Guy Sartorelli
|
01808a8316
|
FIX Don't assume searchableFields() exists in gridfield filter
|
2023-05-09 10:00:07 +12:00 |
|
Guy Sartorelli
|
908b6f2006
|
Merge branch '4.12' into 4.13
|
2023-04-26 11:44:54 +12:00 |
|
Sabina Talipova
|
c2733a3108
|
Merge pull request #10760 from creative-commoners/pulls/4.12/absoluteurl-parsing
Escaped double slash is absolute URL
|
2023-04-26 11:30:41 +12:00 |
|
Guy Sartorelli
|
1a5bb4cbec
|
[CVE-2023-22729] Escaped double slash is absolute URL
|
2023-04-26 09:49:59 +12:00 |
|
Guy Sartorelli
|
fd5d8217e8
|
[CVE-2023-22728] Check canView before printing from GridField
|
2023-04-26 09:45:34 +12:00 |
|
Steve Boyd
|
0f40cc38ec
|
FIX Respect searchable_fields
|
2023-03-23 10:57:03 +13:00 |
|
Steve Boyd
|
41bb35f3f3
|
FIX Reduce array method calls
|
2023-03-22 11:06:23 +13:00 |
|
Guy Sartorelli
|
046befc4ba
|
ENH Improve deprecation logging
|
2023-03-06 13:25:44 +13:00 |
|
Guy Sartorelli
|
128b327c6d
|
API Add method to check if env var is set
|
2023-03-06 11:49:22 +13:00 |
|
Guy Sartorelli
|
652281507f
|
FIX Correctly identify deprecated API in withNoReplacement (#10706)
|
2023-02-27 15:25:27 +13:00 |
|
Guy Sartorelli
|
ab566b0a15
|
API Add new deprecation notices. (#10691)
These are removed in CMS 5.
|
2023-02-15 13:26:36 +13:00 |
|
Guy Sartorelli
|
3a14aafc7f
|
API Deprecate Diff in favour of CMS5's HtmlDiff
|
2023-02-08 11:15:28 +13:00 |
|
Steve Boyd
|
b973c88648
|
API Deprecate HTML4Value
|
2023-01-16 15:28:23 +13:00 |
|
Guy Sartorelli
|
0d662ba95f
|
Merge branch '4.12' into 4
|
2022-12-19 01:38:09 +00:00 |
|
Sabina Talipova
|
4e1b99b8c7
|
Merge pull request #10588 from creative-commoners/pulls/4/stop-using-depr
API Stop using deprecated API
|
2022-12-05 16:35:09 +13:00 |
|
Guy Sartorelli
|
8bb712a461
|
Merge branch '4.11' into 4.12-release
|
2022-11-30 10:54:02 +13:00 |
|
Michal Kleiner
|
b107622400
|
FIX Improve rounding logic for storing of long decimal numbers (#10593)
Co-authored-by: Michal Kleiner <michal.kleiner@cub3.com>
|
2022-11-29 15:07:56 +13:00 |
|
Steve Boyd
|
b5533e4680
|
API Stop using deprecated API
|
2022-11-28 19:16:31 +13:00 |
|
Michal Kleiner
|
da06a2d0cf
|
Merge pull request #10577 from creative-commoners/pulls/4/textcollector-class-notation
|
2022-11-25 10:27:59 +13:00 |
|
Steve Boyd
|
20582936d8
|
Merge branch '4.12' into 4
|
2022-11-23 16:42:25 +13:00 |
|
Steve Boyd
|
cb76f312a4
|
Merge branch '4.11' into 4.12-release
|
2022-11-21 13:44:23 +13:00 |
|
Steve Boyd
|
dc98cad48a
|
Merge branch '4.10' into 4.11
|
2022-11-21 13:43:59 +13:00 |
|
Steve Boyd
|
fe13856769
|
[CVE-2022-37429] Sanitise XSS
|
2022-11-21 13:06:40 +13:00 |
|
Guy Sartorelli
|
17f1c7ceed
|
Merge pull request #10585 from creative-commoners/pulls/4.11/cve-2022-37430
Sanitise mixed case javascript
|
2022-11-21 13:03:30 +13:00 |
|
Guy Sartorelli
|
e5b81109de
|
Merge pull request #10584 from creative-commoners/pulls/4.11/cve-2022-38462
Don't allow CRLF in header values
|
2022-11-21 13:02:25 +13:00 |
|
Steve Boyd
|
4308a93cc8
|
[CVE-2022-38148] Validate SortColumn exists
|
2022-11-21 13:01:32 +13:00 |
|
Guy Sartorelli
|
b17b29eea1
|
Merge pull request #10583 from creative-commoners/pulls/4.11/cve-2022-38724-embed-shortcode
Restrict embed shortcode attributes
|
2022-11-21 13:01:23 +13:00 |
|
Sabina Talipova
|
ad116c63e6
|
Merge pull request #10565 from creative-commoners/pulls/4/stop-depr
API Stop using deprecated API
|
2022-11-16 14:26:18 +13:00 |
|
Steve Boyd
|
137ebcebec
|
API Stop using deprecated API
|
2022-11-15 18:20:54 +13:00 |
|
Daniel Hensby
|
c49abf0fcc
|
Merge remote-tracking branch 'upstream/4.11' into 4.12
|
2022-11-11 13:25:54 +00:00 |
|
Guy Sartorelli
|
521c8179b1
|
ENH Correctly parse SomeClass::class syntax in textcollection
|
2022-11-11 11:37:53 +13:00 |
|
Steve Boyd
|
49e637d244
|
MNT Explicitly test with blowfish
|
2022-11-10 11:36:56 +13:00 |
|
Guy Sartorelli
|
ed63beeeee
|
Merge branch '4.11' into 4
|
2022-11-09 10:53:09 +13:00 |
|
Steve Boyd
|
7cfd827776
|
MNT Use restore_error_handler()
|
2022-11-03 16:19:17 +13:00 |
|
Steve Boyd
|
128f78c1cf
|
FIX Filter out E_USER_DEPRECATED unrelated to unit test
|
2022-11-02 11:40:34 +13:00 |
|
Steve Boyd
|
b1dc861aac
|
NEW Record deprecated config
|
2022-10-31 19:00:59 +13:00 |
|
Steve Boyd
|
a3c1cb0ddf
|
ENH Set PasswordEncryption on default admin
|
2022-10-27 13:57:27 +13:00 |
|
Guy Sartorelli
|
168ca00555
|
[CVE-2022-38724] Restrict embed shortcode attributes
|
2022-10-26 09:31:12 +13:00 |
|
Steve Boyd
|
59b980edd7
|
Merge branch '4.11' into 4
|
2022-10-21 11:46:39 +13:00 |
|
Steve Boyd
|
bd2eb15c72
|
FIX Ensure Deprecation works with 1.x branches
|
2022-10-20 13:14:58 +13:00 |
|
Steve Boyd
|
e3a6cad8a8
|
FIX Allow passing objects to InjectionCreator::create()
Co-authored-by: Nate Devereux <nate@daveclark.co.nz>
|
2022-10-19 18:04:48 +13:00 |
|
Guy Sartorelli
|
dd5b39e6b8
|
MNT Don't use deprecated jQuery size() function in behat (#10524)
|
2022-10-06 14:40:57 +13:00 |
|
Christian Bünte
|
e24fb3f86c
|
Fix i18nTextCollector produces corrupt output / namespaces when running under PHP8.0 (#10228)
* FIX i18nTextCollector produces corrupt output / namespaces when running under PHP8.0
|
2022-09-29 13:40:40 +13:00 |
|
Guy Sartorelli
|
421864d111
|
Merge branch '4.11' into 4
|
2022-09-29 09:41:06 +13:00 |
|
Guy Sartorelli
|
4a598ded51
|
FIX Allow removing named extensions in yaml config
|
2022-09-27 13:15:28 +13:00 |
|
Guy Sartorelli
|
d3c28579b7
|
[CVE-2022-38462] Don't allow CRLF in header values
|
2022-09-07 11:22:07 +12:00 |
|
Steve Boyd
|
2b5420ee7d
|
[CVE-2022-37430] Sanitise mixed case javascript
|
2022-08-23 15:36:48 +12:00 |
|
Sergey Shevchenko
|
ebb1601d5d
|
fix: misc suggested changes
* disable resolve_relative_css_refs by default
* variable naming
* using proper path joiner
* test comment typo
|
2022-08-05 15:35:26 +12:00 |
|
Sergey Shevchenko
|
bc9a323418
|
fix: more tests, improved paths detection, readability
|
2022-08-05 15:35:26 +12:00 |
|
Sergey Shevchenko
|
a2906cd02c
|
ENH Requirements_Backend::resolveCSSReferences(): Tests, config, doc, safety.
* Changed to ignore absolute paths altogether
* Improve tests
* Added config flag
* Changed docs
|
2022-08-05 15:35:26 +12:00 |
|