1 |
commit: ac14f14fed8b7bdf898cf04e9d2b7745a4cb53b7 |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon May 30 08:43:25 2016 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon May 30 08:43:25 2016 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/blogs-gentoo.git/commit/?id=ac14f14f |
7 |
|
8 |
Update plugin jecpack to 4.0.3 |
9 |
|
10 |
plugins/jetpack/jetpack.php | 4 +- |
11 |
plugins/jetpack/modules/shortcodes.php | 60 ++++++++++++++++++++++++ |
12 |
plugins/jetpack/modules/shortcodes/polldaddy.php | 7 +-- |
13 |
plugins/jetpack/modules/shortcodes/vimeo.php | 5 +- |
14 |
plugins/jetpack/modules/shortcodes/youtube.php | 2 +- |
15 |
plugins/jetpack/readme.txt | 11 ++++- |
16 |
6 files changed, 77 insertions(+), 12 deletions(-) |
17 |
|
18 |
diff --git a/plugins/jetpack/jetpack.php b/plugins/jetpack/jetpack.php |
19 |
index 4118993..c5ee481 100644 |
20 |
--- a/plugins/jetpack/jetpack.php |
21 |
+++ b/plugins/jetpack/jetpack.php |
22 |
@@ -5,7 +5,7 @@ |
23 |
* Plugin URI: http://jetpack.com |
24 |
* Description: Bring the power of the WordPress.com cloud to your self-hosted WordPress. Jetpack enables you to connect your blog to a WordPress.com account to use the powerful features normally only available to WordPress.com users. |
25 |
* Author: Automattic |
26 |
- * Version: 4.0.2 |
27 |
+ * Version: 4.0.3 |
28 |
* Author URI: http://jetpack.com |
29 |
* License: GPL2+ |
30 |
* Text Domain: jetpack |
31 |
@@ -14,7 +14,7 @@ |
32 |
|
33 |
define( 'JETPACK__MINIMUM_WP_VERSION', '4.4' ); |
34 |
|
35 |
-define( 'JETPACK__VERSION', '4.0.2' ); |
36 |
+define( 'JETPACK__VERSION', '4.0.3' ); |
37 |
define( 'JETPACK_MASTER_USER', true ); |
38 |
define( 'JETPACK__API_VERSION', 1 ); |
39 |
define( 'JETPACK__PLUGIN_DIR', plugin_dir_path( __FILE__ ) ); |
40 |
|
41 |
diff --git a/plugins/jetpack/modules/shortcodes.php b/plugins/jetpack/modules/shortcodes.php |
42 |
index 0de4c14..320de04 100644 |
43 |
--- a/plugins/jetpack/modules/shortcodes.php |
44 |
+++ b/plugins/jetpack/modules/shortcodes.php |
45 |
@@ -67,6 +67,66 @@ function jetpack_load_shortcodes() { |
46 |
} |
47 |
} |
48 |
|
49 |
+/** |
50 |
+ * Runs preg_replace so that replacements don't happen within open tags. |
51 |
+ * Parameters are the same as preg_replace, with an added optional search param for improved performance |
52 |
+ * |
53 |
+ * @param String $pattern |
54 |
+ * @param String $replacement |
55 |
+ * @param String $content |
56 |
+ * @param String $search |
57 |
+ * @return String $content |
58 |
+ */ |
59 |
+function jetpack_preg_replace_outside_tags( $pattern, $replacement, $content, $search = null ) { |
60 |
+ if( ! function_exists( 'wp_html_split' ) ) { |
61 |
+ return $content; |
62 |
+ } |
63 |
+ |
64 |
+ if ( $search && false === strpos( $content, $search ) ) { |
65 |
+ return $content; |
66 |
+ } |
67 |
+ |
68 |
+ $textarr = wp_html_split( $content ); |
69 |
+ unset( $content ); |
70 |
+ foreach( $textarr as &$element ) { |
71 |
+ if ( '' === $element || '<' === $element{0} ) |
72 |
+ continue; |
73 |
+ $element = preg_replace( $pattern, $replacement, $element ); |
74 |
+ } |
75 |
+ |
76 |
+ return join( $textarr ); |
77 |
+} |
78 |
+ |
79 |
+/** |
80 |
+ * Runs preg_replace_callback so that replacements don't happen within open tags. |
81 |
+ * Parameters are the same as preg_replace, with an added optional search param for improved performance |
82 |
+ * |
83 |
+ * @param String $pattern |
84 |
+ * @param String $replacement |
85 |
+ * @param String $content |
86 |
+ * @param String $search |
87 |
+ * @return String $content |
88 |
+ */ |
89 |
+function jetpack_preg_replace_callback_outside_tags( $pattern, $callback, $content, $search = null ) { |
90 |
+ if( ! function_exists( 'wp_html_split' ) ) { |
91 |
+ return $content; |
92 |
+ } |
93 |
+ |
94 |
+ if ( $search && false === strpos( $content, $search ) ) { |
95 |
+ return $content; |
96 |
+ } |
97 |
+ |
98 |
+ $textarr = wp_html_split( $content ); |
99 |
+ unset( $content ); |
100 |
+ foreach( $textarr as &$element ) { |
101 |
+ if ( '' === $element || '<' === $element{0} ) |
102 |
+ continue; |
103 |
+ $element = preg_replace_callback( $pattern, $callback, $element ); |
104 |
+ } |
105 |
+ |
106 |
+ return join( $textarr ); |
107 |
+} |
108 |
+ |
109 |
global $wp_version; |
110 |
|
111 |
if ( version_compare( $wp_version, '3.6-z', '>=' ) ) { |
112 |
|
113 |
diff --git a/plugins/jetpack/modules/shortcodes/polldaddy.php b/plugins/jetpack/modules/shortcodes/polldaddy.php |
114 |
index 70ec89b..39890d4 100644 |
115 |
--- a/plugins/jetpack/modules/shortcodes/polldaddy.php |
116 |
+++ b/plugins/jetpack/modules/shortcodes/polldaddy.php |
117 |
@@ -565,17 +565,12 @@ new PolldaddyShortcode(); |
118 |
if ( ! function_exists( 'polldaddy_link' ) ) { |
119 |
// http://polldaddy.com/poll/1562975/?view=results&msg=voted |
120 |
function polldaddy_link( $content ) { |
121 |
- return preg_replace( '!(?:\n|\A)http://polldaddy.com/poll/([0-9]+?)/(.+)?(?:\n|\Z)!i', "\n<script type='text/javascript' language='javascript' charset='utf-8' src='//static.polldaddy.com/p/$1.js'></script><noscript> <a href='http://polldaddy.com/poll/$1/' target='_blank'>View Poll</a></noscript>\n", $content ); |
122 |
+ return jetpack_preg_replace_outside_tags( '!(?:\n|\A)http://polldaddy.com/poll/([0-9]+?)/(.+)?(?:\n|\Z)!i', "\n<script type='text/javascript' charset='utf-8' src='//static.polldaddy.com/p/$1.js'></script><noscript> <a href='http://polldaddy.com/poll/$1/'>View Poll</a></noscript>\n", $content, 'polldaddy.com/poll' ); |
123 |
} |
124 |
|
125 |
// higher priority because we need it before auto-link and autop get to it |
126 |
add_filter( 'the_content', 'polldaddy_link', 1 ); |
127 |
add_filter( 'the_content_rss', 'polldaddy_link', 1 ); |
128 |
- |
129 |
- /** This filter is documented in modules/shortcodes/youtube.php */ |
130 |
- if ( apply_filters( 'jetpack_comments_allow_oembed', get_option( 'embed_autourls' ) ) ) { |
131 |
- add_filter( 'comment_text', 'polldaddy_link', 1 ); |
132 |
- } |
133 |
} |
134 |
|
135 |
wp_oembed_add_provider( '#http://poll\.fm/.*#i', 'http://polldaddy.com/oembed/', true ); |
136 |
|
137 |
diff --git a/plugins/jetpack/modules/shortcodes/vimeo.php b/plugins/jetpack/modules/shortcodes/vimeo.php |
138 |
index f63367d..3d585a0 100644 |
139 |
--- a/plugins/jetpack/modules/shortcodes/vimeo.php |
140 |
+++ b/plugins/jetpack/modules/shortcodes/vimeo.php |
141 |
@@ -268,10 +268,11 @@ function vimeo_link( $content ) { |
142 |
*/ |
143 |
$plain_url = "(?:[^'\">]?\/?(?:https?:\/\/)?vimeo\.com[^0-9]+)([0-9]+)(?:[^'\"0-9<]|$)"; |
144 |
|
145 |
- return preg_replace_callback( |
146 |
+ return jetpack_preg_replace_callback_outside_tags( |
147 |
sprintf( '#%s|%s#i', $shortcode, $plain_url ), |
148 |
'vimeo_link_callback', |
149 |
- $content |
150 |
+ $content, |
151 |
+ 'vimeo' |
152 |
); |
153 |
} |
154 |
|
155 |
|
156 |
diff --git a/plugins/jetpack/modules/shortcodes/youtube.php b/plugins/jetpack/modules/shortcodes/youtube.php |
157 |
index 2ea76dd..d5db874 100644 |
158 |
--- a/plugins/jetpack/modules/shortcodes/youtube.php |
159 |
+++ b/plugins/jetpack/modules/shortcodes/youtube.php |
160 |
@@ -104,7 +104,7 @@ add_filter( 'pre_kses', 'youtube_embed_to_short_code' ); |
161 |
* @return string The content with embeds instead of URLs |
162 |
*/ |
163 |
function youtube_link( $content ) { |
164 |
- return preg_replace_callback( '!(?:\n|\A)https?://(?:www\.)?(?:youtube.com/(?:v/|playlist|watch[/\#?])|youtu\.be/)[^\s]+?(?:\n|\Z)!i', 'youtube_link_callback', $content ); |
165 |
+ return jetpack_preg_replace_callback_outside_tags( '!(?:\n|\A)https?://(?:www\.)?(?:youtube.com/(?:v/|playlist|watch[/\#?])|youtu\.be/)[^\s]+?(?:\n|\Z)!i', 'youtube_link_callback', $content, 'youtube.com/' ); |
166 |
} |
167 |
|
168 |
/** |
169 |
|
170 |
diff --git a/plugins/jetpack/readme.txt b/plugins/jetpack/readme.txt |
171 |
index 9bfe0a9..c03940a 100644 |
172 |
--- a/plugins/jetpack/readme.txt |
173 |
+++ b/plugins/jetpack/readme.txt |
174 |
@@ -1,7 +1,7 @@ |
175 |
=== Jetpack by WordPress.com === |
176 |
Contributors: automattic, adamkheckler, aduth, akirk, allendav, alternatekev, andy, apeatling, azaozz, batmoo, barry, beaulebens, blobaugh, cainm, cfinke, chaselivingston, chellycat, christinepollock, csonnek, danielbachhuber, daniloercoli, designsimply, dllh, dsmart, dzver, ebinnion, eliorivero, enej, eoigal, ethitter, gcorne, georgestephanis, gibrown, goldsounds, hew, hugobaeta, HypertextRanch, iammattthomas, iandunn, jacobshere, jblz, jeherve, jenhooks, jenia, jkudish, jmdodd, Joen, johnjamesjacoby, jshreve, koke, kraftbj, lancewillett, lschuyler, macmanx, martinremy, matt, matveb, mattwiebe, maverick3x6, mcsf, mdawaffe, michaeldcain, michael-arestad, migueluy, mikeyarce, mjangda, mkaz, nancythanki, nickmomrik, obenland, pento, professor44, ryancowles, richardmuscat, richardmtl, roccotripaldi, samhotchkiss, sdquirk, stephdau, tmoorewp, Viper007Bond, westi, yoavf, zinigor |
177 |
Tags: WordPress.com, jet pack, comments, contact, gallery, performance, sharing, security, shortcodes, stats, subscriptions, widgets |
178 |
-Stable tag: 4.0.2 |
179 |
+Stable tag: 4.0.3 |
180 |
Requires at least: 4.4 |
181 |
Tested up to: 4.5 |
182 |
|
183 |
@@ -73,7 +73,16 @@ There are opportunities for developers at all levels to contribute. [Learn more |
184 |
4. Publicize. |
185 |
5. Related Posts. |
186 |
|
187 |
+== Upgrade Notice == |
188 |
+= 4.0.3 = |
189 |
+Jetpack 4.0.3 fixes a critical security issue. Please upgrade immediately. |
190 |
+ |
191 |
== Changelog == |
192 |
+= 4.0.3 = |
193 |
+Release date: May 26th, 2016 |
194 |
+ |
195 |
+* Important security update. Please upgrade immediately. |
196 |
+ |
197 |
= 4.0.2 = |
198 |
Release date: April 21st, 2016 |