Merge pull request #3 from glomex/maintenance/24092021_merge_upstream

Maintenance/24092021 merge upstream
glomex · Sep 24, 2021 · 2db68ed · 2db68ed
2 parents 14981c1 + bb35678
commit 2db68ed
Show file tree

Hide file tree

Showing 46 changed files with 490 additions and 198 deletions.
diff --git a/BrowserCache_Page_View_SectionSecurity.php b/BrowserCache_Page_View_SectionSecurity.php
@@ -19,111 +19,143 @@
 $feature_policies = array(
 	array(
 		'label'       => 'accelerometer',
-		'description' => __( 'controls whether the current document is allowed to gather information about the acceleration of the device through the Accelerometer interface', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to gather information about the acceleration of the device through the Accelerometer interface.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'ambient-light-sensor',
-		'description' => __( 'controls whether the current document is allowed to gather information about the amount of light in the environment around the device through the AmbientLightSensor interface', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to gather information about the amount of light in the environment around the device through the AmbientLightSensor interface.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'autoplay',
-		'description' => __( 'controls whether the current document is allowed to autoplay media requested through the HTMLMediaElement interface', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to autoplay media requested through the HTMLMediaElement interface.', 'w3-total-cache' ),
+	),
+	array(
+		'label'       => 'battery',
+		'description' => __( 'Controls whether the use of the Battery Status API is allowed. When this policy is disabled, the Promise returned by Navigator.getBattery() will reject with a NotAllowedError DOMException.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'camera',
-		'description' => __( 'controls whether the current document is allowed to use video input devices', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to use video input devices.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'display-capture',
-		'description' => __( 'controls whether or not the document is permitted to use Screen Capture API', 'w3-total-cache' ),
+		'description' => __( 'Controls whether or not the document is permitted to use Screen Capture API.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'document-domain',
-		'description' => __( 'controls whether the current document is allowed to set document.domain', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to set document.domain.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'encrypted-media',
-		'description' => __( 'controls whether the current document is allowed to use the Encrypted Media Extensions API (EME)', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to use the Encrypted Media Extensions API (EME).', 'w3-total-cache' ),
+	),
+	array(
+		'label'       => 'execution-while-not-rendered',
+		'description' => __( 'Controls whether tasks should execute in frames while they\'re not being rendered (e.g. if an iframe is hidden or display: none).', 'w3-total-cache' ),
+	),
+	array(
+		'label'       => 'execution-while-out-of-viewport',
+		'description' => __( 'Controls whether tasks should execute in frames while they\'re outside of the visible viewport.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'fullscreen',
-		'description' => __( 'controls whether the current document is allowed to use Element.requestFullScreen()', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to use Element.requestFullScreen().', 'w3-total-cache' ),
+	),
+	array(
+		'label'       => 'gamepad',
+		'description' => __( 'Controls whether the current document is allowed to use the Gamepad API. When this policy is disabled, calls to Navigator.getGamepads() will throw a SecurityError DOMException, and the gamepadconnected and gamepaddisconnected events will not fire.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'geolocation',
-		'description' => __( 'controls whether the current document is allowed to use the Geolocation Interface', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to use the Geolocation Interface.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'gyroscope',
-		'description' => __( 'controls whether the current document is allowed to gather information about the orientation of the device through the Gyroscope interface', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to gather information about the orientation of the device through the Gyroscope interface.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'layout-animations',
-		'description' => __( 'controls whether the current document is allowed to show layout animations', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to show layout animations.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'legacy-image-formats',
-		'description' => __( 'controls whether the current document is allowed to display images in legacy formats', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to display images in legacy formats.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'magnetometer',
-		'description' => __( 'controls whether the current document is allowed to gather information about the orientation of the device through the Magnetometer interface', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to gather information about the orientation of the device through the Magnetometer interface.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'microphone',
-		'description' => __( 'controls whether the current document is allowed to use audio input devices', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to use audio input devices.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'midi',
-		'description' => __( 'controls whether the current document is allowed to use the Web MIDI API', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to use the Web MIDI API.', 'w3-total-cache' ),
+	),
+	array(
+		'label'       => 'navigation-override',
+		'description' => __( 'Controls the availability of mechanisms that enables the page author to take control over the behavior of spatial navigation, or to cancel it outright.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'oversized-images',
-		'description' => __( 'controls whether the current document is allowed to download and display large images', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to download and display large images.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'payment',
-		'description' => __( 'controls whether the current document is allowed to use the Payment Request API', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to use the Payment Request API.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'picture-in-picture',
-		'description' => __( 'controls whether the current document is allowed to play a video in a Picture-in-Picture mode via the corresponding API', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to play a video in a Picture-in-Picture mode via the corresponding API.', 'w3-total-cache' ),
+	),
+	array(
+		'label'       => 'publickey-credentials-get',
+		'description' => __( 'Controls whether the current document is allowed to use the Web Authentication API to retrieve already stored public-key credentials, i.e. via navigator.credentials.get({publicKey: ..., ...}).', 'w3-total-cache' ),
 	),
 	array(
-		'label'       => 'publickey-credentials',
-		'description' => __( 'controls whether the current document is allowed to access Web Authentcation API', 'w3-total-cache' ),
+		'label'       => 'screen-wake-lock',
+		'description' => __( 'Controls whether the current document is allowed to use Screen Wake Lock API to indicate that device should not turn off or dim the screen.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'speaker',
-		'description' => __( 'controls whether the current document is allowed to play audio via any methods', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to play audio via any methods.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'sync-xhr',
-		'description' => __( 'controls whether the current document is allowed to make synchronous XMLHttpRequest requests', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to make synchronous XMLHttpRequest requests.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'unoptimized-images',
-		'description' => __( 'controls whether the current document is allowed to download and display unoptimized images', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to download and display unoptimized images.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'unsized-media',
-		'description' => __( 'controls whether the current document is allowed to change the size of media elements after the initial layout is complete', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to change the size of media elements after the initial layout is complete.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'usb',
-		'description' => __( 'controls whether the current document is allowed to use the WebUSB API', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to use the WebUSB API.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'vibrate',
-		'description' => __( 'directive controls whether the current document is allowed to trigger device vibrations via Vibration API', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to trigger device vibrations via Navigator.vibrate() method of Vibration API.', 'w3-total-cache' ),
+	),
+	array(
+		'label'       => 'vr',
+		'description' => __( 'Controls whether the current document is allowed to use the WebVR API. When this policy is disabled, the Promise returned by Navigator.getVRDisplays() will reject with a DOMException. Keep in mind that the WebVR standard is in the process of being replaced with WebXR.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'wake-lock',
-		'description' => __( 'controls whether the current document is allowed to use Wake Lock API to indicate that device should not enter power-saving mode', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to use Wake Lock API to indicate that device should not enter power-saving mode.', 'w3-total-cache' ),
+	),
+	array(
+		'label'       => 'web-share',
+		'description' => __( 'Controls whether or not the current document is allowed to use the Navigator.share() of Web Share API to share text, links, images, and other content to arbitrary destinations of user\'s choice, e.g. mobile apps.', 'w3-total-cache' ),
 	),
 	array(
 		'label'       => 'xr-spatial-tracking',
-		'description' => __( 'controls whether the current document is allowed to use the WebXR Device API.', 'w3-total-cache' ),
+		'description' => __( 'Controls whether the current document is allowed to use the WebXR Device API.', 'w3-total-cache' ),
 	),
 );
 
@@ -502,7 +534,7 @@
 				'control'             => 'textbox',
 				'label'               => $i['label'],
 				'textbox_size'        => '50',
-				'textbox_placeholder' => "One of: 'self' 'src' 'none' *.domain.com",
+				'textbox_placeholder' => "One of: * 'self' 'src' 'none' *.domain.com",
 				'description'         => $i['description'],
 			)
 		);

diff --git a/CdnEngine_CloudFront.php b/CdnEngine_CloudFront.php
@@ -29,18 +29,21 @@ function _init() {
 		if ( !is_null( $this->api ) ) {
 			return;
 		}
-		$config = [
-			'region' => $this->_config['bucket_location'],
-			'version' => '2018-11-05'
-		];
 
-		if(!getenv('ECS_CREDENTIALS')){
-			$config['credentials'] = new \Aws\Credentials\Credentials(
+		if ( empty( $this->_config['key'] ) && empty( $this->_config['secret'] ) ) {
+			$credentials = \Aws\Credentials\CredentialProvider::defaultProvider();
+		} else {
+			$credentials = new \Aws\Credentials\Credentials(
 				$this->_config['key'],
 				$this->_config['secret'] );
 		}
 
-		$this->api = new \Aws\CloudFront\CloudFrontClient( $config );
+		$this->api = new \Aws\CloudFront\CloudFrontClient( array(
+				'credentials' => $credentials,
+				'region' => $this->_config['bucket_location'],
+				'version' => '2018-11-05'
+			)
+		);
 
 		return true;
 	}

diff --git a/CdnEngine_Mirror_CloudFront.php b/CdnEngine_Mirror_CloudFront.php
@@ -29,18 +29,20 @@ function _init() {
 			return;
 		}
 
-		$config = [
-			'region' => 'us-east-1',
-			'version' => '2018-11-05'
-		];
-
-		if(!getenv('ECS_CREDENTIALS')){
-			$config['credentials'] = new \Aws\Credentials\Credentials(
+		if ( empty( $this->_config['key'] ) && empty( $this->_config['secret'] ) ) {
+			$credentials = \Aws\Credentials\CredentialProvider::defaultProvider();
+		} else {
+			$credentials = new \Aws\Credentials\Credentials(
 				$this->_config['key'],
 				$this->_config['secret'] );
 		}
 
-		$this->api = new \Aws\CloudFront\CloudFrontClient( $config );
+		$this->api = new \Aws\CloudFront\CloudFrontClient( array(
+				'credentials' => $credentials,
+				'region' => 'us-east-1',
+				'version' => '2018-11-05'
+			)
+		);
 
 		return true;
 	}

diff --git a/CdnEngine_S3.php b/CdnEngine_S3.php
@@ -88,30 +88,33 @@ public function _init() {
 			return;
 		}
 
-		$config = [
-			'region' => $this->_config['bucket_location'],
-			'version' => '2006-03-01'
-		];
+		if ( empty( $this->_config['bucket'] ) ) {
+			throw new \Exception( 'Empty bucket.' );
+		}
 
-		if(!getenv('ECS_CREDENTIALS')){
+		if ( empty( $this->_config['key'] ) && empty( $this->_config['secret'] ) ) {
+			$credentials = \Aws\Credentials\CredentialProvider::defaultProvider();
+		} else {
 			if ( empty( $this->_config['key'] ) ) {
 				throw new \Exception( 'Empty access key.' );
 			}
 
-			if ( empty( $this->_config['secret'] ) ) {
-				throw new \Exception( 'Empty secret key.' );
-			}
-
-			if ( empty( $this->_config['bucket'] ) ) {
-				throw new \Exception( 'Empty bucket.' );
-			}
+		if ( empty( $this->_config['secret'] ) ) {
+			throw new \Exception( 'Empty secret key.' );
+		}
 
-			$config['credentials'] = new \Aws\Credentials\Credentials(
+			$credentials = new \Aws\Credentials\Credentials(
 				$this->_config['key'],
 				$this->_config['secret'] );
 		}
 
-		$this->api = new \Aws\S3\S3Client( $config );
+		$this->api = new \Aws\S3\S3Client( array(
+				'credentials' => $credentials,
+				'region' => $this->_config['bucket_location'],
+				'version' => '2006-03-01',
+				'use_arn_region' => true,
+			)
+		);
 	}
 
 	/**

diff --git a/Cdn_Plugin.php b/Cdn_Plugin.php
@@ -880,22 +880,24 @@ function replace_all_links( $buffer ) {
 
 		if ( $this->_config->get_boolean( 'cdn.minify.enable' ) ) {
 			if ( $this->_config->get_boolean( 'minify.auto' ) ) {
-				$regexp = '~(["\'(=])\s*' .
-					$this->minify_url_regexp( '/[a-zA-Z0-9-_]+\.(css|js)' ) .
-					'~U';
-				if ( Cdn_Util::is_engine_mirror( $this->_config->get_string( 'cdn.engine' ) ) )
+				$minify_url_regexp = $this->minify_url_regexp( '/[a-zA-Z0-9-_]+\.(css|js)' );
+
+				if ( Cdn_Util::is_engine_mirror( $this->_config->get_string( 'cdn.engine' ) ) ) {
 					$processor = array( $this, '_link_replace_callback' );
-				else
+				} else {
 					$processor = array( $this, '_minify_auto_pushcdn_link_replace_callback' );
+				}
 			} else {
-				$regexp = '~(["\'(=])\s*' .
-					$this->minify_url_regexp(
-					'/[a-z0-9]+\..+\.include(-(footer|body))?(-nb)?\.[a-f0-9]+\.(css|js)' )
-					.'~U';
+				$minify_url_regexp = $this->minify_url_regexp(
+					'/[a-z0-9]+\..+\.include(-(footer|body))?(-nb)?\.[a-f0-9]+\.(css|js)' );
+
 				$processor = array( $this, '_link_replace_callback' );
 			}
 
-			$buffer = preg_replace_callback( $regexp, $processor, $buffer );
+			if ( !empty( $minify_url_regexp ) ) {
+				$regexp = '~(["\'(=])\s*' . $minify_url_regexp .'~U';
+				$buffer = preg_replace_callback( $regexp, $processor, $buffer );
+			}
 		}
 
 		$buffer = $this->replace_placeholders( $buffer );
@@ -973,8 +975,10 @@ private function minify_url_regexp( $filename_mask ) {
 			Util_Environment::cache_blog_minify_dir()
 		);
 		$matches = null;
-		if ( !preg_match( '~((https?://)?([^/]+))(.+)~i', $minify_base_url, $matches ) )
+		if ( !preg_match( '~((https?://)?([^/]+))(.+)~i', $minify_base_url, $matches ) ) {
+			error_log( 'cant find minification base url, make sure minification folder sits inside WP_CONTENT_DIR and DOCUMENT_ROOT is set correctly' );
 			return '';
+		}
 
 		$protocol_domain_regexp = Util_Environment::get_url_regexp( $matches[1] );
 		$path_regexp = Util_Environment::preg_quote( $matches[4] );

diff --git a/Cdn_RackSpace_Api_Cdn.php b/Cdn_RackSpace_Api_Cdn.php
@@ -217,7 +217,7 @@ static private function _decode_response( $result ) {
 					'response_json' => array(), 
 					'auth_required' => true 
 				);
-			
+
 			// try to decode response
 			$response_json = @json_decode( $result['body'], true );
 			if ( is_null( $response_json ) ||

diff --git a/Cdnfsd_CloudFront_Engine.php b/Cdnfsd_CloudFront_Engine.php
@@ -72,12 +72,24 @@ public function flush_all() {
 
 
 	private function _api() {
-		if ( empty( $this->access_key ) || empty( $this->secret_key ) ||
-			empty( $this->distribution_id ) )
-			throw new \Exception( __( 'Access key not specified.', 'w3-total-cache' ) );
+		if ( empty( $this->distribution_id ) ) {
+			throw new \Exception( __('CloudFront distribution not specified.', 'w3-total-cache' ) );
+		}
+
+		if ( empty( $this->access_key ) && empty( $this->secret_key ) ) {
+			$credentials = \Aws\Credentials\CredentialProvider::defaultProvider();
+		} else {
+			if ( empty( $this->access_key ) ) {
+				throw new \Exception( __( 'Access key not specified.', 'w3-total-cache' ) );
+			}
 
-		$credentials = new \Aws\Credentials\Credentials(
-			$this->access_key, $this->secret_key );
+			if ( empty( $this->secret_key ) ) {
+				throw new \Exception( __( 'Secret key not specified.', 'w3-total-cache' ) );
+			}
+
+			$credentials = new \Aws\Credentials\Credentials(
+				$this->access_key, $this->secret_key );
+		}
 
 		return new \Aws\CloudFront\CloudFrontClient( array(
 				'credentials' => $credentials,

diff --git a/Cdnfsd_CloudFront_Popup.php b/Cdnfsd_CloudFront_Popup.php
@@ -406,8 +406,12 @@ public function w3tc_ajax_cdn_cloudfront_fsd_configure_distribution_skip() {
 
 
 	private function _api( $access_key, $secret_key ) {
-		$credentials = new \Aws\Credentials\Credentials(
-			$access_key, $secret_key );
+		if ( empty( $access_key ) && empty( $secret_key ) ) {
+			$credentials = \Aws\Credentials\CredentialProvider::defaultProvider();
+		} else {
+			$credentials = new \Aws\Credentials\Credentials(
+				$access_key, $secret_key );
+		}
 
 		return new \Aws\CloudFront\CloudFrontClient( array(
 				'credentials' => $credentials,