Jetpack by WordPress.com

Version Description

Release date: March 05, 2019
Release post: https://wp.me/p1moTy-e9x

Major Enhancements

Block Editor: this release introduces 6 new blocks:
- the Ads block allows you to insert different ads from our WordAds program within your posts and pages.
- the Mailchimp block allows your readers to easily subscribe to your Mailchimp newsletter.
- the Video block supports VideoPress videos if you've purchased our Premium or Professional plan.
- the Slideshow block allows you to insert beautiful slideshows in your posts and pages.
- The Business Hours blocks is useful for companies who want to display their business's Opening Hours on their site.
- The Contact Info block is useful for any business who may want to display useful information on a post or page.

Enhancements

Admin Page: move Carousel settings from Performance to Writing section.
Ads: include search results pages under the Archive toggle.
Block Editor: improve block registration structure for better management of block availability.
General: remove IE8 support fallbacks.
General: add feature suggestions to the plugin search screen.
Image CDN: add new mode that disables the creation of resized images, thus saving disk space.
Instagram: update embed to support Instagram TV URLs.
Post Images detection: add support for alt text.
Plans: clarify upgrade prompts in the Jetpack dashboard's Plans page.
Publicize: remove the Google+ interface as the Social Network is now deprecated.
Related Posts: update block to allow for up to 6 related posts.
Social Menus & Icons: add Discord Support.
Support: add additional tests to check when Jetpack isn't working as expected and ensures all current debugging platforms use the same testing list.
Simple Payments: add generic currency fallback symbol.
Sync: further performance improvements in PHP 7+ environments.
Woocommerce Analytics: include product type with analytics data.

Improved compatibility

General: replace all .dev TLD references by .test as the .dev TLD will soon become available for registration.
PHP 7.3: introduce automated testing for PHP 7.3.
Site Accelerator: ensure compatibility with the AMP plugin.
Twenty Nineteen: fix Top Posts and Pages Widget image list margins.
WordPress 5.1 Compatibility: update usage of wp_schedule_single_event to match changes in WordPress.

Bug fixes

Copy Post: ensure the feature can be used when using non-standard post formats.
Infinite Scroll: fix vertical spacing for new posts loaded with Infinite Scroll.
Internationalization: fix minor problem affecting translations in the block editor.
Mobile Theme: fix PHP notices when trying to display gallery images.
Mobile Theme: fix redirection issues when clicking on the "Desktop version" links.
Photon: add paypalobjects.com to the list of banned domains, as this domain already relies on a CDN.
Publicize / Subscriptions: do not show message at the top of the editor when creating a private post.
Spelling / Grammar: fix error when spellchecking the contents of a Classic block in the block editor.
Top Posts: allow fetching posts from a long timeframe when using the jetpack_top_posts_days filter.
Related Posts: avoid display a dulplicated set of related posts when using the Related Posts block.
REST API: fix a bug causing Likes settings on a post to sometimes be flipped.
Security: avoid bypassing Protect's Math Fallback challenge.
Security: fix an XSS vulnerability in the "My Community" widget.
Site Stats: do not show the Jetpack logo in the Stats dashboard widget title in the Screen Options tab.
Theme Tools: support alternative Pinterest domain extensions in the Social Menus tool.
Widgets: support alternative Pinterest domain extensions in the Social Icons Widget.
Widgets: update the Cookies & Consents Banner to be fully accessible on mobile devices.

See the previous changelogs here.

Download this release

Release Info

Developer	jeherve
Plugin	Jetpack by WordPress.com
Version	7.1
Comparing to
See all releases

Code changes from version 7.1-beta2 to 7.1

Files changed (4) hide show

jetpack.php +2 -2
modules/protect/math-fallback.php +27 -15
modules/widgets/my-community.php +7 -6
readme.txt +3 -1

jetpack.php CHANGED Viewed

	@@ -5,7 +5,7 @@
5	* Plugin URI: https://jetpack.com
6	* Description: Bring the power of the WordPress.com cloud to your self-hosted WordPress. Jetpack enables you to connect your blog to a WordPress.com account to use the powerful features normally only available to WordPress.com users.
7	* Author: Automattic
8	- * Version: 7.1~~-beta2~~
9	* Author URI: https://jetpack.com
10	* License: GPL2+
11	* Text Domain: jetpack
	@@ -14,7 +14,7 @@
14
15	define( 'JETPACK__MINIMUM_WP_VERSION', '4.9' );
16
17	- define( 'JETPACK__VERSION', '7.1~~-beta2~~' );
18	define( 'JETPACK_MASTER_USER', true );
19	define( 'JETPACK__API_VERSION', 1 );
20	define( 'JETPACK__PLUGIN_DIR', plugin_dir_path( __FILE__ ) );


5	* Plugin URI: https://jetpack.com
6	* Description: Bring the power of the WordPress.com cloud to your self-hosted WordPress. Jetpack enables you to connect your blog to a WordPress.com account to use the powerful features normally only available to WordPress.com users.
7	* Author: Automattic
8	+ * Version: 7.1
9	* Author URI: https://jetpack.com
10	* License: GPL2+
11	* Text Domain: jetpack

14
15	define( 'JETPACK__MINIMUM_WP_VERSION', '4.9' );
16
17	+ define( 'JETPACK__VERSION', '7.1' );
18	define( 'JETPACK_MASTER_USER', true );
19	define( 'JETPACK__API_VERSION', 1 );
20	define( 'JETPACK__PLUGIN_DIR', plugin_dir_path( __FILE__ ) );

modules/protect/math-fallback.php CHANGED Viewed

	@@ -23,6 +23,10 @@ if ( ! class_exists( 'Jetpack_Protect_Math_Authenticate' ) ) {
23	}
24	}
25




26	/**
27	* Verifies that a user answered the math problem correctly while logging in.
28	*
	@@ -41,14 +45,17 @@ if ( ! class_exists( 'Jetpack_Protect_Math_Authenticate' ) ) {
41	return true;
42	}
43
44	- $salt = get_site_option( 'jetpack_protect_key' ) . get_site_option( 'admin_email' );
45	$ans = isset( $_POST['jetpack_protect_num'] ) ? (int) $_POST['jetpack_protect_num'] : '' ;
46	- $salted_ans = sha1( $salt . $ans );
47	$correct_ans = isset( $_POST[ 'jetpack_protect_answer' ] ) ? $_POST[ 'jetpack_protect_answer' ] : '' ;
48





49	if ( ! $correct_ans \|\| ! $ans ) {
50	Jetpack_Protect_Math_Authenticate::generate_math_page();
51	- } elseif ( $~~salted_ans~~ != $correct_ans ) {
52	wp_die(
53	__( '<strong>You failed to correctly answer the math problem.</strong> This is used to combat spam when the Protect API is unavailable. Please use your browser\'s back button to return to the login form, press the "refresh" button to generate a new math problem, and try to log in again.', 'jetpack' ),
54	'',
	@@ -67,15 +74,15 @@ if ( ! class_exists( 'Jetpack_Protect_Math_Authenticate' ) ) {
67	static function generate_math_page( $error = false ) {
68	ob_start();
69	?>
70	- <h2><?php _e( 'Please solve this math problem to prove that you are not a bot. Once you solve it, you will need to log in again.', 'jetpack' ); ?></h2>
71	<?php if ($error): ?>
72	- <h3><?php _e( 'Your answer was incorrect, please try again.', 'jetpack' ); ?></h3>
73	<?php endif ?>
74
75	<form action="<?php echo wp_login_url(); ?>" method="post" accept-charset="utf-8">
76	<?php Jetpack_Protect_Math_Authenticate::math_form(); ?>
77	<input type="hidden" name="jetpack_protect_process_math_form" value="1" id="jetpack_protect_process_math_form" />
78	- <p><input type="submit" value="<?php ~~esc_html_e~~( 'Continue →', 'jetpack' ); ?>"></p>
79	</form>
80	<?php
81	$mathpage = ob_get_contents();
	@@ -88,15 +95,18 @@ if ( ! class_exists( 'Jetpack_Protect_Math_Authenticate' ) ) {
88	}
89
90	public function process_generate_math_page() {
91	- $salt = get_site_option( 'jetpack_protect_key' ) . get_site_option( 'admin_email' );
92	$ans = isset( $_POST['jetpack_protect_num'] ) ? (int)$_POST['jetpack_protect_num'] : '';
93	- $salted_ans = sha1( $salt . $ans );
94	$correct_ans = isset( $_POST[ 'jetpack_protect_answer' ] ) ? $_POST[ 'jetpack_protect_answer' ] : '' ;
95
96	- if ( ~~$salted_ans != $correct_ans~~ ) {





97	Jetpack_Protect_Math_Authenticate::generate_math_page(true);
98	} else {
99	- $temp_pass = substr( ~~sha1~~( rand( 1, 100000000 ) . get_site_option( 'jetpack_protect_key' ) ), 5, 25 );
100
101	$jetpack_protect = Jetpack_Protect_Module::instance();
102	$jetpack_protect->set_transient( 'jpp_math_pass_' . $temp_pass, 3, DAY_IN_SECONDS );
	@@ -122,11 +132,13 @@ if ( ! class_exists( 'Jetpack_Protect_Math_Authenticate' ) ) {
122	}
123	}
124
125	- $salt = get_site_option( 'jetpack_protect_key' ) . get_site_option( 'admin_email' );
126	$num1 = rand( 0, 10 );
127	$num2 = rand( 1, 10 );
128	- $~~sum~~ = $num1 + $num2;
129	- ~~$ans = sha1( $salt . $sum );~~



130	?>
131	<div style="margin: 5px 0 20px;">
132	<label for="jetpack_protect_answer">
	@@ -134,10 +146,10 @@ if ( ! class_exists( 'Jetpack_Protect_Math_Authenticate' ) ) {
134	</label>
135	<br/>
136	<span style="vertical-align:super;">
137	- <?php echo "$num1   +   $num2   =  "; ?>
138	</span>
139	<input type="text" id="jetpack_protect_answer" name="jetpack_protect_num" value="" size="2" style="width:30px;height:25px;vertical-align:middle;font-size:13px;" class="input" />
140	- <input type="hidden" name="jetpack_protect_answer" value="<?php echo $~~ans~~; ?>" />
141	</div>
142	<?php
143	}


23	}
24	}
25
26	+ private static function time_window() {
27	+ return ceil( time() / ( MINUTE_IN_SECONDS * 2 ) );
28	+ }
29	+
30	/**
31	* Verifies that a user answered the math problem correctly while logging in.
32	*

45	return true;
46	}
47

48	$ans = isset( $_POST['jetpack_protect_num'] ) ? (int) $_POST['jetpack_protect_num'] : '' ;

49	$correct_ans = isset( $_POST[ 'jetpack_protect_answer' ] ) ? $_POST[ 'jetpack_protect_answer' ] : '' ;
50
51	+ $time_window = Jetpack_Protect_Math_Authenticate::time_window();
52	+ $salt = get_site_option( 'jetpack_protect_key' ) . '\|' . get_site_option( 'admin_email' ) . '\|';
53	+ $salted_ans_1 = hash_hmac( 'sha1', $ans, $salt . $time_window );
54	+ $salted_ans_2 = hash_hmac( 'sha1', $ans, $salt . ( $time_window - 1 ) );
55	+
56	if ( ! $correct_ans \|\| ! $ans ) {
57	Jetpack_Protect_Math_Authenticate::generate_math_page();
58	+ } elseif ( ! hash_equals( $salted_ans_1, $correct_ans ) && ! hash_equals( $salted_ans_2, $correct_ans ) ) {
59	wp_die(
60	__( '<strong>You failed to correctly answer the math problem.</strong> This is used to combat spam when the Protect API is unavailable. Please use your browser\'s back button to return to the login form, press the "refresh" button to generate a new math problem, and try to log in again.', 'jetpack' ),
61	'',

74	static function generate_math_page( $error = false ) {
75	ob_start();
76	?>
77	+ <h2><?php esc_html_e( 'Please solve this math problem to prove that you are not a bot. Once you solve it, you will need to log in again.', 'jetpack' ); ?></h2>
78	<?php if ($error): ?>
79	+ <h3><?php esc_html_e( 'Your answer was incorrect, please try again.', 'jetpack' ); ?></h3>
80	<?php endif ?>
81
82	<form action="<?php echo wp_login_url(); ?>" method="post" accept-charset="utf-8">
83	<?php Jetpack_Protect_Math_Authenticate::math_form(); ?>
84	<input type="hidden" name="jetpack_protect_process_math_form" value="1" id="jetpack_protect_process_math_form" />
85	+ <p><input type="submit" value="<?php esc_attr_e( 'Continue →', 'jetpack' ); ?>"></p>
86	</form>
87	<?php
88	$mathpage = ob_get_contents();

95	}
96
97	public function process_generate_math_page() {

98	$ans = isset( $_POST['jetpack_protect_num'] ) ? (int)$_POST['jetpack_protect_num'] : '';

99	$correct_ans = isset( $_POST[ 'jetpack_protect_answer' ] ) ? $_POST[ 'jetpack_protect_answer' ] : '' ;
100
101	+ $time_window = Jetpack_Protect_Math_Authenticate::time_window();
102	+ $salt = get_site_option( 'jetpack_protect_key' ) . '\|' . get_site_option( 'admin_email' ) . '\|';
103	+ $salted_ans_1 = hash_hmac( 'sha1', $ans, $salt . $time_window );
104	+ $salted_ans_2 = hash_hmac( 'sha1', $ans, $salt . ( $time_window - 1 ) );
105	+
106	+ if ( ! hash_equals( $salted_ans_1, $correct_ans ) && ! hash_equals( $salted_ans_2, $correct_ans ) ) {
107	Jetpack_Protect_Math_Authenticate::generate_math_page(true);
108	} else {
109	+ $temp_pass = substr( hash_hmac( 'sha1', rand( 1, 100000000 ), get_site_option( 'jetpack_protect_key' ) ), 5, 25 );
110
111	$jetpack_protect = Jetpack_Protect_Module::instance();
112	$jetpack_protect->set_transient( 'jpp_math_pass_' . $temp_pass, 3, DAY_IN_SECONDS );

132	}
133	}
134

135	$num1 = rand( 0, 10 );
136	$num2 = rand( 1, 10 );
137	+ $ans = $num1 + $num2;
138	+
139	+ $time_window = Jetpack_Protect_Math_Authenticate::time_window();
140	+ $salt = get_site_option( 'jetpack_protect_key' ) . '\|' . get_site_option( 'admin_email' ) . '\|';
141	+ $salted_ans = hash_hmac( 'sha1', $ans, $salt . $time_window );
142	?>
143	<div style="margin: 5px 0 20px;">
144	<label for="jetpack_protect_answer">

146	</label>
147	<br/>
148	<span style="vertical-align:super;">
149	+ <?php echo esc_html( "$num1   +   $num2   =  " ); ?>
150	</span>
151	<input type="text" id="jetpack_protect_answer" name="jetpack_protect_num" value="" size="2" style="width:30px;height:25px;vertical-align:middle;font-size:13px;" class="input" />
152	+ <input type="hidden" name="jetpack_protect_answer" value="<?php echo esc_attr( $salted_ans ); ?>" />
153	</div>
154	<?php
155	}

modules/widgets/my-community.php CHANGED Viewed

	@@ -144,7 +144,7 @@ class Jetpack_My_Community_Widget extends WP_Widget {
144	$instance['include_followers'] = (bool) $new_instance['include_followers'];
145	$instance['include_commenters'] = (bool) $new_instance['include_commenters'];
146
147	- delete_transient( "$this->id-{$instance['number']}" . (int) $instance['include_likers'] . (int) $instance['include_followers'] . (int) $instance['include_commenters'] );
148
149	return $instance;
150	}
	@@ -183,7 +183,7 @@ class Jetpack_My_Community_Widget extends WP_Widget {
183	echo $args['before_title'] . $title . $args['after_title'];
184	}
185
186	- $transient_name = "$this->id-{$instance['number']}" . (int) $instance['include_likers'] . (int) $instance['include_followers'] . (int) $instance['include_commenters'];
187
188	$my_community = get_transient( $transient_name );
189
	@@ -219,10 +219,11 @@ class Jetpack_My_Community_Widget extends WP_Widget {
219
220	foreach ( $members as $member ) {
221	$my_community .= sprintf(
222	- '<li><a href="%s" %s><img alt="" src="%s" class="avatar avatar-~~240~~" height="48" width="48" ~~originals="240" scale="1" /></~~a></li>',
223	- $member->profile_URL,
224	- ~~empty~~( $member->name ) ~~? '' : 'title="' . $member->name . '"'~~,
225	- $member->~~avatar_URL~~

226	);
227	}
228


144	$instance['include_followers'] = (bool) $new_instance['include_followers'];
145	$instance['include_commenters'] = (bool) $new_instance['include_commenters'];
146
147	+ delete_transient( "$this->id-v2-{$instance['number']}" . (int) $instance['include_likers'] . (int) $instance['include_followers'] . (int) $instance['include_commenters'] );
148
149	return $instance;
150	}

183	echo $args['before_title'] . $title . $args['after_title'];
184	}
185
186	+ $transient_name = "$this->id-v2-{$instance['number']}" . (int) $instance['include_likers'] . (int) $instance['include_followers'] . (int) $instance['include_commenters'];
187
188	$my_community = get_transient( $transient_name );
189

219
220	foreach ( $members as $member ) {
221	$my_community .= sprintf(
222	+ '<li><a href="%s" title="%s"><img alt="%s" src="%s" class="avatar avatar-48" height="48" width="48"></a></li>',
223	+ esc_url( $member->profile_URL ),
224	+ esc_attr( $member->name ),
225	+ esc_attr( $member->name ),
226	+ esc_url( $member->avatar_URL )
227	);
228	}
229

readme.txt CHANGED Viewed

	@@ -1,7 +1,7 @@
1	=== Jetpack by WordPress.com ===
2	Contributors: automattic, adamkheckler, aduth, akirk, allendav, alternatekev, andy, annezazu, apeatling, azaozz, batmoo, barry, beaulebens, blobaugh, cainm, cena, cfinke, chaselivingston, chellycat, clickysteve, csonnek, danielbachhuber, davoraltman, daniloercoli, designsimply, dllh, drawmyface, dsmart, dzver, ebinnion, eliorivero, enej, eoigal, erania-pinnera, ethitter, gcorne, georgestephanis, gibrown, goldsounds, hew, hugobaeta, hypertextranch, iammattthomas, iandunn, jblz, jasmussen, jeffgolenski, jeherve, jenhooks, jenia, jessefriedman, jgs, jkudish, jmdodd, joanrho, johnjamesjacoby, jshreve, keoshi, koke, kraftbj, lancewillett, lschuyler, macmanx, martinremy, matt, matveb, mattwiebe, maverick3x6, mcsf, mdawaffe, MichaelArestad, migueluy, mikeyarce, mkaz, nancythanki, nickmomrik, obenland, oskosk, pento, professor44, rachelsquirrel, rdcoll, ryancowles, richardmuscat, richardmtl, roccotripaldi, samhotchkiss, scarstocea, sdquirk, stephdau, tmoorewp, tyxla, Viper007Bond, westi, yoavf, zinigor
3	Tags: Jetpack, WordPress.com, backup, security, related posts, CDN, speed, anti-spam, social sharing, SEO, video, stats
4	- Stable tag: 7.0.1
5	Requires at least: 4.9
6	Tested up to: 5.0
7
	@@ -155,6 +155,8 @@ There are opportunities for developers at all levels to contribute. [Learn more
155	* Top Posts: allow fetching posts from a long timeframe when using the `jetpack_top_posts_days` filter.
156	* Related Posts: avoid display a dulplicated set of related posts when using the Related Posts block.
157	* REST API: fix a bug causing Likes settings on a post to sometimes be flipped.


158	* Site Stats: do not show the Jetpack logo in the Stats dashboard widget title in the Screen Options tab.
159	* Theme Tools: support alternative Pinterest domain extensions in the Social Menus tool.
160	* Widgets: support alternative Pinterest domain extensions in the Social Icons Widget.


1	=== Jetpack by WordPress.com ===
2	Contributors: automattic, adamkheckler, aduth, akirk, allendav, alternatekev, andy, annezazu, apeatling, azaozz, batmoo, barry, beaulebens, blobaugh, cainm, cena, cfinke, chaselivingston, chellycat, clickysteve, csonnek, danielbachhuber, davoraltman, daniloercoli, designsimply, dllh, drawmyface, dsmart, dzver, ebinnion, eliorivero, enej, eoigal, erania-pinnera, ethitter, gcorne, georgestephanis, gibrown, goldsounds, hew, hugobaeta, hypertextranch, iammattthomas, iandunn, jblz, jasmussen, jeffgolenski, jeherve, jenhooks, jenia, jessefriedman, jgs, jkudish, jmdodd, joanrho, johnjamesjacoby, jshreve, keoshi, koke, kraftbj, lancewillett, lschuyler, macmanx, martinremy, matt, matveb, mattwiebe, maverick3x6, mcsf, mdawaffe, MichaelArestad, migueluy, mikeyarce, mkaz, nancythanki, nickmomrik, obenland, oskosk, pento, professor44, rachelsquirrel, rdcoll, ryancowles, richardmuscat, richardmtl, roccotripaldi, samhotchkiss, scarstocea, sdquirk, stephdau, tmoorewp, tyxla, Viper007Bond, westi, yoavf, zinigor
3	Tags: Jetpack, WordPress.com, backup, security, related posts, CDN, speed, anti-spam, social sharing, SEO, video, stats
4	+ Stable tag: 7.1
5	Requires at least: 4.9
6	Tested up to: 5.0
7

155	* Top Posts: allow fetching posts from a long timeframe when using the `jetpack_top_posts_days` filter.
156	* Related Posts: avoid display a dulplicated set of related posts when using the Related Posts block.
157	* REST API: fix a bug causing Likes settings on a post to sometimes be flipped.
158	+ * Security: avoid bypassing Protect's Math Fallback challenge.
159	+ * Security: fix an XSS vulnerability in the "My Community" widget.
160	* Site Stats: do not show the Jetpack logo in the Stats dashboard widget title in the Screen Options tab.
161	* Theme Tools: support alternative Pinterest domain extensions in the Social Menus tool.
162	* Widgets: support alternative Pinterest domain extensions in the Social Icons Widget.

Jetpack by WordPress.com - Version 7.1

Version Description

Release Info

Code changes from version 7.1-beta2 to 7.1