Merge branch '3.1' into 3.2

This commit is contained in:
Daniel Hensby 2016-11-28 13:16:27 +00:00
commit 214c3d2582
No known key found for this signature in database
GPG Key ID: B00D1E9767F0B06E
2 changed files with 17 additions and 1 deletions

View File

@ -0,0 +1,16 @@
# 3.1.21
<!--- Changes below this line will be automatically regenerated -->
## Change Log
### Security
* 2016-11-11 [4440b88](https://github.com/silverstripe/silverstripe-framework/commit/4440b887304fe80ca77366800457cbc2ac705654) Form@httpSubmission will no longer load submitted data to disabled or readonly fields (Daniel Hensby) - See [ss-2016-010](http://www.silverstripe.org/download/security-releases/ss-2016-010)
* 2016-11-11 [61e4055](https://github.com/silverstripe/silverstripe-framework/commit/61e4055bdb13e37df6aa0d8edca0bf5d9345dc7e) Cast FormField values as Text to prevent readonly fields embeding rogue HTML (Daniel Hensby) - See [ss-2016-010](http://www.silverstripe.org/download/security-releases/ss-2016-010)
* 2016-10-27 [17097a4](https://github.com/silverstripe/silverstripe-framework/commit/17097a4d11274b157eadf64f32708acef204d510) Properly escape backURL for template injection (Daniel Hensby) - See [ss-2016-016](http://www.silverstripe.org/download/security-releases/ss-2016-016)
* 2016-07-14 [04b4453](https://github.com/silverstripe/silverstripe-cms/commit/04b4453e041c2520d3658be1585146f79dca09d8) Missing ACL check on ReportAdmin (Daniel Hensby) - See [ss-2016-012](http://www.silverstripe.org/download/security-releases/ss-2016-012)
### Bugfixes
* 2016-09-12 [a14df0b](https://github.com/silverstripe/silverstripe-framework/commit/a14df0bc2d08f953ff7dd6f57899dbf260ab13a5) Force line endings to LF on sake file (Daniel Hensby)

View File

@ -584,7 +584,7 @@ class ShortcodeParser extends Object {
$location = self::INLINE;
if($class == 'left' || $class == 'right') $location = self::BEFORE;
if($class == 'center' || $class == 'leftALone') $location = self::SPLIT;
if($class == 'center' || $class == 'leftAlone') $location = self::SPLIT;
if(!$parent) {
if($location !== self::INLINE) {