vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-04-10 07:34:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
34,435 Commits 1 Branch 0 Tags
25c36181389f07fbc7f0263827af3b4be8a79cdd
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Rachel Baker 25c3618138 REST API: Create the general wp_check_jsonp_callback() function for validating JSONP callback functions. 
Move the REST API JSONP callback validation check into a separate function named `wp_check_jsonp_callback()`. This allows plugins to use the built-in validation when handling JSONP callbacks.
Extremely Important Note: If you send JSONP in your custom response, make sure you prefix the response with `/**/`. This will mitigate the Rosetta Flash exploit. You should also send the `X-Content-Type-Options:nosniff` header, or even better, use the REST API infrastructure.

Props rmccue.
Fixes #28523.

git-svn-id: https://develop.svn.wordpress.org/trunk@37646 602fd350-edb4-49c9-b593-d223f7449a82
2016-06-06 21:33:30 +00:00
src
REST API: Create the general wp_check_jsonp_callback() function for validating JSONP callback functions.
2016-06-06 21:33:30 +00:00
tests
REST API: Create the general wp_check_jsonp_callback() function for validating JSONP callback functions.
2016-06-06 21:33:30 +00:00
tools/i18n
i18n tools: In StringExtractor don't strip slashes from URLs.
2016-02-29 20:44:31 +00:00
.editorconfig
Use HTTPS URLs for codex.wordpress.org.
2015-04-12 21:28:58 +00:00
.gitignore
Remove accidental .svn addition to .gitignore
2015-12-12 18:26:22 +00:00
.jshintrc
Build: Prevent non-breaking spaces from accidentally being inserted into JavaScript files.
2015-11-12 12:04:55 +00:00
.travis.yml
Tests: Upgrade the HHVM job to use Ubuntu Trusty, and a more recent version of HHVM.
2016-05-25 06:11:20 +00:00
Gruntfile.js
Build/Test Tools: Run image tasks only if there are changes
2016-04-15 10:18:03 +00:00
package.json
Update grunt-patch-wordpress to 0.4.0
2016-06-01 21:24:09 +00:00
phpunit.xml.dist
Set a whitelist for PHPUnit code coverage.
2016-05-17 20:22:57 +00:00
wp-cli.yml
Remove debug mode from WP-CLI by default, as it now outputs too much debugging information to be of use during normal development.
2015-11-28 18:36:06 +00:00
wp-config-sample.php
Lightly clean up and improve inline documentation in wp-config-sample.php.
2015-05-10 00:05:30 +00:00
wp-tests-config-sample.php
Unit Tests: Correct comment in wp-tests-config-sample.php.
2016-01-21 20:24:12 +00:00
Description
No description provided
243 MiB
Languages
PHP 80.5%
CSS 9.4%
JavaScript 8.5%
SCSS 0.9%
HTML 0.7%