2012-12-06 16:25:45 +01:00
|
|
|
# 3.0.4
|
|
|
|
|
|
|
|
## Overview
|
|
|
|
|
|
|
|
* Changed `dev/tests/setdb` and `dev/tests/startsession` from session to cookie storage.
|
2013-02-12 23:23:18 +01:00
|
|
|
* Require ADMIN permissions for `?showtemplate=1`
|
|
|
|
|
|
|
|
## Details
|
|
|
|
|
|
|
|
### Require ADMIN permissions for `?showtemplate=1`
|
|
|
|
|
|
|
|
Avoids information leakage of compiled template data,
|
|
|
|
which might expose some of the internal template logic.
|
2012-12-06 16:25:45 +01:00
|
|
|
|
|
|
|
## Upgrading
|
|
|
|
|
|
|
|
* If you are using `dev/tests/setdb` and `dev/tests/startsession`,
|
|
|
|
you'll need to configure a secure token in order to encrypt the cookie value:
|
|
|
|
Simply run `sake dev/generatesecuretoken` and add the resulting code to your `mysite/_config.php`.
|
|
|
|
Note that this functionality now requires the PHP `mcrypt` extension.
|