.
This replaces all uses of the following:
* `join()` with `implode()`
* `sizeof()` with `count()`
* `is_writeable()` with `is_writable()`
* `doubleval()` with a `(float)` cast
In part, this is a follow-up to #47746.
Props jrf.
See #50767.
git-svn-id: https://develop.svn.wordpress.org/trunk@49193 602fd350-edb4-49c9-b593-d223f7449a82
The tag was supported in phpDocumentor 1.x, but is no longer supported in 2.x and 3.x.
Usage of static variables is considered an internal implementation detail and has no information value for someone reading the docs.
Props alishanvr, jrf.
Fixes#50426.
git-svn-id: https://develop.svn.wordpress.org/trunk@48109 602fd350-edb4-49c9-b593-d223f7449a82
Files inside the `wp-admin` directory may not be publicly available.
Follow-up to [36635], [47018].
Props whyisjake, finomeno, ocean90.
Fixes#50131.
git-svn-id: https://develop.svn.wordpress.org/trunk@47832 602fd350-edb4-49c9-b593-d223f7449a82
This reduces the number of `WordPress.PHP.StrictInArray.MissingTrueStrict` issues from 486 to 50.
Includes minor code layout fixes for better readability.
See #49542.
git-svn-id: https://develop.svn.wordpress.org/trunk@47550 602fd350-edb4-49c9-b593-d223f7449a82
When a theme declares HTML5 support for script and styles via `add_theme_support( 'html5', array( 'script', 'style' ) )`, the `type="text/javascript"` and `type="text/css"` attributes are omitted.
These attributes are unnecessary in HTML5 and cause warnings in the W3C Markup Validation Service.
Props sasiddiqui, swissspidy, knutsp, SergeyBiryukov.
See #42804.
git-svn-id: https://develop.svn.wordpress.org/trunk@46164 602fd350-edb4-49c9-b593-d223f7449a82
* Add missing translator comments.
* Fix placement of some translator comments. Translator comments should be on the line directly above the line containing the translation function call for optimal compatibility with various `.pot` file generation tools. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of translator comments.
Includes minor code layout fixes.
Polyglots, rejoice! All WordPress core files now have translator comments for all strings with placeholders!
Props jrf, subrataemfluence, GaryJ, webdados, Dency, swissspidy, alvarogois, marcomartins, mihaiiceyro, vladwtz, niq1982, flipkeijzer, michielatyoast, chandrapatel, thrijith, joshuanoyce, FesoVik, tessak22, bhaktirajdev, cleancoded, dhavalkasvala, garrett-eclipse, bibliofille, socalchristina, priyankkpatel, 5hel2l2y, adamsilverstein, JeffPaul, pierlo, SergeyBiryukov.
Fixes#44360.
git-svn-id: https://develop.svn.wordpress.org/trunk@45926 602fd350-edb4-49c9-b593-d223f7449a82
The existing `"grunt": "grunt"` script in `package.json` allows for the use of `npm run grunt ...` which uses the local `grunt` binary in the project's `node_modules`.
Fixes#47380
git-svn-id: https://develop.svn.wordpress.org/trunk@45445 602fd350-edb4-49c9-b593-d223f7449a82
Screen reader users rely on the iframe title attribute to describe the contents of iframes. A meaningful title attribute allows to quickly identify the iframe content, so users can determine which iframe to enter and explore in detail or skip if desired.
Note: this is the only case where a title attribute is required for compliance with the W3C Web Content Accessibility Guidelines (WCAG).
- checks for oEmbed response of type `video` or `rich`
- checks if they use an iframe
- fetches the title (if any) from the oEmbed response
- adds the title to the embed iframe
Props bamadesigner, TomHarrigan, swissspidy, jrf, afercia.
Fixes#40245.
git-svn-id: https://develop.svn.wordpress.org/trunk@44942 602fd350-edb4-49c9-b593-d223f7449a82
By changing the way the post title is added to the array of data from `$post->post_title` to `get_the_title()`, the title can now be modified using the `the_title` filter. This ensures post titles returned in oEmbed responses are consistent with those that show on a site.
Props mheikkila, swissspidy.
Fixes#42826.
git-svn-id: https://develop.svn.wordpress.org/trunk@44907 602fd350-edb4-49c9-b593-d223f7449a82
A handful of code formatting issues were introduced in recent commits, runs the auto-fixer on them.
git-svn-id: https://develop.svn.wordpress.org/trunk@44155 602fd350-edb4-49c9-b593-d223f7449a82
Adapts the response from `WP_oEmbed_Controller::get_proxy_item()` so that the response is correctly filtered and embeds work properly in JavaSccript editors. Introduces new `get_oembed_response_data_for_url()` function for preparing internal oEmbed responses.
Merges [43810] from the 5.0 branch to trunk.
Props danielbachhuber, imath, swissspidy.
Fixes#45142.
git-svn-id: https://develop.svn.wordpress.org/trunk@44154 602fd350-edb4-49c9-b593-d223f7449a82
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.
This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script.
- Auto-fixable coding standards issues will now cause Travis failures.
Fixes#44600.
git-svn-id: https://develop.svn.wordpress.org/trunk@43571 602fd350-edb4-49c9-b593-d223f7449a82
WordPress' code just... wasn't.
This is now dealt with.
Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes#41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42343 602fd350-edb4-49c9-b593-d223f7449a82
