Tag 6.0.3

Built from https://develop.svn.wordpress.org/tags/6.0.3@54599 git-svn-id: http://core.svn.wordpress.org/tags/6.0.3@54153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-10-17 20:15:10 +00:00
15 changed files with 11 additions and 116 deletions
--- a/wp-admin/about.php
+++ b/wp-admin/about.php
@@ -40,52 +40,6 @@ require_once ABSPATH . 'wp-admin/admin-header.php';
 		<div class="about__section changelog">
 			<div class="column">
 				<h2><?php _e( 'Maintenance and Security Releases' ); ?></h2>
-				<p>
-					<?php
-					printf(
-						/* translators: 1: WordPress version number, 2: Plural number of bugs. More than one security issue. */
-						_n(
-							'<strong>Version %1$s</strong> addressed a security issue and fixed %2$s bug.',
-							'<strong>Version %1$s</strong> addressed a security issue and fixed %2$s bugs.',
-							1
-						),
-						'6.0.5',
-						'1'
-					);
-					?>
-					<?php
-					printf(
-						/* translators: %s: HelpHub URL. */
-						__( 'For more information, see <a href="%s">the release notes</a>.' ),
-						sprintf(
-							/* translators: %s: WordPress version. */
-							esc_url( __( 'https://wordpress.org/support/wordpress-version/version-%s/' ) ),
-							sanitize_title( '6.0.5' )
-						)
-					);
-					?>
-				</p>
-
-				<p>
-					<?php
-					printf(
-						/* translators: %s: WordPress version number. */
-						__( '<strong>Version %s</strong> addressed some security issues.' ),
-						'6.0.4'
-					);
-					?>
-					<?php
-					printf(
-						/* translators: %s: HelpHub URL. */
-						__( 'For more information, see <a href="%s">the release notes</a>.' ),
-						sprintf(
-							/* translators: %s: WordPress version. */
-							esc_url( __( 'https://wordpress.org/support/wordpress-version/version-%s/' ) ),
-							sanitize_title( '6.0.4' )
-						)
-					);
-					?>
-				</p>
 				<p>
 					<?php
 					printf(
@@ -503,9 +457,3 @@ __( 'Important! Your version of WordPress (%1$s) is no longer supported, you wil

 /* translators: 1: WordPress version number, 2: Link to update WordPress */
 __( 'Important! Your version of WordPress (%1$s) will stop receiving security updates in the near future. To keep your site secure, please <a href="%2$s">update to the latest version of WordPress</a>.' );
-
-/* translators: %s: The major version of WordPress for this branch. */
-__( 'This is the final release of WordPress %s' );
-
-/* translators: The localized WordPress download URL. */
-__( 'https://wordpress.org/download/' );
--- a/wp-admin/includes/ajax-actions.php
+++ b/wp-admin/includes/ajax-actions.php
@@ -2742,10 +2742,6 @@ function wp_ajax_set_attachment_thumbnail() {
 		wp_send_json_error();
 	}

-	if ( false === check_ajax_referer( 'set-attachment-thumbnail', '_ajax_nonce', false ) ) {
-		wp_send_json_error();
-	}
-
 	$post_ids = array();
 	// For each URL, try to find its corresponding post ID.
 	foreach ( $_POST['urls'] as $url ) {
--- a/wp-includes/block-template.php
+++ b/wp-includes/block-template.php
@@ -237,12 +237,12 @@ function get_the_block_template_html() {

 	$content = $wp_embed->run_shortcode( $_wp_current_template_content );
 	$content = $wp_embed->autoembed( $content );
-	$content = shortcode_unautop( $content );
-	$content = do_shortcode( $content );
 	$content = do_blocks( $content );
 	$content = wptexturize( $content );
 	$content = convert_smilies( $content );
+	$content = shortcode_unautop( $content );
 	$content = wp_filter_content_tags( $content );
+	$content = do_shortcode( $content );
 	$content = str_replace( ']]>', ']]&gt;', $content );

 	// Wrap block template in .wp-site-blocks to allow for specific descendant styles
--- a/wp-includes/blocks.php
+++ b/wp-includes/blocks.php
@@ -647,10 +647,6 @@ function serialize_blocks( $blocks ) {
 function filter_block_content( $text, $allowed_html = 'post', $allowed_protocols = array() ) {
 	$result = '';

-	if ( false !== strpos( $text, '<!--' ) && false !== strpos( $text, '--->' ) ) {
-		$text = preg_replace_callback( '%<!--(.*?)--->%', '_filter_block_content_callback', $text );
-	}
-
 	$blocks = parse_blocks( $text );
 	foreach ( $blocks as $block ) {
 		$block   = filter_block_kses( $block, $allowed_html, $allowed_protocols );
@@ -660,19 +656,6 @@ function filter_block_content( $text, $allowed_html = 'post', $allowed_protocols
 	return $result;
 }

-/**
- * Callback used for regular expression replacement in filter_block_content().
- *
- * @private
- * @since 6.2.1
- *
- * @param array $matches Array of preg_replace_callback matches.
- * @return string Replacement string.
- */
-function _filter_block_content_callback( $matches ) {
-	return '<!--' . rtrim( $matches[1], '-' ) . '-->';
-}
-
 /**
 * Filters and sanitizes a parsed block to remove non-allowable HTML from block
 * attribute values.
--- a/wp-includes/blocks/template-part.php
+++ b/wp-includes/blocks/template-part.php
@@ -128,14 +128,14 @@ function render_block_core_template_part( $attributes ) {
 	}

 	// Run through the actions that are typically taken on the_content.
-	$content                       = shortcode_unautop( $content );
-	$content                       = do_shortcode( $content );
 	$seen_ids[ $template_part_id ] = true;
 	$content                       = do_blocks( $content );
 	unset( $seen_ids[ $template_part_id ] );
 	$content = wptexturize( $content );
 	$content = convert_smilies( $content );
+	$content = shortcode_unautop( $content );
 	$content = wp_filter_content_tags( $content );
+	$content = do_shortcode( $content );

 	// Handle embeds for block template parts.
 	global $wp_embed;
--- a/wp-includes/deprecated.php
+++ b/wp-includes/deprecated.php
@@ -4324,7 +4324,7 @@ function wp_add_iframed_editor_assets_html() {
 * @return array The unmodified clauses.
 */
 function _filter_query_attachment_filenames( $clauses ) {
-	_deprecated_function( __FUNCTION__, '6.0.3', 'add_filter( "wp_allow_query_attachment_by_filename", "__return_true" )' );
+	_deprecated_function( __FUNCTION__, '4.9.9', 'add_filter( "wp_allow_query_attachment_by_filename", "__return_true" )' );
 	remove_filter( 'posts_clauses', __FUNCTION__ );
 	return $clauses;
 }
--- a/wp-includes/formatting.php
+++ b/wp-includes/formatting.php
@@ -2419,29 +2419,6 @@ function sanitize_html_class( $class, $fallback = '' ) {
 	return apply_filters( 'sanitize_html_class', $sanitized, $class, $fallback );
 }

-/**
- * Strips out all characters not allowed in a locale name.
- *
- * @since 6.2.1
- *
- * @param string $locale_name The locale name to be sanitized.
- * @return string The sanitized value.
- */
-function sanitize_locale_name( $locale_name ) {
-	// Limit to A-Z, a-z, 0-9, '_', '-'.
-	$sanitized = preg_replace( '/[^A-Za-z0-9_-]/', '', $locale_name );
-
-	/**
-	 * Filters a sanitized locale name string.
-	 *
-	 * @since 6.2.1
-	 *
-	 * @param string $sanitized   The sanitized locale name.
-	 * @param string $locale_name The locale name before sanitization.
-	 */
-	return apply_filters( 'sanitize_locale_name', $sanitized, $locale_name );
-}
-
 /**
 * Converts lone & characters into `&#038;` (a.k.a. `&amp;`)
 *
--- a/wp-includes/js/media-audiovideo.js
+++ b/wp-includes/js/media-audiovideo.js
@@ -506,7 +506,6 @@ VideoDetails = MediaDetails.extend(/** @lends wp.media.view.MediaFrame.VideoDeta

 			wp.ajax.send( 'set-attachment-thumbnail', {
 				data : {
-					_ajax_nonce: wp.media.view.settings.nonce.setAttachmentThumbnail,
 					urls: urls,
 					thumbnail_id: attachment.get( 'id' )
 				}
--- a/wp-includes/js/media-audiovideo.min.js
+++ b/wp-includes/js/media-audiovideo.min.js
--- a/wp-includes/js/wp-embed.js
+++ b/wp-includes/js/wp-embed.js
@@ -49,7 +49,6 @@

 		var iframes = document.querySelectorAll( 'iframe[data-secret="' + data.secret + '"]' ),
 			blockquotes = document.querySelectorAll( 'blockquote[data-secret="' + data.secret + '"]' ),
-			allowedProtocols = new RegExp( '^https?:$', 'i' ),
 			i, source, height, sourceURL, targetURL;

 		for ( i = 0; i < blockquotes.length; i++ ) {
@@ -85,11 +84,6 @@
 				sourceURL.href = source.getAttribute( 'src' );
 				targetURL.href = data.value;

-				/* Only follow link if the protocol is in the allow list. */
-				if ( ! allowedProtocols.test( targetURL.protocol ) ) {
-					continue;
-				}
-
 				/* Only continue if link hostname matches iframe's hostname. */
 				if ( targetURL.host === sourceURL.host ) {
 					if ( document.activeElement === source ) {
--- a/wp-includes/js/wp-embed.min.js
+++ b/wp-includes/js/wp-embed.min.js
@@ -1,2 +1,2 @@
 /*! This file is auto-generated */
-!function(c,d){"use strict";var e=!1,o=!1;if(d.querySelector)if(c.addEventListener)e=!0;if(c.wp=c.wp||{},c.wp.receiveEmbedMessage);else if(c.wp.receiveEmbedMessage=function(e){var t=e.data;if(!t);else if(!(t.secret||t.message||t.value));else if(/[^a-zA-Z0-9]/.test(t.secret));else{for(var r,s,a,i=d.querySelectorAll('iframe[data-secret="'+t.secret+'"]'),n=d.querySelectorAll('blockquote[data-secret="'+t.secret+'"]'),o=new RegExp("^https?:$","i"),l=0;l<n.length;l++)n[l].style.display="none";for(l=0;l<i.length;l++)if(r=i[l],e.source!==r.contentWindow);else{if(r.removeAttribute("style"),"height"===t.message){if(1e3<(s=parseInt(t.value,10)))s=1e3;else if(~~s<200)s=200;r.height=s}if("link"===t.message)if(s=d.createElement("a"),a=d.createElement("a"),s.href=r.getAttribute("src"),a.href=t.value,!o.test(a.protocol));else if(a.host===s.host)if(d.activeElement===r)c.top.location.href=t.value}}},e)c.addEventListener("message",c.wp.receiveEmbedMessage,!1),d.addEventListener("DOMContentLoaded",t,!1),c.addEventListener("load",t,!1);function t(){if(o);else{o=!0;for(var e,t,r,s=-1!==navigator.appVersion.indexOf("MSIE 10"),a=!!navigator.userAgent.match(/Trident.*rv:11\./),i=d.querySelectorAll("iframe.wp-embedded-content"),n=0;n<i.length;n++){if(!(r=(t=i[n]).getAttribute("data-secret")))r=Math.random().toString(36).substr(2,10),t.src+="#?secret="+r,t.setAttribute("data-secret",r);if(s||a)(e=t.cloneNode(!0)).removeAttribute("security"),t.parentNode.replaceChild(e,t);t.contentWindow.postMessage({message:"ready",secret:r},"*")}}}}(window,document);
+!function(c,l){"use strict";var e=!1,o=!1;if(l.querySelector)if(c.addEventListener)e=!0;if(c.wp=c.wp||{},c.wp.receiveEmbedMessage);else if(c.wp.receiveEmbedMessage=function(e){var t=e.data;if(!t);else if(!(t.secret||t.message||t.value));else if(/[^a-zA-Z0-9]/.test(t.secret));else{for(var r,s,a,i=l.querySelectorAll('iframe[data-secret="'+t.secret+'"]'),n=l.querySelectorAll('blockquote[data-secret="'+t.secret+'"]'),o=0;o<n.length;o++)n[o].style.display="none";for(o=0;o<i.length;o++)if(r=i[o],e.source!==r.contentWindow);else{if(r.removeAttribute("style"),"height"===t.message){if(1e3<(s=parseInt(t.value,10)))s=1e3;else if(~~s<200)s=200;r.height=s}if("link"===t.message)if(s=l.createElement("a"),a=l.createElement("a"),s.href=r.getAttribute("src"),a.href=t.value,a.host===s.host)if(l.activeElement===r)c.top.location.href=t.value}}},e)c.addEventListener("message",c.wp.receiveEmbedMessage,!1),l.addEventListener("DOMContentLoaded",t,!1),c.addEventListener("load",t,!1);function t(){if(o);else{o=!0;for(var e,t,r,s=-1!==navigator.appVersion.indexOf("MSIE 10"),a=!!navigator.userAgent.match(/Trident.*rv:11\./),i=l.querySelectorAll("iframe.wp-embedded-content"),n=0;n<i.length;n++){if(!(r=(t=i[n]).getAttribute("data-secret")))r=Math.random().toString(36).substr(2,10),t.src+="#?secret="+r,t.setAttribute("data-secret",r);if(s||a)(e=t.cloneNode(!0)).removeAttribute("security"),t.parentNode.replaceChild(e,t);t.contentWindow.postMessage({message:"ready",secret:r},"*")}}}}(window,document);
--- a/wp-includes/kses.php
+++ b/wp-includes/kses.php
@@ -2371,7 +2371,6 @@ function safecss_filter_attr( $css, $deprecated = '' ) {
 			'direction',
 			'float',
 			'list-style-type',
-			'object-fit',
 			'object-position',
 			'overflow',
 			'vertical-align',
--- a/wp-includes/l10n.php
+++ b/wp-includes/l10n.php
@@ -147,9 +147,9 @@ function determine_locale() {
 	$wp_lang = '';

 	if ( ! empty( $_GET['wp_lang'] ) ) {
-		$wp_lang = sanitize_locale_name( wp_unslash( $_GET['wp_lang'] ) );
+		$wp_lang = sanitize_text_field( $_GET['wp_lang'] );
 	} elseif ( ! empty( $_COOKIE['wp_lang'] ) ) {
-		$wp_lang = sanitize_locale_name( wp_unslash( $_COOKIE['wp_lang'] ) );
+		$wp_lang = sanitize_text_field( $_COOKIE['wp_lang'] );
 	}

 	if ( ! empty( $wp_lang ) && ! empty( $GLOBALS['pagenow'] ) && 'wp-login.php' === $GLOBALS['pagenow'] ) {
--- a/wp-includes/media.php
+++ b/wp-includes/media.php
@@ -4411,8 +4411,7 @@ function wp_enqueue_media( $args = array() ) {
 		/** This filter is documented in wp-admin/includes/media.php */
 		'captions'          => ! apply_filters( 'disable_captions', '' ),
 		'nonce'             => array(
-			'sendToEditor'           => wp_create_nonce( 'media-send-to-editor' ),
-			'setAttachmentThumbnail' => wp_create_nonce( 'set-attachment-thumbnail' ),
+			'sendToEditor' => wp_create_nonce( 'media-send-to-editor' ),
 		),
 		'post'              => array(
 			'id' => 0,
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -16,7 +16,7 @@
 *
 * @global string $wp_version
 */
-$wp_version = '6.0.5';
+$wp_version = '6.0.3';

 /**
 * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.