This brings consistency between single site and multisite in REST API plugin installation tests.
Previously, multisite tests were unnecessarily downloading the plugin from WordPress.org on each test run, causing external HTTP requests and leading to failures in case of a timeout.
Follow-up to [48242], [49491], [49913].
See #51669.
git-svn-id: https://develop.svn.wordpress.org/trunk@49951 602fd350-edb4-49c9-b593-d223f7449a82
Adds 2 new hooks in `register_block_type_from_metadata`:
- Named `block_type_metadata` to filter the content of metadata read from `block.json`
- Named `block_type_metadata_settings` to filter the settings object determined from the metadata that is passed to `register_block_type` call
Props swissspidy.
Fixes#52138.
git-svn-id: https://develop.svn.wordpress.org/trunk@49948 602fd350-edb4-49c9-b593-d223f7449a82
Previously, only the active theme was made available. This commit allows for all themes to be queried if the user has the `switch_themes` or `manage_network_themes` capabilities.
This commit also no longer exposes the `page`, `per_page`, `search` and `context` query parameters since they are not supported by this controller.
Props spacedmonkey, lpawlik, TimothyBlynJacobs.
Fixes#50152.
git-svn-id: https://develop.svn.wordpress.org/trunk@49925 602fd350-edb4-49c9-b593-d223f7449a82
Previously, only the username was checked which caused a PHP warning in some server setups, for instance Shibboleth SSO, where the server only populates the `PHP_AUTH_USER` field.
Props MadtownLems, johnbillion, richard.tape, engahmeds3ed.
Fixes#52003.
git-svn-id: https://develop.svn.wordpress.org/trunk@49919 602fd350-edb4-49c9-b593-d223f7449a82
This adjusts the logic for determining whether to skip some tests when not in the primary branch, and allows for running these tests locally.
Follow-up to [47000], [47001], [49264], [49267], [49280].
See #50401.
git-svn-id: https://develop.svn.wordpress.org/trunk@49916 602fd350-edb4-49c9-b593-d223f7449a82
This prevents external HTTP requests that are not required for the tests in question and may interfere with the results in case of a timeout.
Follow-up to [48242], [49491].
See #51669.
git-svn-id: https://develop.svn.wordpress.org/trunk@49913 602fd350-edb4-49c9-b593-d223f7449a82
This changeset modifies the Site Health panel for HTTPS to provide more accurate recommendations based on whether the environment is already set up for HTTPS.
* Introduces `wp_is_using_https()` to check whether the site is configured to use HTTPS (via its Site Address and WordPress Address).
* Introduces `wp_is_https_supported()` to check whether the environment supports HTTPS. This relies on a cron job which periodically checks support using a loopback request.
Props Clorith, flixos90, miinasikk, westonruter.
Fixes#47577.
git-svn-id: https://develop.svn.wordpress.org/trunk@49904 602fd350-edb4-49c9-b593-d223f7449a82
The modified checks of the `read_private_posts` capability could result in unexpected SQL queries when calling `WP_Query` with invalid parameters.
Reverts [49830], [49832] and [49833].
See #48556.
git-svn-id: https://develop.svn.wordpress.org/trunk@49899 602fd350-edb4-49c9-b593-d223f7449a82
This reinstates [49848], previously reverted in [49849], with the addition of `static` keyword for the `wpSetUpBeforeClass()` method, allowing the tests to pass on PHP 8.
Props peterwilsoncc.
See #51802.
git-svn-id: https://develop.svn.wordpress.org/trunk@49863 602fd350-edb4-49c9-b593-d223f7449a82
This most notably affects the response when XML-RPC is disabled or when the supplied username and password is incorrect.
Props ericmann
Fixes#48213
git-svn-id: https://develop.svn.wordpress.org/trunk@49862 602fd350-edb4-49c9-b593-d223f7449a82
Related Gutenberg PR: https://github.com/WordPress/gutenberg/pull/25220.
It aligns with the latest changes added by aristath to the Gutenberg project. As part of styles splitting for core blocks, there was a special pattern introduced for how style handles are named. Ideally, we would apply it to all blocks but there might be some backward compatibility considerations so I left the handling for non-core blocks unchanged.
Props aristath.
See #50328.
git-svn-id: https://develop.svn.wordpress.org/trunk@49850 602fd350-edb4-49c9-b593-d223f7449a82
This brings the behaviour inline with the `<title>` element of the page which always shows the author name.
Props Tkama, subrataemfluence
Fixes#44183
git-svn-id: https://develop.svn.wordpress.org/trunk@49843 602fd350-edb4-49c9-b593-d223f7449a82
This will help catch issues with Ajax related functionality on multisite.
A few tests have also been marked as `skipWithMultisite()` as they require network admin level capabilities when performing the same operations on a multisite install.
Props garrett-eclipse, netweb.
Fixes#46567.
git-svn-id: https://develop.svn.wordpress.org/trunk@49835 602fd350-edb4-49c9-b593-d223f7449a82
After this change, the relevant `read_private_posts` capability is checked for
each queried post type. This ensures that private posts appear in search and
archive queries for users who have the ability to view those posts.
Props leogermani.
Fixes#13509, #48968, #48556.
git-svn-id: https://develop.svn.wordpress.org/trunk@49830 602fd350-edb4-49c9-b593-d223f7449a82
* Expands the capabilities of `wp_filter_content_tags()` to add the attribute to iframe tags if enabled.
* Modifies the default behavior of `wp_lazy_loading_enabled()` so that it returns `true` for `iframe` tags.
* Introduces a `wp_iframe_tag_add_loading_attr()` function.
* Introduces a `wp_iframe_tag_add_loading_attr` filter.
Like for images, the attribute is only added to iframes which have both `width` and `height` specified (see related #50367).
Props azaozz, flixos90, westonruter.
Fixes#50756.
git-svn-id: https://develop.svn.wordpress.org/trunk@49808 602fd350-edb4-49c9-b593-d223f7449a82
When SimplePie parses HTTP headers, it combines multiple values for the same header into a comma-separated string. `WP_SimplePie_File` overrides the parsing, but was leaving them as an array instead.
That lead to a fatal error in PHP 8, because other parts of the codebase ended up passing an array to a function that expected a string.
Props david.binda, litemotiv, inc2734, NicolasKulka, hellofromTonya, mbabker, skithund, SergeyBiryukov, desrosj, timothyblynjacobs.
Fixes#51056. See #51956.
git-svn-id: https://develop.svn.wordpress.org/trunk@49803 602fd350-edb4-49c9-b593-d223f7449a82
In PHPUnit 3.6.x, `exclude` and `file` paths were required to be relative to the checkout root. This changed in PHPUnit 4 when the path requirements were changed require them to be relative to the configuration file.
Since PHPUnit 3.6.x is only used to test on PHP 5.2 in older branches and is no longer supported, these can be safely removed from the configuration file.
See #51802.
git-svn-id: https://develop.svn.wordpress.org/trunk@49796 602fd350-edb4-49c9-b593-d223f7449a82
Application Passwords uses Basic Authentication to transfer authentication details. If the site is already using Basic Auth, for instance to implement a private staging environment, then the REST API will treat this as an authentication attempt and would end up generating an error for any REST API request.
Now, Application Password authentication will only be attempted if Application Passwords is in use by a site. This is flagged by setting an option whenever an Application Password is created. An upgrade routine is added to set this option if any App Passwords already exist.
Lastly, creating an Application Password will be prevented if the site appears to already be using Basic Authentication.
Props chexwarrior, georgestephanis, adamsilverstein, helen, Clorith, marybaum, TimothyBlynJacobs.
Fixes#51939.
git-svn-id: https://develop.svn.wordpress.org/trunk@49752 602fd350-edb4-49c9-b593-d223f7449a82
This avoids an error on PHP 8 caused by calling `wp_imagecreatetruecolor()` with inputs that aren't numeric, or are less than 0.
Props hellofromtonya, Boniu91, metalandcoffee, SergeyBiryukov.
Fixes#51937.
git-svn-id: https://develop.svn.wordpress.org/trunk@49751 602fd350-edb4-49c9-b593-d223f7449a82
r49212 greatly improved the performance of `get_dirsize()`, but also changed the structure of the data stored in the `dirsize_cache` transient. It stored relative paths instead of absolute ones, and also removed the unnecessary `size` array.
That difference in data structures led to a fatal error in the following environment:
* PHP 8
* Multisite
* A custom `WP_CONTENT_DIR` which is not a child of WP's `ABSPATH` folder (e.g., [https://roots.io/bedrock/ Bedrock])
* The `upload_space_check_disabled` option set to `0`
After upgrading to WP 5.6, the `dirsize_cache` transient still had data in the old format. When `wp-admin.php/index.php` was visited, `get_space_used()` received an `array` instead of an `int`, and tried to divide it by another `int`. PHP 7 would silently cast the arguments to match data types, but [https://wiki.php.net/rfc/arithmetic_operator_type_checks PHP 8 throws a fatal error]:
`Uncaught TypeError: Unsupported operand types: array / int`
`recurse_dirsize()` was using `ABSPATH` to convert the absolute paths to relative ones, but some upload locations are not located under `ABSPATH`. In those cases, `$directory` and `$cache_path` were identical, and that triggered the early return of the old `array`, instead of the expected `int`.
In order to avoid that, this commit restores the absolute paths, but without the `size` array. It also adds a type check when returning cached values. Using absolute paths without `size` has the result of overwriting the old data, so that it matches the new format. The type check and upgrade routine are additional safety measures.
Props peterwilsoncc, janthiel, helen, hellofromtonya, francina, pbiron.
Fixes#51913. See #19879.
git-svn-id: https://develop.svn.wordpress.org/trunk@49744 602fd350-edb4-49c9-b593-d223f7449a82
This enables, for example, the previous post status to be used by this hook without the need to first capture it on an earlier hook.
This also fixes the value of the `$fire_after_hooks` parameter in `get_default_post_to_edit()` so the `wp_after_insert_post` action correctly fires just once on the new post screen.
Props Collizo4sky, peterwilsoncc, hellofromTonya, TimothyBlynJacobs, SergeyBiryukov
Fixes#45114
git-svn-id: https://develop.svn.wordpress.org/trunk@49731 602fd350-edb4-49c9-b593-d223f7449a82
Removes the creation of five posts from the AJAX test suite `setUp()` function, replacing it with a shared fixture only where required.
See #51802.
git-svn-id: https://develop.svn.wordpress.org/trunk@49696 602fd350-edb4-49c9-b593-d223f7449a82
Reverts the move of pre_render_block, render_block_data, and
render_block_context to WP_Block.
This change has more implications than first thought so will be revisted later
in 5.7.
Reverts [49609,49608].
See #51612.
git-svn-id: https://develop.svn.wordpress.org/trunk@49695 602fd350-edb4-49c9-b593-d223f7449a82
This avoids a misleading failure due to Unix vs. Windows EOL style mismatches and allows the test to pass on Windows.
Follow-up to [46612], [49190].
See #19278.
git-svn-id: https://develop.svn.wordpress.org/trunk@49691 602fd350-edb4-49c9-b593-d223f7449a82
Set the default value to `false`. This brings some consistency with the `pre_get_space_used` filter.
Follow-up to [49212], [49616], [49628].
See #19879.
git-svn-id: https://develop.svn.wordpress.org/trunk@49629 602fd350-edb4-49c9-b593-d223f7449a82
When multiple CSS classes are added to a menu item, the nav_menu_link_attributes
filter should be called with $item->classes set to an array of CSS class names.
When previewing in the Customizer, however, a single string was being passed to
$item->classes because WP_Customize_Nav_Menu_Item_Setting::preview() bypasses
wp_update_nav_menu_item() and instead uses filter_wp_get_nav_menu_items().
The fix is to make filter_wp_get_nav_menu_items() match what
wp_update_nav_menu_item() does and split the string into an array.
Fixes#43113.
Props dlh.
git-svn-id: https://develop.svn.wordpress.org/trunk@49624 602fd350-edb4-49c9-b593-d223f7449a82
This largely reverts [49563] due to attachment pages returning 404: File not found errors when they use the `inherit` status.
Permalink changes to attachment pages are retained when they are descendants of trashed or deleted posts.
Props Toro_Unit, helen, johnbillion, peterwilsoncc.
Fixes#51776.
See #5272.
git-svn-id: https://develop.svn.wordpress.org/trunk@49622 602fd350-edb4-49c9-b593-d223f7449a82
Previously App Passwords used a mix of "enabled" and "available". We've now standardized on using "available".
Additionally, we now use a 501 status code when indicating that App Passwords is not available.
Props SergeyBiryukov, ocean90, TimothyBlynJacobs.
Fixes#51513.
git-svn-id: https://develop.svn.wordpress.org/trunk@49617 602fd350-edb4-49c9-b593-d223f7449a82
