Remove whitelist/blacklist terms

administrator/components/com_config/src/Field/FiltersField.php

@@ -141,12 +141,18 @@ protected function getInput()
 				. ' data-id="' . ($group->value) . '" '
 				. ' class="novalidate custom-select"'
 				. '>';
-			$html[] = '					<option value="BL"' . ($group_filter['filter_type'] == 'BL' ? ' selected="selected"' : '') . '>'
-				. Text::_('COM_CONFIG_FIELD_FILTERS_DEFAULT_BLACK_LIST') . '</option>';
-			$html[] = '					<option value="CBL"' . ($group_filter['filter_type'] == 'CBL' ? ' selected="selected"' : '') . '>'
-				. Text::_('COM_CONFIG_FIELD_FILTERS_CUSTOM_BLACK_LIST') . '</option>';
-			$html[] = '					<option value="WL"' . ($group_filter['filter_type'] == 'WL' ? ' selected="selected"' : '') . '>'
-				. Text::_('COM_CONFIG_FIELD_FILTERS_WHITE_LIST') . '</option>';
+
+			// "BL" is deprecated in Joomla! 4, will be removed in Joomla! 5
+			$html[] = '<option value="DL"' . (in_array($group_filter['filter_type'], ['BL', 'DL']) ? ' selected="selected"' : '') . '>'
+				. Text::_('COM_CONFIG_FIELD_FILTERS_DEFAULT_ALLOW_LIST') . '</option>';
+
+			// "CBL" is deprecated in Joomla! 4, will be removed in Joomla! 5
+			$html[] = '<option value="CDL"' . (in_array($group_filter['filter_type'], ['CBL', 'CDL']) ? ' selected="selected"' : '') . '>'
+				. Text::_('COM_CONFIG_FIELD_FILTERS_CUSTOM_DISALLOW_LIST') . '</option>';
+
+			// "WL" is deprecated in Joomla! 4, will be removed in Joomla! 5
+			$html[] = '<option value="AL"' . (in_array($group_filter['filter_type'], ['WL', 'AL']) ? ' selected="selected"' : '') . '>'
+				. Text::_('COM_CONFIG_FIELD_FILTERS_ALLOW_LIST') . '</option>';
 			$html[] = '					<option value="NH"' . ($group_filter['filter_type'] == 'NH' ? ' selected="selected"' : '') . '>'
 				. Text::_('COM_CONFIG_FIELD_FILTERS_NO_HTML') . '</option>';
 			$html[] = '					<option value="NONE"' . ($group_filter['filter_type'] == 'NONE' ? ' selected="selected"' : '') . '>'

administrator/language/en-GB/com_config.ini

@@ -70,11 +70,17 @@ COM_CONFIG_FIELD_ERROR_REPORTING_LABEL="Error Reporting"
 COM_CONFIG_FIELD_FEED_EMAIL_LABEL="Feed Email Address"
 COM_CONFIG_FIELD_FILESYSTEM_PATH_DESC="The filesystem path where session data will be stored.<br>If empty, the system's temporary directory will be used."
 COM_CONFIG_FIELD_FILESYSTEM_PATH_LABEL="Session Save Path"
-COM_CONFIG_FIELD_FILTERS_CUSTOM_BLACK_LIST="Custom Blacklist"
-COM_CONFIG_FIELD_FILTERS_DEFAULT_BLACK_LIST="Default Blacklist"
+COM_CONFIG_FIELD_FILTERS_CUSTOM_DISALLOW_LIST="Custom DisallowList"
+COM_CONFIG_FIELD_FILTERS_DEFAULT_DISALLOW_LIST="Default DisallowList"
+; Deprecate in Joomla! 4, remove in Joomla! 5
+COM_CONFIG_FIELD_FILTERS_CUSTOM_BLACK_LIST="Custom DisallowList"
+; Deprecate in Joomla! 4, remove in Joomla! 5
+COM_CONFIG_FIELD_FILTERS_DEFAULT_BLACK_LIST="Default DisallowList"
 COM_CONFIG_FIELD_FILTERS_NO_FILTER="No Filtering"
 COM_CONFIG_FIELD_FILTERS_NO_HTML="No HTML"
-COM_CONFIG_FIELD_FILTERS_WHITE_LIST="Whitelist"
+COM_CONFIG_FIELD_FILTERS_ALLOW_LIST="AllowList"
+; Deprecate in Joomla! 4, remove in Joomla! 5
+COM_CONFIG_FIELD_FILTERS_WHITE_LIST="AllowList"
 COM_CONFIG_FIELD_FORCE_SSL_LABEL="Force HTTPS"
 COM_CONFIG_FIELD_FTP_ENABLE_LABEL="Enable FTP"
 COM_CONFIG_FIELD_FTP_HOST_LABEL="FTP Host"

administrator/language/en-GB/com_cpanel.ini

@@ -30,7 +30,7 @@ COM_CPANEL_MSG_ROBOTS_BODY="A change to the default robots.txt files was made in
 COM_CPANEL_MSG_ROBOTS_TITLE="robots.txt Update"
 COM_CPANEL_MSG_STATS_COLLECTION_BODY="<p>Since Joomla! 3.5 a statistics plugin will submit anonymous data to the Joomla Project. This will only submit the Joomla version, PHP version, database engine and version, and server operating system.</p><p>This data is collected to ensure that future versions of Joomla can take advantage of the latest database and PHP features without affecting significant numbers of users. The need for this became clear when a minimum of PHP 5.3.10 was required when Joomla! 3.3 implemented the more secure Bcrypt passwords.</p><p>In the interest of full transparency and to help developers <a href=\"https://developer.joomla.org/about/stats.html\">this data is publicly available.</a> An API and graphs will show the Joomla version, PHP versions and database engines in use.</p><p>If you do not wish to provide the Joomla Project with this information you can disable the plugin called System - Joomla Statistics.</p>"
 COM_CPANEL_MSG_STATS_COLLECTION_TITLE="Stats Collection in Joomla"
-COM_CPANEL_MSG_UPDATEDEFAULTSETTINGS_BODY="<p>As part of our security team's review, we have made some changes to the default settings in a new Joomla installation. As these changes are only applied to new installations, we strongly recommend that you review these changes and update your site.</p><p>The changed settings are:</p><ul><li>Global Configuration > Text Filters: The default \"Administrator\" user group has changed from \"No Filtering\" to \"Default Blacklist\"</li><li>Users > Send Password: The option to send a user their password in plain text when an account is created is now disabled by default</li><li>Media Manager: Flash files (\"swf\" file extension and \"application/x-shockwave-flash\" MIME Type) are not allowed to be uploaded</li><li>Articles > Show Email: The option to show an email icon with articles is disabled by default</li></ul><p>We have created a <a href=\"https://docs.joomla.org/Special:MyLanguage/J3.x:Joomla_3.8.8_notes_about_the_changed_default_settings\">dedicated documentation page</a> explaining these changes.</p>"
+COM_CPANEL_MSG_UPDATEDEFAULTSETTINGS_BODY="<p>As part of our security team's review, we have made some changes to the default settings in a new Joomla installation. As these changes are only applied to new installations, we strongly recommend that you review these changes and update your site.</p><p>The changed settings are:</p><ul><li>Global Configuration > Text Filters: The default \"Administrator\" user group has changed from \"No Filtering\" to \"Default DisallowList\"</li><li>Users > Send Password: The option to send a user their password in plain text when an account is created is now disabled by default</li><li>Media Manager: Flash files (\"swf\" file extension and \"application/x-shockwave-flash\" MIME Type) are not allowed to be uploaded</li><li>Articles > Show Email: The option to show an email icon with articles is disabled by default</li></ul><p>We have created a <a href=\"https://docs.joomla.org/Special:MyLanguage/J3.x:Joomla_3.8.8_notes_about_the_changed_default_settings\">dedicated documentation page</a> explaining these changes.</p>"
 COM_CPANEL_MSG_UPDATEDEFAULTSETTINGS_TITLE="Updated site security recommendations"
 COM_CPANEL_TITLE_SYSTEM_PANEL="System Panel"
 COM_CPANEL_UNPUBLISH_MODULE_ERROR="Error unpublishing the module"

administrator/language/en-GB/com_media.ini

@@ -32,7 +32,7 @@ COM_MEDIA_FIELD_CHECK_MIME_DESC="Use MIME Magic or Fileinfo to attempt to verify
 COM_MEDIA_FIELD_CHECK_MIME_LABEL="Check MIME Types"
 COM_MEDIA_FIELD_IGNORED_EXTENSIONS_DESC="Ignored file extensions for MIME type checking and restricted uploads."
 COM_MEDIA_FIELD_IGNORED_EXTENSIONS_LABEL="Ignored Extensions"
-COM_MEDIA_FIELD_ILLEGAL_MIME_TYPES_DESC="A comma separated list of illegal MIME types to upload (blacklist)."
+COM_MEDIA_FIELD_ILLEGAL_MIME_TYPES_DESC="A comma separated list of illegal MIME types to upload."
 COM_MEDIA_FIELD_ILLEGAL_MIME_TYPES_LABEL="Illegal MIME Types"
 COM_MEDIA_FIELD_LEGAL_EXTENSIONS_DESC="Extensions (file types) you are allowed to upload (comma separated)."
 COM_MEDIA_FIELD_LEGAL_EXTENSIONS_LABEL="Legal Extensions (File Types)"

administrator/language/en-GB/joomla.ini

@@ -443,7 +443,7 @@ JGLOBAL_FILTER_GROUPS_DESC="This sets the user groups that you want filters appl
 JGLOBAL_FILTER_GROUPS_LABEL="Filter Groups"
 JGLOBAL_FILTER_TAGS_DESC="2. List additional tags, separating each tag name with a space or comma. For example: <em>p,div,span</em>."
 JGLOBAL_FILTER_TAGS_LABEL="Filter Tags<sup>2</sup>"
-JGLOBAL_FILTER_TYPE_DESC="1. Blacklist allows all tags and attributes except for those in the blacklist.<br><strong>--</strong> Tags for the Default Blacklist include: 'applet', 'body', 'bgsound', 'base', 'basefont', 'canvas', 'embed', 'frame', 'frameset', 'head', 'html', 'id', 'iframe', 'ilayer', 'layer', 'link', 'meta', 'name', 'object', 'script', 'style', 'title', 'xml'<br><strong>--</strong> Attributes for the Default Blacklist include: 'action', 'background', 'codebase', 'dynsrc', 'lowsrc', 'formaction'<br><strong>--</strong> You can blacklist additional tags and attributes by adding to the Filter Tags and Filter Attributes fields, separating each tag or attribute name with a comma.<br><strong>--</strong> Custom Blacklist allows you to override the Default Blacklist. Add the tags and attributes to be blacklisted in the Filter Tags and Filter Attributes fields.</p><p>Whitelist allows only the tags listed in the Filter Tags and Filter Attributes fields.</p><p>No HTML removes all HTML tags from the content when it is saved.</p><p>Please note that these settings work regardless of the editor that you are using. <br>Even if you are using a WYSIWYG editor, the filtering settings may strip additional tags and attributes prior to saving information in the database."
+JGLOBAL_FILTER_TYPE_DESC="1. DisallowList allows all tags and attributes except for those in the disallow list.<br><strong>--</strong> Tags for the Default DisallowList include: 'applet', 'body', 'bgsound', 'base', 'basefont', 'canvas', 'embed', 'frame', 'frameset', 'head', 'html', 'id', 'iframe', 'ilayer', 'layer', 'link', 'meta', 'name', 'object', 'script', 'style', 'title', 'xml'<br><strong>--</strong> Attributes for the Default DisallowList include: 'action', 'background', 'codebase', 'dynsrc', 'lowsrc', 'formaction'<br><strong>--</strong> You can disallow additional tags and attributes by adding to the Filter Tags and Filter Attributes fields, separating each tag or attribute name with a comma.<br><strong>--</strong> Custom DisallowList allows you to override the Default DisallowList. Add the tags and attributes to be disallowed in the Filter Tags and Filter Attributes fields.</p><p>AllowList allows only the tags listed in the Filter Tags and Filter Attributes fields.</p><p>No HTML removes all HTML tags from the content when it is saved.</p><p>Please note that these settings work regardless of the editor that you are using. <br>Even if you are using a WYSIWYG editor, the filtering settings may strip additional tags and attributes prior to saving information in the database."
 JGLOBAL_FILTER_TYPE_LABEL="Filter Type<sup>1</sup>"
 JGLOBAL_FILTERED_BY="Filtered by:"
 JGLOBAL_FULL_TEXT="Full Text"
@@ -1017,10 +1017,10 @@ JWARNING_UNPUBLISH_MUST_SELECT="You must select at least one item to unpublish."
 JWORKFLOW="Workflow: %s"
 JWORKFLOW_ENABLED_LABEL="Enable Workflow"
 JWORKFLOW_EXECUTE_TRANSITION="Select the transition to execute on this item."
-JWORKFLOW_EXTENSION_BLACKLIST_DESCRIPTION="Disable this plugin for listed extensions."
-JWORKFLOW_EXTENSION_BLACKLIST_LABEL="Extension Blacklist"
-JWORKFLOW_EXTENSION_WHITELIST_DESCRIPTION="Activate this plugin only for listed extensions. If used all other extensions are disabled."
-JWORKFLOW_EXTENSION_WHITELIST_LABEL="Extension Whitelist"
+JWORKFLOW_EXTENSION_DISALLOW_LIST_DESCRIPTION="Disable this plugin for listed extensions."
+JWORKFLOW_EXTENSION_DISALLOW_LIST_LABEL="Extension DisallowList"
+JWORKFLOW_EXTENSION_ALLOW_LIST_DESCRIPTION="Activate this plugin only for listed extensions. If used all other extensions are disabled."
+JWORKFLOW_EXTENSION_ALLOW_LIST_LABEL="Extension AllowList"
 JWORKFLOW_FIELD_COMPONENT_SECTIONS_TEXT="%1$s: %2$s"
 JWORKFLOW_SHOW_TRANSITIONS_FOR_THIS_ITEM="Show the transition selection to execute a transition on this item."
 JWORKFLOW_TITLE="Workflow"

api/language/en-GB/joomla.ini

@@ -432,7 +432,7 @@ JGLOBAL_FILTER_GROUPS_DESC="This sets the user groups that you want filters appl
 JGLOBAL_FILTER_GROUPS_LABEL="Filter Groups"
 JGLOBAL_FILTER_TAGS_DESC="2. List additional tags, separating each tag name with a space or comma. For example: <em>p,div,span</em>."
 JGLOBAL_FILTER_TAGS_LABEL="Filter Tags<sup>2</sup>"
-JGLOBAL_FILTER_TYPE_DESC="1. Blacklist allows all tags and attributes except for those in the blacklist.<br><strong>--</strong> Tags for the Default Blacklist include: 'applet', 'body', 'bgsound', 'base', 'basefont', 'canvas', 'embed', 'frame', 'frameset', 'head', 'html', 'id', 'iframe', 'ilayer', 'layer', 'link', 'meta', 'name', 'object', 'script', 'style', 'title', 'xml'<br><strong>--</strong> Attributes for the Default Blacklist include: 'action', 'background', 'codebase', 'dynsrc', 'lowsrc', 'formaction'<br><strong>--</strong> You can blacklist additional tags and attributes by adding to the Filter Tags and Filter Attributes fields, separating each tag or attribute name with a comma.<br><strong>--</strong> Custom Blacklist allows you to override the Default Blacklist. Add the tags and attributes to be blacklisted in the Filter Tags and Filter Attributes fields.</p><p>Whitelist allows only the tags listed in the Filter Tags and Filter Attributes fields.</p><p>No HTML removes all HTML tags from the content when it is saved.</p><p>Please note that these settings work regardless of the editor that you are using. <br>Even if you are using a WYSIWYG editor, the filtering settings may strip additional tags and attributes prior to saving information in the database."
+JGLOBAL_FILTER_TYPE_DESC="1. DisallowList allows all tags and attributes except for those in the disallowList.<br><strong>--</strong> Tags for the Default DisallowList include: 'applet', 'body', 'bgsound', 'base', 'basefont', 'canvas', 'embed', 'frame', 'frameset', 'head', 'html', 'id', 'iframe', 'ilayer', 'layer', 'link', 'meta', 'name', 'object', 'script', 'style', 'title', 'xml'<br><strong>--</strong> Attributes for the Default DisallowList include: 'action', 'background', 'codebase', 'dynsrc', 'lowsrc', 'formaction'<br><strong>--</strong> You can disallow additional tags and attributes by adding to the Filter Tags and Filter Attributes fields, separating each tag or attribute name with a comma.<br><strong>--</strong> Custom DisallowList allows you to override the Default DisallowList. Add the tags and attributes to be disallowed in the Filter Tags and Filter Attributes fields.</p><p>AllowList allows only the tags listed in the Filter Tags and Filter Attributes fields.</p><p>No HTML removes all HTML tags from the content when it is saved.</p><p>Please note that these settings work regardless of the editor that you are using. <br>Even if you are using a WYSIWYG editor, the filtering settings may strip additional tags and attributes prior to saving information in the database."
 JGLOBAL_FILTER_TYPE_LABEL="Filter Type<sup>1</sup>"
 JGLOBAL_FILTERED_BY="Filtered by:"
 JGLOBAL_FULL_TEXT="Full Text"
@@ -1006,10 +1006,10 @@ JWARNING_UNPUBLISH_MUST_SELECT="You must select at least one item to unpublish."
 JWORKFLOW="Workflow: %s"
 JWORKFLOW_ENABLED_LABEL="Enable Workflow"
 JWORKFLOW_EXECUTE_TRANSITION="Select the transition to execute on this item."
-JWORKFLOW_EXTENSION_BLACKLIST_DESCRIPTION="Disable this plugin for listed extensions."
-JWORKFLOW_EXTENSION_BLACKLIST_LABEL="Extension Blacklist"
-JWORKFLOW_EXTENSION_WHITELIST_DESCRIPTION="Activate this plugin only for listed extensions. If used all other extensions are disabled."
-JWORKFLOW_EXTENSION_WHITELIST_LABEL="Extension Whitelist"
+JWORKFLOW_EXTENSION_DISALLOW_LIST_DESCRIPTION="Disable this plugin for listed extensions."
+JWORKFLOW_EXTENSION_DISALLOW_LIST_LABEL="Extension DisallowList"
+JWORKFLOW_EXTENSION_ALLOW_LIST_DESCRIPTION="Activate this plugin only for listed extensions. If used all other extensions are disabled."
+JWORKFLOW_EXTENSION_ALLOW_LIST_LABEL="Extension AllowList"
 JWORKFLOW_FIELD_COMPONENT_SECTIONS_TEXT="%1$s: %2$s"
 JWORKFLOW_SHOW_TRANSITIONS_FOR_THIS_ITEM="Show the transition selection to execute a transition on this item."
 JWORKFLOW_TITLE="Workflow"

language/en-GB/com_media.ini

@@ -54,7 +54,7 @@ COM_MEDIA_FIELD_CHECK_MIME_DESC="Use MIME Magic or Fileinfo to try to verify fil
 COM_MEDIA_FIELD_CHECK_MIME_LABEL="Check MIME Types"
 COM_MEDIA_FIELD_IGNORED_EXTENSIONS_DESC="Ignored file extensions for MIME type checking and restricted uploads."
 COM_MEDIA_FIELD_IGNORED_EXTENSIONS_LABEL="Ignored Extensions"
-COM_MEDIA_FIELD_ILLEGAL_MIME_TYPES_DESC="A comma separated list of illegal MIME types to upload (blacklist)."
+COM_MEDIA_FIELD_ILLEGAL_MIME_TYPES_DESC="A comma separated list of illegal MIME types to upload."
 COM_MEDIA_FIELD_ILLEGAL_MIME_TYPES_LABEL="Illegal MIME Types"
 COM_MEDIA_FIELD_LEGAL_EXTENSIONS_DESC="Extensions (file types) you are allowed to upload (comma separated)."
 COM_MEDIA_FIELD_LEGAL_EXTENSIONS_LABEL="Legal Extensions (File Types)"