public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
Search results ordered by [date|relevance]  view[summary|nested|Atom feed]
thread overview below | download mbox.gz: |
* [gentoo-commits] proj/blogs-gentoo:master commit in: plugins/jetpack/, plugins/jetpack/modules/shortcodes/, plugins/jetpack/modules/
@ 2016-05-30  8:42 99% Anthony G. Basile
  0 siblings, 0 replies; 1+ results
From: Anthony G. Basile @ 2016-05-30  8:42 UTC (permalink / raw
  To: gentoo-commits

commit:     ac14f14fed8b7bdf898cf04e9d2b7745a4cb53b7
Author:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Mon May 30 08:43:25 2016 +0000
Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Mon May 30 08:43:25 2016 +0000
URL:        https://gitweb.gentoo.org/proj/blogs-gentoo.git/commit/?id=ac14f14f

Update plugin jecpack to 4.0.3

 plugins/jetpack/jetpack.php                      |  4 +-
 plugins/jetpack/modules/shortcodes.php           | 60 ++++++++++++++++++++++++
 plugins/jetpack/modules/shortcodes/polldaddy.php |  7 +--
 plugins/jetpack/modules/shortcodes/vimeo.php     |  5 +-
 plugins/jetpack/modules/shortcodes/youtube.php   |  2 +-
 plugins/jetpack/readme.txt                       | 11 ++++-
 6 files changed, 77 insertions(+), 12 deletions(-)

diff --git a/plugins/jetpack/jetpack.php b/plugins/jetpack/jetpack.php
index 4118993..c5ee481 100644
--- a/plugins/jetpack/jetpack.php
+++ b/plugins/jetpack/jetpack.php
@@ -5,7 +5,7 @@
  * Plugin URI: http://jetpack.com
  * Description: Bring the power of the WordPress.com cloud to your self-hosted WordPress. Jetpack enables you to connect your blog to a WordPress.com account to use the powerful features normally only available to WordPress.com users.
  * Author: Automattic
- * Version: 4.0.2
+ * Version: 4.0.3
  * Author URI: http://jetpack.com
  * License: GPL2+
  * Text Domain: jetpack
@@ -14,7 +14,7 @@
 
 define( 'JETPACK__MINIMUM_WP_VERSION', '4.4' );
 
-define( 'JETPACK__VERSION',            '4.0.2' );
+define( 'JETPACK__VERSION',            '4.0.3' );
 define( 'JETPACK_MASTER_USER',         true );
 define( 'JETPACK__API_VERSION',        1 );
 define( 'JETPACK__PLUGIN_DIR',         plugin_dir_path( __FILE__ ) );

diff --git a/plugins/jetpack/modules/shortcodes.php b/plugins/jetpack/modules/shortcodes.php
index 0de4c14..320de04 100644
--- a/plugins/jetpack/modules/shortcodes.php
+++ b/plugins/jetpack/modules/shortcodes.php
@@ -67,6 +67,66 @@ function jetpack_load_shortcodes() {
 	}
 }
 
+/**
+ * Runs preg_replace so that replacements don't happen within open tags.  
+ * Parameters are the same as preg_replace, with an added optional search param for improved performance
+ *
+ * @param String $pattern
+ * @param String $replacement
+ * @param String $content
+ * @param String $search
+ * @return String $content
+ */
+function jetpack_preg_replace_outside_tags( $pattern, $replacement, $content, $search = null ) {
+	if( ! function_exists( 'wp_html_split' ) ) {
+		return $content;
+	}
+
+	if ( $search && false === strpos( $content, $search ) ) {
+		return $content;
+	}
+	
+	$textarr = wp_html_split( $content );
+	unset( $content );
+	foreach( $textarr as &$element ) {
+	    if ( '' === $element || '<' === $element{0} )
+	        continue;
+	    $element = preg_replace( $pattern, $replacement, $element );
+	}
+	
+	return join( $textarr );
+}
+
+/**
+ * Runs preg_replace_callback so that replacements don't happen within open tags.  
+ * Parameters are the same as preg_replace, with an added optional search param for improved performance
+ *
+ * @param String $pattern
+ * @param String $replacement
+ * @param String $content
+ * @param String $search
+ * @return String $content
+ */
+function jetpack_preg_replace_callback_outside_tags( $pattern, $callback, $content, $search = null ) {
+	if( ! function_exists( 'wp_html_split' ) ) {
+		return $content;
+	}
+
+	if ( $search && false === strpos( $content, $search ) ) {
+		return $content;
+	}
+	
+	$textarr = wp_html_split( $content );
+	unset( $content );
+	foreach( $textarr as &$element ) {
+	    if ( '' === $element || '<' === $element{0} )
+	        continue;
+	    $element = preg_replace_callback( $pattern, $callback, $element );
+	}
+	
+	return join( $textarr );
+}
+
 global $wp_version;
 
 if ( version_compare( $wp_version, '3.6-z', '>=' ) ) {

diff --git a/plugins/jetpack/modules/shortcodes/polldaddy.php b/plugins/jetpack/modules/shortcodes/polldaddy.php
index 70ec89b..39890d4 100644
--- a/plugins/jetpack/modules/shortcodes/polldaddy.php
+++ b/plugins/jetpack/modules/shortcodes/polldaddy.php
@@ -565,17 +565,12 @@ new PolldaddyShortcode();
 if ( ! function_exists( 'polldaddy_link' ) ) {
 	// http://polldaddy.com/poll/1562975/?view=results&msg=voted
 	function polldaddy_link( $content ) {
-		return preg_replace( '!(?:\n|\A)http://polldaddy.com/poll/([0-9]+?)/(.+)?(?:\n|\Z)!i', "\n<script type='text/javascript' language='javascript' charset='utf-8' src='//static.polldaddy.com/p/$1.js'></script><noscript> <a href='http://polldaddy.com/poll/$1/' target='_blank'>View Poll</a></noscript>\n", $content );
+		return jetpack_preg_replace_outside_tags( '!(?:\n|\A)http://polldaddy.com/poll/([0-9]+?)/(.+)?(?:\n|\Z)!i', "\n<script type='text/javascript' charset='utf-8' src='//static.polldaddy.com/p/$1.js'></script><noscript> <a href='http://polldaddy.com/poll/$1/'>View Poll</a></noscript>\n", $content, 'polldaddy.com/poll' );
 	}
 
 	// higher priority because we need it before auto-link and autop get to it
 	add_filter( 'the_content', 'polldaddy_link', 1 );
 	add_filter( 'the_content_rss', 'polldaddy_link', 1 );
-
-	/** This filter is documented in modules/shortcodes/youtube.php */
-	if ( apply_filters( 'jetpack_comments_allow_oembed', get_option( 'embed_autourls' ) ) ) {
-		add_filter( 'comment_text', 'polldaddy_link', 1 );
-	}
 }
 
 wp_oembed_add_provider( '#http://poll\.fm/.*#i', 'http://polldaddy.com/oembed/', true );

diff --git a/plugins/jetpack/modules/shortcodes/vimeo.php b/plugins/jetpack/modules/shortcodes/vimeo.php
index f63367d..3d585a0 100644
--- a/plugins/jetpack/modules/shortcodes/vimeo.php
+++ b/plugins/jetpack/modules/shortcodes/vimeo.php
@@ -268,10 +268,11 @@ function vimeo_link( $content ) {
 	 */
 	$plain_url = "(?:[^'\">]?\/?(?:https?:\/\/)?vimeo\.com[^0-9]+)([0-9]+)(?:[^'\"0-9<]|$)";
 
-	return preg_replace_callback(
+	return jetpack_preg_replace_callback_outside_tags(
 			sprintf( '#%s|%s#i', $shortcode, $plain_url ),
 			'vimeo_link_callback',
-		$content
+			$content,
+			'vimeo'
 	);
 }
 

diff --git a/plugins/jetpack/modules/shortcodes/youtube.php b/plugins/jetpack/modules/shortcodes/youtube.php
index 2ea76dd..d5db874 100644
--- a/plugins/jetpack/modules/shortcodes/youtube.php
+++ b/plugins/jetpack/modules/shortcodes/youtube.php
@@ -104,7 +104,7 @@ add_filter( 'pre_kses', 'youtube_embed_to_short_code' );
  * @return string The content with embeds instead of URLs
  */
 function youtube_link( $content ) {
-	return preg_replace_callback( '!(?:\n|\A)https?://(?:www\.)?(?:youtube.com/(?:v/|playlist|watch[/\#?])|youtu\.be/)[^\s]+?(?:\n|\Z)!i', 'youtube_link_callback', $content );
+	return jetpack_preg_replace_callback_outside_tags( '!(?:\n|\A)https?://(?:www\.)?(?:youtube.com/(?:v/|playlist|watch[/\#?])|youtu\.be/)[^\s]+?(?:\n|\Z)!i', 'youtube_link_callback', $content, 'youtube.com/' );
 }
 
 /**

diff --git a/plugins/jetpack/readme.txt b/plugins/jetpack/readme.txt
index 9bfe0a9..c03940a 100644
--- a/plugins/jetpack/readme.txt
+++ b/plugins/jetpack/readme.txt
@@ -1,7 +1,7 @@
 === Jetpack by WordPress.com ===
 Contributors: automattic, adamkheckler, aduth, akirk, allendav, alternatekev, andy, apeatling, azaozz, batmoo, barry, beaulebens, blobaugh, cainm, cfinke, chaselivingston, chellycat, christinepollock, csonnek, danielbachhuber, daniloercoli, designsimply, dllh, dsmart, dzver, ebinnion, eliorivero, enej, eoigal, ethitter, gcorne, georgestephanis, gibrown, goldsounds, hew, hugobaeta, HypertextRanch, iammattthomas, iandunn, jacobshere, jblz, jeherve, jenhooks, jenia, jkudish, jmdodd, Joen, johnjamesjacoby, jshreve, koke, kraftbj, lancewillett, lschuyler, macmanx, martinremy, matt, matveb, mattwiebe, maverick3x6, mcsf, mdawaffe, michaeldcain, michael-arestad, migueluy, mikeyarce, mjangda, mkaz, nancythanki, nickmomrik, obenland, pento, professor44, ryancowles, richardmuscat, richardmtl, roccotripaldi, samhotchkiss, sdquirk, stephdau, tmoorewp, Viper007Bond, westi, yoavf, zinigor
 Tags: WordPress.com, jet pack, comments, contact, gallery, performance, sharing, security, shortcodes, stats, subscriptions, widgets
-Stable tag: 4.0.2
+Stable tag: 4.0.3
 Requires at least: 4.4
 Tested up to: 4.5
 
@@ -73,7 +73,16 @@ There are opportunities for developers at all levels to contribute. [Learn more
 4. Publicize.
 5. Related Posts.
 
+== Upgrade Notice ==
+= 4.0.3 =
+Jetpack 4.0.3 fixes a critical security issue. Please upgrade immediately.
+
 == Changelog ==
+= 4.0.3 =
+Release date: May 26th, 2016
+
+* Important security update. Please upgrade immediately.
+
 = 4.0.2 =
 Release date: April 21st, 2016
 


^ permalink raw reply related	[relevance 99%]

Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2016-05-30  8:42 99% [gentoo-commits] proj/blogs-gentoo:master commit in: plugins/jetpack/, plugins/jetpack/modules/shortcodes/, plugins/jetpack/modules/ Anthony G. Basile

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox