This aims to improve performance by calling `sanitize_url()` directly, instead of the `esc_url_raw()` wrapper. As of WordPress 6.1, `sanitize_url()` is the recommended function for sanitizing a URL for database or redirect usage.
Follow-up to [11383], [13096], [51597], [53452].
Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
Fixes#55852.
git-svn-id: https://develop.svn.wordpress.org/trunk@53455 602fd350-edb4-49c9-b593-d223f7449a82
This fixes an `Equals sign not aligned correctly` WPCS warning.
Additionally, this commit sets the `svn:eol-style` property for the `phpunit/tests/ajax/wpAjaxCropImage.php` file and corrects line endings, so that the output of `composer format` is clean.
Follow-up to [53027], [53217], [53404].
Props hellofromTonya, SergeyBiryukov.
See #55647.
git-svn-id: https://develop.svn.wordpress.org/trunk@53441 602fd350-edb4-49c9-b593-d223f7449a82
Ensures that preloaded request can include a `_fields` query param that asks that only selected response fields are returned.
Props jsnajdr, timothyblynjacobs.
Fixes#55213.
See #55567.
git-svn-id: https://develop.svn.wordpress.org/trunk@53217 602fd350-edb4-49c9-b593-d223f7449a82
Related Gutenberg issue: https://github.com/WordPress/gutenberg/issues/39889.
Backporting changes from the Gutenberg plugin:
- new Block Patterns REST API endpoint
- new Block Pattern Categories REST API endpoint
- updates to Query Loop related patterns
- support for custom taxonomies in Query Loop block
Props hellofromtonya, peterwilsoncc, ntsekouras, zieladam, ironprogrammer, spacedmonkey, timothyblynjacobs, antonvlasenko, jsnajdr.
See #55505.
git-svn-id: https://develop.svn.wordpress.org/trunk@53152 602fd350-edb4-49c9-b593-d223f7449a82
Add a REST API to export site templates and template part as html files. When the REST API is requested, it responds by downloading a single ZIP file and exits early, without completing full request. To create the exported zip, the ZipArchive class is required. If this class is not present then the export will gracefully fail, returning a `WP_Error` object and 500 status error code.
Props spacedmonkey, youknowriad, Mamaduka, walbo, peterwilsoncc.
Fixes#54448 .
git-svn-id: https://develop.svn.wordpress.org/trunk@52286 602fd350-edb4-49c9-b593-d223f7449a82
Navigation area were merged as part of full site editing and the new navigation block. This functionality is experimental and not currently used in WordPress core, so should be removed.
Props noisysocks, spacedmonkey, get_dave, zieladam.
Fixes#54506.
git-svn-id: https://develop.svn.wordpress.org/trunk@52272 602fd350-edb4-49c9-b593-d223f7449a82
This is a major release and contains breaking changes.
Most important changes to be aware of for this release:
* All code is now namespaced. Though there is a full backward compatibility layer available and the old class names are still supported, using them will generate a deprecation notice (which can be silenced by plugins if they'd need to support multiple WP versions). See the [https://requests.ryanmccue.info/docs/upgrading.html upgrade guide] for more details.
* A lot of classes have been marked `final`. This should generally not affect userland code as care has been taken to not apply the `final` keyword to classes which are known to be extended in userland code.
* Extensive input validation has been added to Requests. When Requests is used as documented though, this will be unnoticable.
* A new `WpOrg\Requests\Requests::has_capabilities()` method has been introduced which can be used to address #37708.
* A new `WpOrg\Requests\Response::decode_body()` method has been introduced which may be usable to simplify some of the WP native wrapper code.
* Remaining PHP 8.0 compatibility fixed (support for named parameters).
* PHP 8.1 compatibility.
Release notes: https://github.com/WordPress/Requests/releases/tag/v2.0.0
For a full list of changes in this update, see the Requests GitHub:
https://github.com/WordPress/Requests/compare/v1.8.1...v2.0.0
Follow-up to [50842], [51078].
Props jrf, schlessera, datagutten, wojsmol, dd32, dustinrue, soulseekah, costdev, szepeviktor.
Fixes#54504.
git-svn-id: https://develop.svn.wordpress.org/trunk@52244 602fd350-edb4-49c9-b593-d223f7449a82
Copies WP_REST_Block_Navigation_Areas_Controller from the Gutenberg plugin. This
provides the /wp/v2/block-navigation-areas endpoint used by the Navigation
block.
Props antonvlasenko, TimothyBlynJacobs.
Fixes#54393.
git-svn-id: https://develop.svn.wordpress.org/trunk@52133 602fd350-edb4-49c9-b593-d223f7449a82
Follow up to [52041,52049-52052,52054,52106,52108-52110].
Props swisspidy, TobiasBg, spacedmonkey, kebbet, oandregal.
See #54336.
git-svn-id: https://develop.svn.wordpress.org/trunk@52128 602fd350-edb4-49c9-b593-d223f7449a82
This commit introduces the `/wp/v2/menus`, `/wp/v2/menu-items` and `/wp/v2/menu-locations` REST API endpoints. These endpoints are fully available to users with the `edit_theme_options` capability, but can be read by any user who can edit a REST API available post type.
The `nav_menu` taxonomy and `nav_menu_item` post type now map their capabilities to the `edit_theme_options` primitive capability. This allows developers to provide more fine-grained access control. However, if a developer is currently dynamically removing the `edit_theme_options` capability using `map_meta_cap`, they should use the `user_has_cap` filter instead.
The `wp_update_nav_menu_item()` function has been adjusted to return an error if saving the menu item post or assigning the menu item to a menu generate an error.
Lastly, a new menu item type is introduced, `block`, that can be used to store a Block as a menu item.
Props andraganescu, antonvlasenko, dingo_d, dlh, isabel_brison, kadamwhite, Mamaduka, NateWr, noisysocks, peterwilsoncc, ryelle, schlessera, soean, Spacedmonkey, talldanwp, TimothyBlynJacobs, tobifjellner, westonruter, wpscholar, zieladam.
Fixes#40878.
git-svn-id: https://develop.svn.wordpress.org/trunk@52079 602fd350-edb4-49c9-b593-d223f7449a82
This commit ports the global styles rest endpoints from the Gutenberg plugin into the core.
See #54336.
Props oandregal, aristath, timothyblynjacobs, spacedmonkey, youknowriad.
git-svn-id: https://develop.svn.wordpress.org/trunk@52051 602fd350-edb4-49c9-b593-d223f7449a82
Adds a new REST API endpoint (`/wp-block-editor/v1/url-details`) for retrieving information from an external URL.
Information retrieved:
* Title: content of the `<title>` element
* Icon: favicon image link
* Description: content of the `description` or `og:description` meta element
* Image: OG image link
This endpoint is used by the block editor for link previews.
Props get_dave, aduth, andraganescu, beaulebens, hellofromTonya, kevin940726, mamaduka, marekhrabe, mnelson4, noisysocks, obenland, ocean90, retrofox, shaunandrews, spacedmonkey, swissspidy, timothyblynjacobs, xknown, youknowriad.
Fixes#54358.
git-svn-id: https://develop.svn.wordpress.org/trunk@51973 602fd350-edb4-49c9-b593-d223f7449a82
While a taxonomy can define a custom route by using the rest_base argument, a namespace of wp/v2 was assumed. This commit introduces support for a rest_namespace argument.
A new rest_get_route_for_taxonomy_items function has been introduced and the rest_get_route_for_term function updated to facilitate getting the correct route for taxonomies.
For maximum compatibility sticking with the default wp/v2 namespace is recommended until the API functions see wider use.
Props spacedmonkey.
Fixes#54267.
See [51962].
git-svn-id: https://develop.svn.wordpress.org/trunk@51964 602fd350-edb4-49c9-b593-d223f7449a82
While a custom post type can define a custom route by using the `rest_base` argument, a namespace of `wp/v2` was assumed. This commit introduces support for a `rest_namespace` argument.
A new `rest_get_route_for_post_type_items` function has been introduced and the `rest_get_route_for_post` function updated to facilitate getting the correct route for custom post types.
While the WordPress Core Block Editor bootstrap code has been updated to use these API functions, for maximum compatibility sticking with the default `wp/v2` namespace is recommended until the API functions see wider use.
Props spacedmonkey, swissspidy.
Fixes#53656.
git-svn-id: https://develop.svn.wordpress.org/trunk@51962 602fd350-edb4-49c9-b593-d223f7449a82
When a closure does not use `$this`, it can be made `static` for improved performance.
Static closures are supported in PHP since PHP 5.4.
Props jrf, hellofromTonya, swissspidy, SergeyBiryukov.
See #53359.
git-svn-id: https://develop.svn.wordpress.org/trunk@51657 602fd350-edb4-49c9-b593-d223f7449a82
Add an endpoint for fetching block patterns from WordPress.org, and load the block patterns from this new API. Remove the block patterns that have already been moved to WordPress.org/patterns.
Props ryelle, iandunn, youknowriad, timothyblynjacobs.
Fixes#53246.
git-svn-id: https://develop.svn.wordpress.org/trunk@51021 602fd350-edb4-49c9-b593-d223f7449a82
Adds the sidebars, widgets and widget-types REST API endpoints from the
Gutenberg plugin.
Fixes#41683.
Props TimothyBlynJacobs, spacedmonkey, zieladam, jorgefilipecosta, youknowriad, kevin940726.
git-svn-id: https://develop.svn.wordpress.org/trunk@50995 602fd350-edb4-49c9-b593-d223f7449a82
Adds the sidebars, widgets and widget-types REST API endpoints from the
Gutenberg plugin.
Fixes#41683.
Props TimothyBlynJacobs.
git-svn-id: https://develop.svn.wordpress.org/trunk@50993 602fd350-edb4-49c9-b593-d223f7449a82
When validating `enum` values as `integer` or `number`, consider a number with a zero fractional part to be equivalent to an integer of the same value.
In `rest_are_values_equal()`, when comparing two values of type `int` or `float` (in any combination), first cast both of them to `float` and then compare.
This matches some test cases from the official JSON Schema test suite.
Follow-up to [50010].
Props yakimun, stefanjoebstl, TimothyBlynJacobs, rachelbaker.
Fixes#52932.
git-svn-id: https://develop.svn.wordpress.org/trunk@50653 602fd350-edb4-49c9-b593-d223f7449a82
Adjust some newly introduced strings to remove unnecessary numbered placeholders for consistency.
Follow-up to [42827].
See #51800.
git-svn-id: https://develop.svn.wordpress.org/trunk@50234 602fd350-edb4-49c9-b593-d223f7449a82
Previously, only the first error message for each parameter was made available. Now, all error messages for a parameter are concatenated. Additionally, the detailed error for each parameter is made available in a new `details` section of the validation error. Each error is formatted following the standard REST API error formatting.
The `WP_REST_Server::error_to_response` method has been abstracted out into a standalone function `rest_convert_error_to_response` to allow for reuse by `WP_REST_Request`. The formatted errors now also contain an `additional_data` property which contains the additional error data provided by `WP_Error::get_all_error_data`.
Props dlh, xkon, TimothyBlynJacobs.
Fixes#46191.
git-svn-id: https://develop.svn.wordpress.org/trunk@50150 602fd350-edb4-49c9-b593-d223f7449a82
This introduces a new endpoint, `wp/v2/users/me/application-passwords/introspect`, that will return details about the App Password being used to authenticate the current request. This allows for an application to disambiguate between multiple installations of their application which would all share the same `app_id`.
Props xkon, peterwilsoncc, TimothyBlynJacobs.
Fixes#52275.
git-svn-id: https://develop.svn.wordpress.org/trunk@50065 602fd350-edb4-49c9-b593-d223f7449a82
Previously, the `enum` keyword was validated by perform a strict equality check. For `string` types this is generally ok, but it prevented using alternative types like `number` when rich type support isn't available.
Now the same level of type coercion/sanitization is applied when validating `enum` as all other validation checks. This means that a value of `"1"` will be accepted for an `enum` of `[ 0, 1 ]`. Additionally, `object` types now properly ignore key order when checking for equality.
Props yakimun.
Fixes#51911.
git-svn-id: https://develop.svn.wordpress.org/trunk@50010 602fd350-edb4-49c9-b593-d223f7449a82
Previously, the majority of JSON Schema validation errors returned a generic `rest_invalid_param` error code. In preparation for #46191, where the underlying validation error code will be exposed, this commit adds specific error codes for each failure scenario.
Fixes#52317.
git-svn-id: https://develop.svn.wordpress.org/trunk@50007 602fd350-edb4-49c9-b593-d223f7449a82
Previously, only a small subset of keywords were exposed which limited the utility of `OPTIONS` requests.
Props raubvogel, TimothyBlynJacobs.
Fixes#51020.
git-svn-id: https://develop.svn.wordpress.org/trunk@49257 602fd350-edb4-49c9-b593-d223f7449a82
This allows for REST API routes to define more complex validation requirements as JSON Schema instead of procedural validation.
The error code returned from `rest_validate_value_from_schema` for invalid parameter types has been changed from the generic `rest_invalid_param` to the more specific `rest_invalid_type`.
Props yakimun, johnbillion, TimothyBlynJacobs.
Fixes#51025.
git-svn-id: https://develop.svn.wordpress.org/trunk@49246 602fd350-edb4-49c9-b593-d223f7449a82
This provides more flexibility when writing tests and benefits from running in a front-end context which is necessary for some tests like checking that updates are supported. Additionally, this provides a more robust interface for developers who want to integrate with Site Health tests.
Because the `wp/v2` endpoint is reserved for modeling core entities, site health is registered in its own `wp-site-health/v1` namespace.
The existing ajax actions have been maintained for backward compatibility.
Props Clorith, chrisvanpatten, afragen, pokhriyal, TimothyBlynJacobs.
Fixes#48105.
git-svn-id: https://develop.svn.wordpress.org/trunk@49154 602fd350-edb4-49c9-b593-d223f7449a82
This allows for clients to search the used post formats via the /wp/v2/search endpoint by using a type=post-format query parameter.
Fixes#51459.
Props andraganescu, zieladam, noisysocks, TimothyBlynJacobs.
git-svn-id: https://develop.svn.wordpress.org/trunk@49132 602fd350-edb4-49c9-b593-d223f7449a82
In WordPress 4.4 the REST API was first introduced. A few releases later in WordPress 4.7, the Content API endpoints were added, paving the way for Gutenberg and countless in-site experiences. In the intervening years, numerous plugins have built on top of the REST API. Many developers shared a common frustration, the lack of external authentication to the REST API.
This commit introduces Application Passwords to allow users to connect to external applications to their WordPress website. Users can generate individual passwords for each application, allowing for easy revocation and activity monitoring. An authorization flow is introduced to make the connection flow simple for users and application developers.
Application Passwords uses Basic Authentication, and by default is only available over an SSL connection.
Props georgestephanis, kasparsd, timothyblynjacobs, afercia, akkspro, andraganescu, arippberger, aristath, austyfrosty, ayesh, batmoo, bradyvercher, brianhenryie, helen, ipstenu, jeffmatson, jeffpaul, joostdevalk, joshlevinson, kadamwhite, kjbenk, koke, michael-arestad, Otto42, pekz0r, salzano, spacedmonkey, valendesigns.
Fixes#42790.
git-svn-id: https://develop.svn.wordpress.org/trunk@49109 602fd350-edb4-49c9-b593-d223f7449a82
This allows for clients to search the available terms via the `/wp/v2/search` endpoint by using a `type=term` query parameter.
Fixes#51458.
Props andraganescu, zieladam, noisysocks, TimothyBlynJacobs.
git-svn-id: https://develop.svn.wordpress.org/trunk@49103 602fd350-edb4-49c9-b593-d223f7449a82
