908b6f2006
Merge branch '4.12' into 4.13
2023-04-26 11:44:54 +12:00
1a5bb4cbec
[CVE-2023-22729] Escaped double slash is absolute URL
2023-04-26 09:49:59 +12:00
3d03a93b8f
Merge branch '4.12' into 4.13
2023-04-11 10:55:17 +12:00
92061a3ba6
FIX stabilise typed APIs ( #10740 )
...
Since 4.12 the use of typehints and return types has caused issues with
values fetched directly from config without validation. This has lead to
upgrade woes in a minor version (#10721 ) with no immediate recourse
other than manual system intervention.
To use types, we should ensure types, leaving a stable API that won't
error on a bad value - or should give a thoughtful and directive error
message if so.
Issue #10721 summary:
SessionMiddleware runs before FlushMiddleware
SessionMiddleware causes a PHP fatal error passing `null` to a `string`
parameter.
`null` comes from config, because default string value doesn't exist. We
need flush for this - but system execution never makes it that far.
2023-04-11 10:52:41 +12:00
5295ba6c16
API Throw deprecation warnings for bad configuration ( #10702 )
2023-03-01 11:36:08 +13:00
6669d54f59
FIX Wrap deprecated config with no replacement ( #10704 )
2023-02-27 18:13:31 +13:00
4e9c74243d
API Deprecate code
2023-02-07 11:56:04 +13:00
23efed1802
Merge branch '4.12' into 4
2023-02-02 16:20:00 +13:00
4a1eb0c158
ISSUE-10615: Respect SS_BASE_URL scheme in CLI environment.
...
Additionally set _SERVER variables for HTTPS and SSL to respect SS_BASE_URL scheme when executing builds and tasks through CLI.
This should solve base tags not being provided with the correct HTTP scheme. This is important to resolve mixed content issues and insecure requests.
2022-12-20 11:13:02 +13:00
0d662ba95f
Merge branch '4.12' into 4
2022-12-19 01:38:09 +00:00
cb76f312a4
Merge branch '4.11' into 4.12-release
2022-11-21 13:44:23 +13:00
137ebcebec
API Stop using deprecated API
2022-11-15 18:20:54 +13:00
9c453abf89
API Update deprecations
2022-10-13 14:49:15 +13:00
33b6a00f49
ENH Update deprecation messages
2022-10-13 14:48:40 +13:00
cc49036616
ENH Standardise deprecation messages
2022-10-13 14:05:49 +13:00
906cd0e76d
API Deprecate render() ( #10527 )
2022-10-07 14:44:02 +13:00
96a931d24f
API Deprecate swiftmailer
2022-10-06 09:52:06 +13:00
d3c28579b7
[CVE-2022-38462] Don't allow CRLF in header values
2022-09-07 11:22:07 +12:00
31c974c528
ENH Add samesite attribute to cookies.
...
Co-authored-by: pine3ree <pine3ree@gmail.com>
2022-06-02 12:01:03 +12:00
2411a83d5d
Merge pull request #10291 from creative-commoners/pulls/4/revert
...
FIX Revert adding extension hook
2022-04-26 12:00:26 +12:00
345173343c
FIX Revert adding extension hook
2022-04-26 09:58:45 +12:00
511b3bb060
ENH PHP 8.1 compatibility
2022-04-14 13:12:59 +12:00
f1678781a2
ENH Various fixes for PHP 8.1 compatibility
2022-04-11 17:22:22 +12:00
814c5b2fd0
ENH Fix deprecation issues for PHP 8.1 compatibility
2022-04-06 11:34:34 +12:00
081ec34461
Merge branch '4.10' into 4
2022-03-10 11:30:03 +13:00
82aba312fe
Merge branch '4.9' into 4.10
2022-03-10 11:27:48 +13:00
204b39bfdf
FIX Handle admin_email array config
2022-03-10 10:37:47 +13:00
b73a3cdd7a
API Extension hook for email default from
2022-03-08 14:31:51 +13:00
09fdfc4611
Merge branch '4.10' into 4
2022-03-08 12:21:52 +13:00
59800b5879
Merge branch '4.9' into 4.10
2022-03-08 12:21:03 +13:00
badc17891c
ENH Create fallback email from address
2022-03-07 16:18:57 +13:00
fc2160fa3a
ENH Provide hook for updating the parent used for absoluteURL ( #10168 )
...
One use case for this that I've run into a few times is for sending emails using a queued job from the CLI.
2022-01-31 20:41:14 +13:00
552cf5944d
MNT Fix various typos with codespell ( #10177 )
2021-12-13 21:05:33 +13:00
a08f43b762
DOC Fix misleading code docblocks ( #10145 )
2021-11-09 14:55:06 +13:00
de87d91d22
FIX Trim email addresses to comply with RFC 2822, 3.6.2
2021-08-24 10:06:15 +12:00
92f47da08b
API Update SwiftMailer from v5 to v6 ( #10048 )
...
* Update SwiftMailer from v5 to v6
- Fixes #9834
- Update default Swift_Transport to use Swift_SendmailTransport
- Update version restraint for Swiftmailer
- Address new parameter type for Swift_Message::setDate()
- Update class references in docblocks
Co-authored-by: Danaë Miller-Clendon <danae.millerclendon@silverstripe.com>
2021-08-18 12:16:45 +12:00
0ea36ad5d6
Merge pull request #10027 from chrometoasters/pulls/director-extension-point-4.8
...
NEW Add extension point to Director::is_site_url
2021-08-07 09:56:31 +12:00
9a7c99fc4b
FIX Take current request protocol into account when deleting session cookie
2021-08-06 10:55:05 +10:00
f8a9431152
NEW Add extension point to Director::is_site_url
2021-08-06 12:54:18 +12:00
3d7868449f
Merge branch '4.7' into 4
2021-04-19 16:39:15 +12:00
31c5ab2069
[BUGFIX] Prevent call getHeader() on null HTTPRequest object
2021-04-13 14:06:21 +12:00
7a04090bdf
Merge branch '4.7' into 4
2021-03-15 14:27:47 +13:00
d2fa64b489
BUG Allow Email to re-render when data changes ( #9876 )
...
* Fix: Allow Email to re-render when data changes
* Add invalidateBody function
* Make the linter happy
2021-03-04 11:18:46 +13:00
095a3b70f8
NEW: Provide helpers for isDev/isTest/isLive in templates
2021-02-11 11:19:07 +00:00
c932d7e7fb
Fix the phpdoc blocks
2020-12-21 22:23:23 +01:00
91f831cd0b
ENH Improve scalar response handling
...
This resolves an issue where method_exists() was being called on scalar
response values, which is not supported in PHP 8.
2020-10-26 13:20:47 +13:00
27bd5d12e3
ENH Replace E_USER_ERROR errors with exceptions
2020-09-24 23:51:21 -07:00
ae0ece2b02
Merge pull request #9665 from creative-commoners/pulls/4/php8-fqcn-token
2020-09-18 20:44:22 +01:00
5cb3d07f44
FIX: Avoid pass-literal-by-reference warning in PHP 8
2020-09-15 17:40:42 +12:00
2753f823ee
DOC Added a tip to docs describing how to set a cookie for less than a day ( #9552 )
...
DOC Added a tip to docs describing how to set a cookie for less than a day
Co-authored-by: Garion Herman <garion@silverstripe.com>
2020-09-10 12:34:33 +12:00
Guy Sartorelli
Steve Boyd
Dylan Wagstaff
Guy Sartorelli
Shiva Kerdel
Lukas
LiamKearn
Florian Thoma
Michal Kleiner
Kunal Hari
Maxime Rainville
Nik
Loz Calver
William Desportes
Garion Herman
Robbie Averill
Dan Hensby
Sam Minnee
Jackson Darlow