mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
3.0.7 changelog
This commit is contained in:
parent
bda56eb9b0
commit
6de517bf72
@ -14,4 +14,13 @@ See [announcement](http://www.silverstripe.org/ss-2013-009-xss-in-cms-pages-sect
|
||||
|
||||
Due to cross-site scripting concerns when user data is used for form messages,
|
||||
it is no longer possible to use HTML in `Form->sessionMessage()`, and consequently
|
||||
in the `FormField->validate()` API.
|
||||
in the `FormField->validate()` API.
|
||||
|
||||
## Changelog
|
||||
|
||||
### Bugfixes
|
||||
|
||||
* 2013-09-24 [114fb59](https://github.com/silverstripe/sapphire/commit/114fb59) Auto-escape titles in TreeDropdownField (Ingo Schommer)
|
||||
* 2013-09-24 [e170f4c](https://github.com/silverstripe/silverstripe-cms/commit/e170f4c) Escaping in "dependent pages" (SS-2013-009) (Ingo Schommer)
|
||||
* 2013-09-20 [b383a07](https://github.com/silverstripe/sapphire/commit/b383a07) Fixing tabindex added to CreditCardField when tabindex is NULL (Sean Harvey)
|
||||
* 2013-09-20 [c453ea3](https://github.com/silverstripe/sapphire/commit/c453ea3) Fixing tabindex added to CreditCardField when tabindex is NULL (Sean Harvey)
|
Loading…
Reference in New Issue
Block a user