mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
Merge branch '4.4' into 4
This commit is contained in:
commit
3224c9971b
@ -598,8 +598,7 @@ In addition, you can tighten password security with the following configuration
|
||||
* `Member.password_expiry_days`: Set the number of days that a password should be valid for.
|
||||
* `Member.lock_out_after_incorrect_logins`: Number of incorrect logins after which
|
||||
the user is blocked from further attempts for the timespan defined in `$lock_out_delay_mins`
|
||||
* `Member.lock_out_delay_mins`: Minutes of enforced lockout after incorrect password attempts.
|
||||
Only applies if `lock_out_after_incorrect_logins` is greater than 0.
|
||||
* `Member.lock_out_delay_mins`: Minutes of enforced lockout after incorrect password attempts. Only applies if `lock_out_after_incorrect_logins` is greater than 0.
|
||||
* `Security.remember_username`: Set to false to disable autocomplete on login form
|
||||
|
||||
## Clickjacking: Prevent iframe Inclusion
|
||||
|
@ -2,6 +2,7 @@
|
||||
|
||||
namespace SilverStripe\Security;
|
||||
|
||||
use BadMethodCallException;
|
||||
use LogicException;
|
||||
use Page;
|
||||
use ReflectionClass;
|
||||
@ -420,10 +421,14 @@ class Security extends Controller implements TemplateGlobalProvider
|
||||
$message = $messageSet['default'];
|
||||
}
|
||||
|
||||
try {
|
||||
list($messageText, $messageCast) = $parseMessage($message);
|
||||
static::singleton()->setSessionMessage($messageText, ValidationResult::TYPE_WARNING, $messageCast);
|
||||
|
||||
$controller->getRequest()->getSession()->set("BackURL", $_SERVER['REQUEST_URI']);
|
||||
} catch (BadMethodCallException $ex) {
|
||||
// noop, if session was not set yet
|
||||
}
|
||||
|
||||
// TODO AccessLogEntry needs an extension to handle permission denied errors
|
||||
// Audit logging hook
|
||||
|
Loading…
Reference in New Issue
Block a user