From 4a1eb0c15889005d883006f14366d3858b46ff2e Mon Sep 17 00:00:00 2001 From: Shiva Kerdel <49479846+s-kerdel@users.noreply.github.com> Date: Tue, 13 Dec 2022 16:51:04 +0100 Subject: [PATCH 1/3] ISSUE-10615: Respect SS_BASE_URL scheme in CLI environment. Additionally set _SERVER variables for HTTPS and SSL to respect SS_BASE_URL scheme when executing builds and tasks through CLI. This should solve base tags not being provided with the correct HTTP scheme. This is important to resolve mixed content issues and insecure requests. --- src/Control/CLIRequestBuilder.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/Control/CLIRequestBuilder.php b/src/Control/CLIRequestBuilder.php index 006dc7ab6..e122288d5 100644 --- a/src/Control/CLIRequestBuilder.php +++ b/src/Control/CLIRequestBuilder.php @@ -64,6 +64,13 @@ class CLIRequestBuilder extends HTTPRequestBuilder $variables['_GET']['url'] = $variables['_SERVER']['argv'][1]; $variables['_SERVER']['REQUEST_URI'] = $variables['_SERVER']['argv'][1]; } + + // Set 'HTTPS' and 'SSL' flag for CLI depending on SS_BASE_URL scheme value. + $scheme = parse_url(Environment::getEnv('SS_BASE_URL') ?? '', PHP_URL_SCHEME); + if ($scheme == 'https') { + $variables['_SERVER']['HTTPS'] = 'on'; + $variables['_SERVER']['SSL'] = true; + } // Parse rest of variables as standard return parent::cleanEnvironment($variables); From bb8e3b83864ae5580dd0bab6b798732132c2feb5 Mon Sep 17 00:00:00 2001 From: Florian Thoma Date: Mon, 2 Jan 2023 15:32:16 +1100 Subject: [PATCH 2/3] fix: optional return value for paginator state `$state->getData()->getData('GridFieldPaginator')' (line 598) returns null by default. --- src/Forms/GridField/GridFieldDetailForm_ItemRequest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Forms/GridField/GridFieldDetailForm_ItemRequest.php b/src/Forms/GridField/GridFieldDetailForm_ItemRequest.php index af245ad26..fef944f0c 100644 --- a/src/Forms/GridField/GridFieldDetailForm_ItemRequest.php +++ b/src/Forms/GridField/GridFieldDetailForm_ItemRequest.php @@ -587,7 +587,7 @@ class GridFieldDetailForm_ItemRequest extends RequestHandler /** * Get the current paginator state */ - private function getGridFieldPaginatorState(): GridState_Data + private function getGridFieldPaginatorState(): ?GridState_Data { $state = $this->getGridField()->getState(false); $gridStateStr = $this->getStateManager()->getStateFromRequest($this->gridField, $this->getRequest()); From 3e5d99dedca452159b12ebe0836e5cdef94c4dfc Mon Sep 17 00:00:00 2001 From: Thomas Portelange Date: Fri, 27 Jan 2023 11:55:40 +0100 Subject: [PATCH 3/3] Prevent backslash in class name since the default code is using get_called_class, you can end up with \ in the class name which is an escape character for css selectors this update convert for example even valCMS_ACCESS_SilverStripe\VersionedAdmin\ArchiveAdmin to even valCMS_ACCESS_SilverStripe-VersionedAdmin-ArchiveAdmin ArchiveAdmin class should probably implement private static $required_permission_codes = 'CMS_ACCESS_ArchiveAdmin '; also --- src/Security/PermissionCheckboxSetField.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Security/PermissionCheckboxSetField.php b/src/Security/PermissionCheckboxSetField.php index fde5ad178..51fa3ff06 100644 --- a/src/Security/PermissionCheckboxSetField.php +++ b/src/Security/PermissionCheckboxSetField.php @@ -207,7 +207,7 @@ class PermissionCheckboxSetField extends FormField $odd = ($odd + 1) % 2; $extraClass = $odd ? 'odd' : 'even'; - $extraClass .= ' val' . str_replace(' ', '', $code ?? ''); + $extraClass .= ' val' . str_replace([' ', '\\'], ['', '-'], $code ?? ''); $itemID = $this->ID() . '_' . preg_replace('/[^a-zA-Z0-9]+/', '', $code ?? ''); $disabled = $inheritMessage = ''; $checked = (isset($uninheritedCodes[$code]) || isset($inheritedCodes[$code]))