Merge remote-tracking branch 'origin/3.3.0' into 3.3

2024-10-22 12:05:37 +00:00 · 2016-02-24 17:27:19 +13:00 · 2016-02-24 17:27:19 +13:00 · efa13eb10a
commit efa13eb10a
parent 35b5c03fbc 0ec021dac8
19 changed files with 248 additions and 106 deletions
--- a/control/Director.php
+++ b/control/Director.php
@ -507,28 +507,28 @@ class Director implements TemplateGlobalProvider {
 	 */
 	public static function is_https() {
 		$return = false;
+
+		// See https://en.wikipedia.org/wiki/List_of_HTTP_header_fields
+		// See https://support.microsoft.com/?kbID=307347
+		$headerOverride = false;
+		if(TRUSTED_PROXY) {
+			$headers = (defined('SS_TRUSTED_PROXY_PROTOCOL_HEADER')) ? array(SS_TRUSTED_PROXY_PROTOCOL_HEADER) : null;
+			if(!$headers) {
+				// Backwards compatible defaults
+				$headers = array('HTTP_X_FORWARDED_PROTO', 'HTTP_X_FORWARDED_PROTOCOL', 'HTTP_FRONT_END_HTTPS');
+			}
+			foreach($headers as $header) {
+				$headerCompareVal = ($header === 'HTTP_FRONT_END_HTTPS' ? 'on' : 'https');
+				if(!empty($_SERVER[$header]) && strtolower($_SERVER[$header]) == $headerCompareVal) {
+					$headerOverride = true;
+					break;
+				}
+			}
+		}
+
 		if ($protocol = Config::inst()->get('Director', 'alternate_protocol')) {
 			$return = ($protocol == 'https');
-		} else if(
-			TRUSTED_PROXY
-			&& isset($_SERVER['HTTP_X_FORWARDED_PROTO'])
-			&& strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https'
-		) {
-			// Convention for (non-standard) proxy signaling a HTTPS forward,
-			// see https://en.wikipedia.org/wiki/List_of_HTTP_header_fields
-			$return = true;
-		} else if(
-			TRUSTED_PROXY
-			&& isset($_SERVER['HTTP_X_FORWARDED_PROTOCOL'])
-			&& strtolower($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) == 'https'
-		) {
-			// Less conventional proxy header
-			$return = true;
-		} else if(
-			isset($_SERVER['HTTP_FRONT_END_HTTPS'])
-			&& strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) == 'on'
-		) {
-			// Microsoft proxy convention: https://support.microsoft.com/?kbID=307347
+		} else if($headerOverride) {
 			$return = true;
 		} else if((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) {
 			$return = true;
--- a/control/HTTPRequest.php
+++ b/control/HTTPRequest.php
@ -655,14 +655,27 @@ class SS_HTTPRequest implements ArrayAccess {
 	 * @return string
 	 */
 	public function getIP() {
-		if (TRUSTED_PROXY && !empty($_SERVER['HTTP_CLIENT_IP'])) {
-			//check ip from share internet
-			return $_SERVER['HTTP_CLIENT_IP'];
-		} elseif (TRUSTED_PROXY && !empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
-			//to check ip is pass from proxy
-			return  $_SERVER['HTTP_X_FORWARDED_FOR'];
+		$headerOverrideIP = null;
+		if(TRUSTED_PROXY) {
+			$headers = (defined('SS_TRUSTED_PROXY_IP_HEADER')) ? array(SS_TRUSTED_PROXY_IP_HEADER) : null;
+			if(!$headers) {
+				// Backwards compatible defaults
+				$headers = array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR');
+			}
+			foreach($headers as $header) {
+				if(!empty($_SERVER[$header])) {
+					$headerOverrideIP = $_SERVER[$header];
+					break;
+				}
+			}
+		}
+
+		if ($headerOverrideIP) {
+			return $headerOverrideIP;
 		} elseif(isset($_SERVER['REMOTE_ADDR'])) {
 			return $_SERVER['REMOTE_ADDR'];
+		} else {
+			return null;
 		}
 	}

--- a/core/Constants.php
+++ b/core/Constants.php
@ -179,10 +179,13 @@ if(!isset($_SERVER['HTTP_HOST'])) {
 	/**
 	 * Fix HTTP_HOST from reverse proxies
 	 */
-	if (TRUSTED_PROXY && isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
-		
+	$trustedProxyHeader = (defined('SS_TRUSTED_PROXY_HOST_HEADER'))
+		? SS_TRUSTED_PROXY_HOST_HEADER
+		: 'HTTP_X_FORWARDED_HOST';
+
+	if (TRUSTED_PROXY && !empty($_SERVER[$trustedProxyHeader])) {
 		// Get the first host, in case there's multiple separated through commas
-		$_SERVER['HTTP_HOST'] = strtok($_SERVER['HTTP_X_FORWARDED_HOST'], ',');
+		$_SERVER['HTTP_HOST'] = strtok($_SERVER[SS_TRUSTED_PROXY_HOST_HEADER], ',');
 	}
 }

--- a/core/startup/ParameterConfirmationToken.php
+++ b/core/startup/ParameterConfirmationToken.php
@ -163,26 +163,25 @@ class ParameterConfirmationToken {

 		// Are we http or https? Replicates Director::is_https() without its dependencies/
 		$proto = 'http';
-		if(
-			TRUSTED_PROXY
-			&& isset($_SERVER['HTTP_X_FORWARDED_PROTO'])
-			&& strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https'
-		) {
-			// Convention for (non-standard) proxy signaling a HTTPS forward,
-			// see https://en.wikipedia.org/wiki/List_of_HTTP_header_fields
-			$proto = 'https';
-		} else if(
-			TRUSTED_PROXY
-			&& isset($_SERVER['HTTP_X_FORWARDED_PROTOCOL'])
-			&& strtolower($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) == 'https'
-		) {
-			// Less conventional proxy header
-			$proto = 'https';
-		} else if(
-			isset($_SERVER['HTTP_FRONT_END_HTTPS'])
-			&& strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) == 'on'
-		) {
-			// Microsoft proxy convention: https://support.microsoft.com/?kbID=307347
+		// See https://en.wikipedia.org/wiki/List_of_HTTP_header_fields
+		// See https://support.microsoft.com/?kbID=307347
+		$headerOverride = false;
+		if(TRUSTED_PROXY) {
+			$headers = (defined('SS_TRUSTED_PROXY_PROTOCOL_HEADER')) ? array(SS_TRUSTED_PROXY_PROTOCOL_HEADER) : null;
+			if(!$headers) {
+				// Backwards compatible defaults
+				$headers = array('HTTP_X_FORWARDED_PROTO', 'HTTP_X_FORWARDED_PROTOCOL', 'HTTP_FRONT_END_HTTPS');
+			}
+			foreach($headers as $header) {
+				$headerCompareVal = ($header === 'HTTP_FRONT_END_HTTPS' ? 'on' : 'https');
+				if(!empty($_SERVER[$header]) && strtolower($_SERVER[$header]) == $headerCompareVal) {
+					$headerOverride = true;
+					break;
+				}
+			}
+		}
+
+		if($headerOverride) {
 			$proto = 'https';
 		} else if((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) {
 			$proto = 'https';
@ -190,9 +189,6 @@ class ParameterConfirmationToken {
 			$proto = 'https';
 		}

-		if((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) $proto = 'https';
-		if(isset($_SERVER['SSL'])) $proto = 'https';
-
 		$parts = array_filter(array(
 			// What's our host
 			$_SERVER['HTTP_HOST'],
--- a/dev/DevelopmentAdmin.php
+++ b/dev/DevelopmentAdmin.php
@ -33,8 +33,9 @@ class DevelopmentAdmin extends Controller {
 		parent::init();

 		// Special case for dev/build: Defer permission checks to DatabaseAdmin->init() (see #4957)
-		$requestedDevBuild = (stripos($this->getRequest()->getURL(), 'dev/build') === 0);
-
+		$requestedDevBuild = (stripos($this->getRequest()->getURL(), 'dev/build') === 0)
+			&& (stripos($this->getRequest()->getURL(), 'dev/build/defaults') === false);
+		
 		// We allow access to this controller regardless of live-status or ADMIN permission only
 		// if on CLI.  Access to this controller is always allowed in "dev-mode", or of the user is ADMIN.
 		$canAccess = (
--- a/docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
+++ b/docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
@ -580,7 +580,11 @@ server IPs using the SS_TRUSTED_PROXY_IPS define in your _ss_environment.php.

 	:::php
 	define('SS_TRUSTED_PROXY_IPS', '127.0.0.1,192.168.0.1');
+	define('SS_TRUSTED_PROXY_HOST_HEADER', 'HTTP_X_FORWARDED_HOST');
+	define('SS_TRUSTED_PROXY_IP_HEADER', 'HTTP_X_FORWARDED_FOR');
+	define('SS_TRUSTED_PROXY_PROTOCOL_HEADER', 'HTTP_X_FORWARDED_PROTOCOL');

+At the same time, you'll also need to define which headers you trust from these proxy IPs. Since there are multiple ways through which proxies can pass through HTTP information on the original hostname, IP and protocol, these values need to be adjusted for your specific proxy. The header names match their equivalent `$_SERVER` values.

 If there is no proxy server, 'none' can be used to distrust all clients.
 If only trusted servers will make requests then you can use '*' to trust all clients.
@ -603,7 +607,6 @@ In a future release this behaviour will be changed to be on by default, and this
 variable will be no longer necessary, thus it will be necessary to always set
 SS_TRUSTED_PROXY_IPS if using a proxy.

-
 ##  Related

 * [http://silverstripe.org/security-releases/](http://silverstripe.org/security-releases/)
--- a/docs/en/04_Changelogs/3.3.0.md
+++ b/docs/en/04_Changelogs/3.3.0.md
@ -20,3 +20,64 @@ mode of the site frontend using the `?stage` querystring parameter.

 This permission can be customised by altering the `Versioned.non_live_permissions`
 config by assigning a different set of permissions.
+<!--- Changes below this line will be automatically regenerated -->
+
+## Change Log
+
+### Security
+
+ * 2016-02-17 [893e497](https://github.com/silverstripe/silverstripe-framework/commit/893e49703de4aa1855b5364919cbb0826f754fbf) Hostname, IP and Protocol Spoofing through HTTP Headers (Ingo Schommer) - See [ss-2016-003](http://www.silverstripe.org/download/security-releases/ss-2016-003)
+ * 2016-02-17 [3398f67](https://github.com/silverstripe/silverstripe-framework/commit/3398f670d881447f8777b567f1ead7c0d8d253f5) Block unauthenticated access to dev/build/defaults (Damian Mooyman) - See [ss-2015-028](http://www.silverstripe.org/download/security-releases/ss-2015-028)
+ * 2016-02-17 [56e92f5](https://github.com/silverstripe/silverstripe-framework/commit/56e92f5a32e45849cc9361c8603c31d7010c9d36) Ensure Gridfield actions respect CSRF (Damian Mooyman) - See [ss-2016-002](http://www.silverstripe.org/download/security-releases/ss-2016-002)
+
+### API Changes
+
+ * 2015-12-07 [38e154a](https://github.com/silverstripe/silverstripe-framework/commit/38e154af0aae89a36f4d3906612ea4bbbf726177) Disable get parameter access to site stage mode (Damian Mooyman)
+ * 2015-12-02 [5353ac5](https://github.com/silverstripe/silverstripe-cms/commit/5353ac5315703240540c9cde0f5c8eeb5571bc19) Refactor versioned security into core module (Damian Mooyman)
+ * 2015-12-02 [6089a7c](https://github.com/silverstripe/silverstripe-framework/commit/6089a7c5bd25d6591deb154f1a34908fa91ac198) Create default security permission model for versioned data objects (Damian Mooyman)
+ * 2015-11-26 [6266f90](https://github.com/silverstripe/silverstripe-framework/commit/6266f909e0c098652582af44ea64f031ea9cdcea) Increased Permission.Code db field to 255 characters (Novusvetus)
+ * 2015-07-20 [ea9434f](https://github.com/silverstripe/silverstripe-framework/commit/ea9434ffeba8d5fbb1dfe38d76f3fed403a9886e) Lazy load template parser (Loz Calver)
+
+### Features and Enhancements
+
+ * 2015-12-14 [9467ab9](https://github.com/silverstripe/silverstripe-framework/commit/9467ab9a7e717cece3cee1693b16a055b58526ef) Implement unshift() in field list classes (closes #4834) (Loz Calver)
+ * 2015-12-01 [f7c270a](https://github.com/silverstripe/silverstripe-framework/commit/f7c270a3bad984910fa84f552dfa8b99324afb16) Use Config for determining Vary header (Marcus Nyeholt)
+ * 2015-11-10 [603cacc](https://github.com/silverstripe/silverstripe-framework/commit/603caccb90006b3a0592b129687659571112b9a8) CurrencyField to use Currency.currency_symbol (muskie9)
+ * 2015-09-25 [5c04dc5](https://github.com/silverstripe/silverstripe-framework/commit/5c04dc5d673aa11249310bcb6e382db4ee2bff7f) - Added new method to display the number of total items in a paginated list within templates (Marco Kernler)
+ * 2015-08-14 [1b57e0c](https://github.com/silverstripe/silverstripe-framework/commit/1b57e0ca5bdb5d80d6f78686669441ad8b2c9420) implement getter and setter usage for response (Stevie Mayhew)
+
+### Bugfixes
+
+ * 2016-02-09 [2ad490c](https://github.com/silverstripe/silverstripe-cms/commit/2ad490c3e2d256d8dcd16398631c114aa2a3370e) Prevent folders deleted on the filesystem from breaking asset interface (Damian Mooyman)
+ * 2016-01-22 [f80467a](https://github.com/silverstripe/silverstripe-cms/commit/f80467a74859fba58be835a878ceddbbb4601b42) Don't keep stale treeview data when refreshing Content area (Damian Mooyman)
+ * 2016-01-21 [e364fdb](https://github.com/silverstripe/silverstripe-cms/commit/e364fdb794896b5c6b4810d84c0dfac75d80b53b) Fix incorrect "Add Page" button selector (Damian Mooyman)
+ * 2016-01-20 [abc5556](https://github.com/silverstripe/silverstripe-cms/commit/abc5556520f891d0e3f5cf3d2c3838a194ac5335) Fix legacy breadcrumbs appearing on page save (Damian Mooyman)
+ * 2016-01-20 [df76d78](https://github.com/silverstripe/silverstripe-framework/commit/df76d783fe1f7baaeed67a7c6d63235facd364cd) Fix VersionedTest sometimes failing given certain querystring arguments (Damian Mooyman)
+ * 2016-01-20 [7c4e6f4](https://github.com/silverstripe/silverstripe-cms/commit/7c4e6f4b60567268ed879081823598438c90e729) prevent "Home page" being selected when no selection was made (Damian Mooyman)
+ * 2016-01-02 [b30d335](https://github.com/silverstripe/silverstripe-cms/commit/b30d33585f4640950dc573b9fa283c0db7b5f14c) Adding context parameter to canCreate-check in getClassDropdown of SiteTree (fixes #1334) (Stephan Bauer)
+ * 2016-01-02 [95e96fa](https://github.com/silverstripe/silverstripe-framework/commit/95e96fa2b2d0db9e26f8c716ee3d5e1a26ee09df) jquery.jstree patched to improve drag-and-drop handling (fixes #4881) (Stephan Bauer)
+ * 2015-12-22 [706877d](https://github.com/silverstripe/silverstripe-framework/commit/706877d72e6d64fd1093aa538cebad2311cbeca9) Get locale from &lt;html&gt; element for i18n.js (fixes #4854) (Loz Calver)
+ * 2015-12-22 [54ae002](https://github.com/silverstripe/silverstripe-cms/commit/54ae002d193d7677ff7a99527b37cbb6faa09343) FIx merge regressions in versioned tests (Damian Mooyman)
+ * 2015-12-22 [fce8251](https://github.com/silverstripe/silverstripe-framework/commit/fce82519bd6fcc313677b3687852ce15a3d5d202) Workaround for issues in testing version (Damian Mooyman)
+ * 2015-12-17 [36241d5](https://github.com/silverstripe-labs/silverstripe-reports/commit/36241d52a08ebce841f50fff91f3e4f4ac591be4) Fix regressions is SS_Report::canView (Damian Mooyman)
+ * 2015-12-15 [cd66917](https://github.com/silverstripe/silverstripe-framework/commit/cd66917a867275f3baf4c07efe2513db1ac92822) Vimeo oEmbed endpoint redirecting to no www (UndefinedOffset)
+ * 2015-12-15 [5d0f833](https://github.com/silverstripe-labs/silverstripe-reports/commit/5d0f833a397a2ce937e25b6a7c0350fdabdac63c) SS_Report canView should check permissions (Christopher Darling)
+ * 2015-12-09 [fa0160a](https://github.com/silverstripe/silverstripe-framework/commit/fa0160a874c536528d8300e034a7aa8bb6e23989) Fix regression in canViewStage (Damian Mooyman)
+ * 2015-11-24 [15ae37c](https://github.com/silverstripe/silverstripe-framework/commit/15ae37cf0351b654b5115183ab5a991c316e17e0) Image_Cached record class name (Jonathon Menz)
+ * 2015-10-31 [275ecfd](https://github.com/silverstripe/silverstripe-framework/commit/275ecfd8a95d4f7a025bb5025bb8d729a0e9eb70) Use `Object-&gt;hasMethod()` instead of `method_exists()` (madmatt)
+ * 2015-10-07 [71defe7](https://github.com/silverstripe/silverstripe-siteconfig/commit/71defe79b3e4fe7343f892ddf3aa8654725202c4) for #5 to facilitate validation on SiteConfig via DataExtension's. (Patrick Nelson)
+ * 2015-10-06 [a71d99c](https://github.com/silverstripe/silverstripe-framework/commit/a71d99cf8445a906ccd9b13242d36ae1e6a75d74) for #4663 ensuring return values from TabSet are retained from parent. Removing useless override. Cleaning up documentation in TabSet and return types. (Patrick Nelson)
+ * 2015-10-05 [12c4239](https://github.com/silverstripe/silverstripe-framework/commit/12c423909f721c6f5223007ad5e7ba6c162d63a4) (partial) for #3181 where non-submit buttons are being activated on "enter" key press (relates to CMS issue at https://github.com/silverstripe/silverstripe-cms/issues/1288). (Patrick Nelson)
+ * 2015-10-05 [332e490](https://github.com/silverstripe/silverstripe-cms/commit/332e4901478bf76705c7175e4af10b91d4c3b30f) (partial) for #1288 where non-submit buttons are being activated on "enter" key press (relates to framework issue at https://github.com/silverstripe/silverstripe-framework/issues/3181). (Patrick Nelson)
+ * 2015-10-05 [4a70ffe](https://github.com/silverstripe/silverstripe-framework/commit/4a70ffea0687c8c83b6210856e4c10f5aff0a883) Typo in cur methods PHPDoc (Corey Sewell)
+ * 2015-09-29 [5224fc4](https://github.com/silverstripe/silverstripe-framework/commit/5224fc460c6155c4f2253f42d88729b8f31066f6) Permission::checkMember() use of undefined variable $codes (Manuel Teuber)
+ * 2015-09-24 [c0be44d](https://github.com/silverstripe/silverstripe-framework/commit/c0be44d238c45853503fe1550fba0460a9a0f05c) fix response regression in initiation of request handler (Stevie Mayhew)
+ * 2015-09-17 [c9ba6e5](https://github.com/silverstripe/silverstripe-framework/commit/c9ba6e5d0064bfb09ebdb9e5f7054f8c3179f99a) Fix ClassInfo::table_for_object_field (Damian Mooyman)
+ * 2015-09-11 [5cc0878](https://github.com/silverstripe/silverstripe-framework/commit/5cc0878dc1feead47ead82c8f2beca02eefa102b) for #4597: Ensuring GridFieldConfig_RelationEditor is instantiated via Injector, not via "new" keyword. (Patrick Nelson)
+ * 2015-09-02 [2ae5d83](https://github.com/silverstripe/silverstripe-framework/commit/2ae5d83f08b994458aa93625e4ec7cb7f258bbae) Resampled images inherit source properties (Jonathon Menz)
+ * 2015-08-24 [80ce549](https://github.com/silverstripe/silverstripe-framework/commit/80ce5498d84088f8992de3f979071456e7d71746) disable archived pages from being droppable (Damian Mooyman)
+ * 2015-08-21 [b14794b](https://github.com/silverstripe/silverstripe-framework/commit/b14794b780b30d5a6d39df9ed080135ff25045a8) Fix bulk actions making sitetree unclickable (Damian Mooyman)
+ * 2015-08-19 [a19fe39](https://github.com/silverstripe/silverstripe-framework/commit/a19fe39301f8a6a2e80e9a9d294c425b8699dc0c) Avoid PHP 5.6 deprecation with access to HTTP_RAW_POST_DATA. Fixed #4511 (Sam Minnee)
+ * 2015-07-31 [6a45f4a](https://github.com/silverstripe/silverstripe-framework/commit/6a45f4a1e125b1a75d042e59b38824b24fd3cd0f) fix mismatched quotes (Damian Mooyman)
+ * 2015-06-15 [ca039e1](https://github.com/silverstripe/silverstripe-framework/commit/ca039e15ef7306d7b56d64d93892d2fb6173fcf7) Fix regressions in changes to batch action feature (David Craig)
+ * 2015-06-11 [8a4c518](https://github.com/silverstripe/silverstripe-framework/commit/8a4c51893b345f7653e77acdd3667bbe61346784) allow for increase_time_limit_to to work if $_increase_time_limit_max is not yet set (Stevie Mayhew)
--- a/docs/en/04_Changelogs/rc/3.3.0-rc3.md
+++ b/docs/en/04_Changelogs/rc/3.3.0-rc3.md
@ -0,0 +1,11 @@
+# 3.3.0-rc3
+
+<!--- Changes below this line will be automatically regenerated -->
+
+## Change Log
+
+### Security
+
+ * 2016-02-17 [893e497](https://github.com/silverstripe/silverstripe-framework/commit/893e49703de4aa1855b5364919cbb0826f754fbf) Hostname, IP and Protocol Spoofing through HTTP Headers (Ingo Schommer) - See [ss-2016-003](http://www.silverstripe.org/download/security-releases/ss-2016-003)
+ * 2016-02-17 [3398f67](https://github.com/silverstripe/silverstripe-framework/commit/3398f670d881447f8777b567f1ead7c0d8d253f5) Block unauthenticated access to dev/build/defaults (Damian Mooyman) - See [ss-2015-028](http://www.silverstripe.org/download/security-releases/ss-2015-028)
+ * 2016-02-17 [56e92f5](https://github.com/silverstripe/silverstripe-framework/commit/56e92f5a32e45849cc9361c8603c31d7010c9d36) Ensure Gridfield actions respect CSRF (Damian Mooyman) - See [ss-2016-002](http://www.silverstripe.org/download/security-releases/ss-2016-002)
--- a/forms/gridfield/GridField.php
+++ b/forms/gridfield/GridField.php
@ -833,6 +833,18 @@ class GridField extends FormField {
 	 */
 	public function gridFieldAlterAction($data, $form, SS_HTTPRequest $request) {
 		$data = $request->requestVars();
+
+		// Protection against CSRF attacks
+		$token = $this
+			->getForm()
+			->getSecurityToken();
+		if(!$token->checkRequest($request)) {
+			$this->httpError(400, _t("Form.CSRF_FAILED_MESSAGE",
+				"There seems to have been a technical problem. Please click the back button, ".
+				"refresh your browser, and try again."
+			));
+		}
+
 		$name = $this->getName();

 		$fieldData = null;
--- a/lang/cs.yml
+++ b/lang/cs.yml
@ -301,8 +301,6 @@ cs:
    FROMWEB: 'Z webu'
    FindInFolder: 'Hledat ve složce'
    IMAGEALT: 'Alternativní text (alt)'
-    IMAGEALTTEXT: 'Alternativní text (alt) - bude zobrazen, pokud obrázek nemúže být zobrazen'
-    IMAGEALTTEXTDESC: 'Zobrazeno na obrazovce, když obrázek nemůže být zobrazen'
    IMAGEDIMENSIONS: Rozměry
    IMAGEHEIGHTPX: Výška
    IMAGETITLE: 'Titul text (tooltip) - další informace o obrázku'
@ -336,13 +334,11 @@ cs:
  LeftAndMain:
    CANT_REORGANISE: 'Nemáte oprávnění měnit stránky nejvyšší úrovně. Vaše změna nebyla uložena.'
    DELETED: Smazáno.
-    DropdownBatchActionsDefault: 'Vyberte akci...'
+    DropdownBatchActionsDefault: Akce
    HELP: Nápověda
-    PAGETYPE: 'Typ stránky'
    PERMAGAIN: 'Byli jste odhlášeni z CMS. Pokud se chcete znovu přihlásit, zadejte níže své uživatelské jméno a heslo.'
    PERMALREADY: 'Omlouvám se, ale nemůžete vstoupit do této části CMS. Pokud se chcete přihlásit jako někdo jiný, udělejte tak níže.'
    PERMDEFAULT: 'Musíte být přihlášen/a k přístup do oblasti administrace, níže zadejte vaše přihlašovací údaje, prosím.'
-    PLEASESAVE: 'Prosím uložte stránku: Tato stránka nemohla být aktualizována, protože ještě nebyla uložena.'
    PreviewButton: Náhled
    REORGANISATIONSUCCESSFUL: 'Strom webu reorganizován úspěšně.'
    SAVEDUP: Uloženo.
--- a/lang/de.yml
+++ b/lang/de.yml
@ -1,5 +1,7 @@
 de:
  AssetAdmin:
+    ALLOWEDEXTS: 'Erlaubte Dateiendungen'
+    HIDEALLOWEDEXTS: 'Verberge erlaubte Dateiendungen'
    NEWFOLDER: Neuer Ordner
    SHOWALLOWEDEXTS: 'Erlaubte Dateitypen anzeigen'
  AssetTableField:
@ -7,12 +9,14 @@ de:
    DIM: Dimensionen
    FILENAME: Dateiname
    FOLDER: Ordner
+    HEIGHT: Höhe
    LASTEDIT: 'Letzte Änderung'
    OWNER: Eigentümer
    SIZE: 'Größe'
    TITLE: Titel
    TYPE: 'Typ'
    URL: URL
+    WIDTH: Breite
  AssetUploadField:
    ChooseFiles: 'Dateien auswählen'
    DRAGFILESHERE: 'Dateien hier ablegen'
@ -23,7 +27,9 @@ de:
    FILES: Dateien
    FROMCOMPUTER: 'Dateien auf Ihrem Computer auswählen'
    FROMCOMPUTERINFO: 'Von Ihrem Computer hochladen'
+    REMOVEINFO: 'Entferne diese Datei aus dem Feld'
    TOTAL: Insgesamt
+    TOUPLOAD: 'Dateien für den Upload auswählen...'
    UPLOADINPROGRESS: 'Bitte warten sie... Upload im Gang'
    UPLOADOR: oder
  BBCodeParser:
@ -146,6 +152,7 @@ de:
    INVALID_REQUEST: 'Ungültige Anfrage'
  DropdownField:
    CHOOSE: (Auswahl)
+    CHOOSESEARCH: '(Auswahl und Suche)'
    SOURCE_VALIDATION: 'Bitte wählen Sie aus der Liste. {value} ist kein gültiger Wert'
  EmailField:
    VALIDATION: 'Bitte geben Sie eine E-Mail-Adresse ein'
@ -293,8 +300,6 @@ de:
    FROMWEB: 'Aus dem Web'
    FindInFolder: 'In Ordner suchen'
    IMAGEALT: 'Alternativtext (alt)'
-    IMAGEALTTEXT: 'Alternativer Text (alt) - angezeigt, wenn das Bild nicht dargestellt werden kann'
-    IMAGEALTTEXTDESC: 'Wird von Screenreadern vorgelesen oder angezeigt, falls das Bild nicht dargestellt werden kann'
    IMAGEDIMENSIONS: Dimensionen
    IMAGEHEIGHTPX: Höhe (px)
    IMAGETITLE: 'Titeltext (Tooltip) - für zusätzliche Informationen über das Bild'
@ -326,11 +331,9 @@ de:
    CANT_REORGANISE: 'Sie besitzen nicht die benötigten Zugriffsrechte um Seiten der höchsten Ebene zu bearbeiten. Ihre Änderungen wurden nicht gespeichert.'
    DELETED: Gelöscht.
    HELP: Hilfe
-    PAGETYPE: 'Seitentyp'
    PERMAGAIN: 'Sie wurden aus dem System ausgeloggt. Falls Sie sich wieder einloggen möchten, geben Sie bitte Benutzernamen und Passwort im untenstehenden Formular an.'
    PERMALREADY: 'Leider dürfen Sie diesen Teil des CMS nicht aufrufen. Wenn Sie sich als jemand anderes einloggen wollen, benutzen Sie bitte das nachstehende Formular.'
    PERMDEFAULT: 'Sie müssen angemeldet sein, um auf diesen Bereich zugreifen zu können. Bitte geben Sie Ihre Zugangsdaten ein.'
-    PLEASESAVE: 'Diese Seite konnte nicht aktualisiert werden weil sie noch nicht gespeichert wurde - bitte speichern.'
    PreviewButton: Vorschau
    REORGANISATIONSUCCESSFUL: 'Der Seitenbaum wurde erfolgreich sortiert.'
    SAVEDUP: Gespeichert.
--- a/lang/eo.yml
+++ b/lang/eo.yml
@ -293,8 +293,6 @@ eo:
    FROMWEB: 'El la TTT'
    FindInFolder: 'Serĉi en dosierujo'
    IMAGEALT: 'Alternativa teksto (alt)'
-    IMAGEALTTEXT: 'Alternativa teksto (alt) - vidigi ĝin se ne eblas vidigi bildon'
-    IMAGEALTTEXTDESC: 'Vidigita al ekranlegiloj aŭ se ne eblas vidii bildon'
    IMAGEDIMENSIONS: Dimensioj
    IMAGEHEIGHTPX: Alto
    IMAGETITLE: 'Titola teksto (ŝpruchelpilo) - por plua informo pri la bildo'
@ -326,11 +324,9 @@ eo:
    CANT_REORGANISE: 'Vi ne rajtas ŝanĝi supronivelajn paĝojn. Via ŝanĝo ne konserviĝis.'
    DELETED: Forigita.
    HELP: Helpo
-    PAGETYPE: 'Tipo de paĝo:'
    PERMAGAIN: 'Vin adiaŭis la CMS. Se vi volas denove saluti, enigu salutnomon kaj pasvorton malsupre.'
    PERMALREADY: 'Bedaŭrinde vi ne povas aliri tiun parton de la CMS. Se vi volas ensaluti kiel aliulo, faru tion sube.'
    PERMDEFAULT: 'Necesas ensaluti por aliri la administran zonon; bonvolu enigi viajn akreditaĵoj sube.'
-    PLEASESAVE: 'Bonvolu konservi paĝon: Ne eblis ĝisdatigi ĉi tiun paĝon ĉar ĝi ankoraŭ ne estas konservita.'
    PreviewButton: Antaŭvido
    REORGANISATIONSUCCESSFUL: 'Sukcese reorganizis la retejan arbon.'
    SAVEDUP: Konservita.
--- a/lang/es.yml
+++ b/lang/es.yml
@ -301,8 +301,6 @@ es:
    FROMWEB: 'Desde la web'
    FindInFolder: 'Buscar en carpeta'
    IMAGEALT: 'Texto alternativo (alt)'
-    IMAGEALTTEXT: 'Texto alternativo (alt) - es mostrado si la imagen no puede ser visualizada'
-    IMAGEALTTEXTDESC: 'Mostrar a los lectores de pantalla o si la imagen no se puede visualizar'
    IMAGEDIMENSIONS: Dimensiones
    IMAGEHEIGHTPX: Alto
    IMAGETITLE: 'Texto del título (tooltip) - para obtener más información acerca de la imagen'
@ -336,13 +334,10 @@ es:
  LeftAndMain:
    CANT_REORGANISE: 'Usted no tiene permiso para modificar las páginas de nivel superior. Su modificación no se ha guardado.'
    DELETED: Borrado
-    DropdownBatchActionsDefault: 'Elegir una acción...'
    HELP: Ayuda
-    PAGETYPE: 'Tipo de página'
    PERMAGAIN: 'Ha sido desconectado del CMS. Si quiere volver a entrar, introduzca su nombre de usuario y contraseña a continuación.'
    PERMALREADY: 'Lamentablemente no puede acceder a esta parte del CMS. Si quiere entrar como alguien distinto, hágalo a continuación'
    PERMDEFAULT: 'Debes estar conectado para acceder al área de administración; por favor ingresa tus datos a continuación'
-    PLEASESAVE: 'Por favor Guarde la Página: Esta página no se ha podido actualizar porque aún no ha sido salvada.'
    PreviewButton: Vista previa
    REORGANISATIONSUCCESSFUL: 'Reorganizado el árbol del sitio con éxito.'
    SAVEDUP: Guardado
--- a/lang/fa_IR.yml
+++ b/lang/fa_IR.yml
@ -318,9 +318,7 @@ fa_IR:
    TITLE: 'آی‌فریم آپلود عکس'
  LeftAndMain:
    DELETED: حذف شده
-    DropdownBatchActionsDefault: 'انتخاب یک عملیات...'
    HELP: کمک
-    PAGETYPE: 'نوع صفحه'
    PERMAGAIN: 'شما از سیستم مدیریت محتوا خارج شده اید.اگر میخواهید دوباره وارد شوید نام کاربری و رمز عبور خود را در قسمت زیر وارد کنید'
    PreviewButton: پیش‌نمایش
    SAVEDUP: ذخیره شده
--- a/lang/fi.yml
+++ b/lang/fi.yml
@ -299,8 +299,6 @@ fi:
    FROMWEB: 'Webistä'
    FindInFolder: 'Etsi kansiosta'
    IMAGEALT: 'Vaihtoehtoinen teksti (alt)'
-    IMAGEALTTEXT: 'Vaihtoehtoinen teksti (alt) - näytetään jos kuvaa ei voida näyttää'
-    IMAGEALTTEXTDESC: 'Näytetään ruudunlukuohjelmille tai jos kuvaa ei voi näyttää'
    IMAGEDIMENSIONS: Mitat
    IMAGEHEIGHTPX: Korkeus
    IMAGETITLE: 'Otsikko (tooltip) - kuvan lisätietoja varten'
@ -333,11 +331,9 @@ fi:
    CANT_REORGANISE: 'Sinulla ei ole oikeuksia mennä ylemmän tason sivuille. Muutoksiasi ei tallennettu.'
    DELETED: Poistettu.
    HELP: Ohje
-    PAGETYPE: 'Sivutyyppi'
    PERMAGAIN: 'Olet kirjautunut ulos CMS:stä. Jos haluat kirjautua uudelleen sisään, syötä käyttäjätunnuksesi ja salasanasi alla.'
    PERMALREADY: 'Pahoittelut, mutta et pääse tähän osaan CMS:ää. Jos haluat kirjautua jonain muuna, voit tehdä sen alta.'
    PERMDEFAULT: 'Sinun tulee olla kirjautuneena ylläpito-osioon; syötä tunnuksesi kenttiin.'
-    PLEASESAVE: 'Tätä sivua ei voitu päivittää, koska sitä ei ole vielä tallennettu. Tallenna sivu.'
    PreviewButton: Esikatselu
    REORGANISATIONSUCCESSFUL: 'Hakemistopuu uudelleenjärjestettiin onnistuneesti.'
    SAVEDUP: Tallennettu.
--- a/lang/lt.yml
+++ b/lang/lt.yml
@ -301,8 +301,6 @@ lt:
    FROMWEB: 'Iš interneto'
    FindInFolder: 'Rasti kataloge'
    IMAGEALT: 'Alternatyvus tekstas (alt)'
-    IMAGEALTTEXT: 'Alternatyvus tekstas (alt) - rodomas, jeigu nepavyko parodyti paveikslėlio'
-    IMAGEALTTEXTDESC: 'Rodomas, jeigu nepavyko parodyti paveikslėlio'
    IMAGEDIMENSIONS: Matmenys
    IMAGEHEIGHTPX: Aukštis
    IMAGETITLE: 'Pavadinimo tekstas (tooltip) - papildomai informacijai apie paveikslėlį'
@ -336,13 +334,11 @@ lt:
  LeftAndMain:
    CANT_REORGANISE: 'Jūs neturite leidimo keisti aukščiausio lygio puslapių. Jūsų pakeitimai neišsaugoti.'
    DELETED: Ištrinta.
-    DropdownBatchActionsDefault: 'Pasirinkite veiksmą...'
+    DropdownBatchActionsDefault: Veiksmai
    HELP: Pagalba
-    PAGETYPE: 'Puslapio tipas'
    PERMAGAIN: 'Jūs atsijungėte. Norėdami vėl prisijungti, įveskite savo duomenis į žemiau esančius laukelius.'
    PERMALREADY: 'Deja, bet Jūs negalite patekti į šią TVS dalį. Jeigu norite prisijungti kitu vartotoju, tai atlikite žemiau.'
    PERMDEFAULT: 'Jūs turite būti prisijungę, norėdami pasiekti administravimo zoną; prašome suvesti prisijungimo duomenis į žemiau esančius laukelius.'
-    PLEASESAVE: 'Prašome išsaugoti puslapį: Šis puslapis negali būti atnaujintas, nes jis dar nėra išsaugotas.'
    PreviewButton: Peržiūra
    REORGANISATIONSUCCESSFUL: 'Puslapių medis pertvarkytas sėkmingai.'
    SAVEDUP: Išsaugota.
--- a/lang/sk.yml
+++ b/lang/sk.yml
@ -301,8 +301,6 @@ sk:
    FROMWEB: 'Z webu'
    FindInFolder: 'Vyhľadať v priečinku'
    IMAGEALT: 'Atlernatívny text (alt)'
-    IMAGEALTTEXT: 'Atlernatívny text (alt) - zobrazí sa, ak obrázok nemože byť zobrazený'
-    IMAGEALTTEXTDESC: 'Zobrazí sa na čítačke obrazovky alebo ak obrázok nemôže byť zobrazený'
    IMAGEDIMENSIONS: Rozmery
    IMAGEHEIGHTPX: Výška
    IMAGETITLE: 'Text titulky (tooltip) - pre doplňujúce informácie o obrázku'
@ -336,13 +334,11 @@ sk:
  LeftAndMain:
    CANT_REORGANISE: 'Nemáte oprávnenie meniť stránky najvyššej úrovne. Vaša zmena nebola uložená.'
    DELETED: Zmazané.
-    DropdownBatchActionsDefault: 'Vybrať akciu...'
+    DropdownBatchActionsDefault: Akcie
    HELP: Pomoc
-    PAGETYPE: 'Typ stránky'
    PERMAGAIN: 'Boli ste odhlásený'
    PERMALREADY: 'Je nám ľúto, ale k tejto časti CMS nemáte prístup . Ak sa chcete prihlásiť ako niekto iný, urobte tak nižšie.'
    PERMDEFAULT: 'Musíte byť prihlásený/á k prístupu do oblasti administrácie, zadajte vaše prihlasovacie údaje dole, prosím.'
-    PLEASESAVE: 'Uložte stránku, prosím. Táto stránka nemôže byť aktualizovaná, pretože ešte nebola uložená.'
    PreviewButton: Náhľad
    REORGANISATIONSUCCESSFUL: 'Strom webu bol reorganizovaný úspešne.'
    SAVEDUP: Uložené.
--- a/lang/sv.yml
+++ b/lang/sv.yml
@ -293,8 +293,6 @@ sv:
    FROMWEB: 'Från webben'
    FindInFolder: 'Hitta i mapp'
    IMAGEALT: 'Alternativ text (alt)'
-    IMAGEALTTEXT: 'Alternativ text (alt) - visas om bilden inte kan visas'
-    IMAGEALTTEXTDESC: 'Visas för skärmläsare eller om bilden inte kan visas'
    IMAGEDIMENSIONS: Dimensioner
    IMAGEHEIGHTPX: Höjd
    IMAGETITLE: 'Titel text (tooltip) - för ytterligare information om bilden'
@ -326,11 +324,9 @@ sv:
    CANT_REORGANISE: 'Du har inte tillstånd att ändra sidor på toppnivå. Dina ändringar har inte sparats.'
    DELETED: Raderad
    HELP: Hjälp
-    PAGETYPE: 'Sidtyp'
    PERMAGAIN: 'Du har blivit utloggad. Om du vill logga in igen anger du dina uppgifter nedan.'
    PERMALREADY: 'Tyvärr så har du inte åtkomst till den delen av CMSet. Om du vill logga in med en annan användare kan du göra det nedan'
    PERMDEFAULT: 'Du måste vara inloggad för att få åtkomst till administrativa delarna; var vänlig att logga in med dina användaruppgifter nedan.'
-    PLEASESAVE: 'Var god spara sidan. Den kan inte uppdateras för att den har inte sparats ännu.'
    PreviewButton: Förhandsgranska
    REORGANISATIONSUCCESSFUL: 'Omorganisationen av sidträdet luyckades.'
    SAVEDUP: Sparad.
--- a/tests/forms/gridfield/GridFieldDeleteActionTest.php
+++ b/tests/forms/gridfield/GridFieldDeleteActionTest.php
@ -42,15 +42,54 @@ class GridFieldDeleteActionTest extends SapphireTest {
 		$this->assertEquals(3, count($deleteButtons), 'Delete buttons should show when logged in.');
 	}

+	public function testActionsRequireCSRF() {
+		$this->logInWithPermission('ADMIN');
+		$this->setExpectedException(
+			'SS_HTTPResponse_Exception',
+			_t("Form.CSRF_FAILED_MESSAGE",
+				"There seems to have been a technical problem. Please click the back button, ".
+				"refresh your browser, and try again."
+			),
+			400
+		);
+		$stateID = 'testGridStateActionField';
+		$request = new SS_HTTPRequest(
+			'POST',
+			'url',
+			array(),
+			array(
+				'action_gridFieldAlterAction?StateID='.$stateID,
+				'SecurityID' => null,
+			)
+		);
+		$this->gridField->gridFieldAlterAction(array('StateID'=>$stateID), $this->form, $request);
+	}
+
 	public function testDeleteActionWithoutCorrectPermission() {
 		if(Member::currentUser()) { Member::currentUser()->logOut(); }
 		$this->setExpectedException('ValidationException');

 		$stateID = 'testGridStateActionField';
-		Session::set($stateID, array('grid'=>'', 'actionName'=>'deleterecord',
-			'args'=>array('RecordID'=>$this->idFromFixture('GridFieldAction_Delete_Team', 'team1'))));
-		$request = new SS_HTTPRequest('POST', 'url', array(),
-			array('action_gridFieldAlterAction?StateID='.$stateID=>true));
+		Session::set(
+			$stateID,
+			array(
+				'grid' => '',
+				'actionName' => 'deleterecord',
+				'args' => array(
+					'RecordID' => $this->idFromFixture('GridFieldAction_Delete_Team', 'team1')
+				)
+			)
+		);
+		$token = SecurityToken::inst();
+		$request = new SS_HTTPRequest(
+			'POST',
+			'url',
+			array(),
+			array(
+				'action_gridFieldAlterAction?StateID='.$stateID => true,
+				$token->getName() => $token->getValue(),
+			)
+		);
 		$this->gridField->gridFieldAlterAction(array('StateID'=>$stateID), $this->form, $request);
 		$this->assertEquals(3, $this->list->count(),
 			'User should\'t be able to delete records without correct permissions.');
@ -59,10 +98,26 @@ class GridFieldDeleteActionTest extends SapphireTest {
 	public function testDeleteActionWithAdminPermission() {
 		$this->logInWithPermission('ADMIN');
 		$stateID = 'testGridStateActionField';
-		Session::set($stateID, array('grid'=>'', 'actionName'=>'deleterecord',
-			'args'=>array('RecordID'=>$this->idFromFixture('GridFieldAction_Delete_Team', 'team1'))));
-		$request = new SS_HTTPRequest('POST', 'url', array(),
-			array('action_gridFieldAlterAction?StateID='.$stateID=>true));
+		Session::set(
+			$stateID,
+			array(
+				'grid'=>'',
+				'actionName'=>'deleterecord',
+				'args' => array(
+					'RecordID' => $this->idFromFixture('GridFieldAction_Delete_Team', 'team1')
+				)
+			)
+		);
+		$token = SecurityToken::inst();
+		$request = new SS_HTTPRequest(
+			'POST',
+			'url',
+			array(),
+			array(
+				'action_gridFieldAlterAction?StateID='.$stateID=>true,
+				$token->getName() => $token->getValue(),
+			)
+		);
 		$this->gridField->gridFieldAlterAction(array('StateID'=>$stateID), $this->form, $request);
 		$this->assertEquals(2, $this->list->count(), 'User should be able to delete records with ADMIN permission.');
 	}
@ -76,11 +131,26 @@ class GridFieldDeleteActionTest extends SapphireTest {
 		$form = new Form(new Controller(), 'mockform', new FieldList(array($this->gridField)), new FieldList());

 		$stateID = 'testGridStateActionField';
-		Session::set($stateID, array('grid'=>'', 'actionName'=>'deleterecord',
-			'args'=>array('RecordID'=>$this->idFromFixture('GridFieldAction_Delete_Team', 'team1'))));
-		$request = new SS_HTTPRequest('POST', 'url', array(),
-			array('action_gridFieldAlterAction?StateID='.$stateID=>true));
-
+		Session::set(
+			$stateID,
+			array(
+				'grid'=>'',
+				'actionName'=>'deleterecord',
+				'args' => array(
+					'RecordID' => $this->idFromFixture('GridFieldAction_Delete_Team', 'team1')
+				)
+			)
+		);
+		$token = SecurityToken::inst();
+		$request = new SS_HTTPRequest(
+			'POST',
+			'url',
+			array(),
+			array(
+				'action_gridFieldAlterAction?StateID='.$stateID=>true,
+				$token->getName() => $token->getValue(),
+			)
+		);
 		$this->gridField->gridFieldAlterAction(array('StateID'=>$stateID), $this->form, $request);
 		$this->assertEquals(2, $this->list->count(), 'User should be able to delete records with ADMIN permission.');