tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-28 07:29:26 +02:00
Code Issues Projects Releases Wiki Activity
23,293 Commits 29 Branches 516 Tags 147 MiB
01808a8316
Commit Graph

1053 Commits

Author SHA1 Message Date
Guy Sartorelli
01808a8316
FIX Don't assume searchableFields() exists in gridfield filter 2023-05-09 10:00:07 +12:00
Guy Sartorelli
908b6f2006
Merge branch '4.12' into 4.13 2023-04-26 11:44:54 +12:00
Sabina Talipova
c2733a3108
Merge pull request #10760 from creative-commoners/pulls/4.12/absoluteurl-parsing 
Escaped double slash is absolute URL
 2023-04-26 11:30:41 +12:00
Guy Sartorelli
1a5bb4cbec
[CVE-2023-22729] Escaped double slash is absolute URL 2023-04-26 09:49:59 +12:00
Guy Sartorelli
fd5d8217e8
[CVE-2023-22728] Check canView before printing from GridField 2023-04-26 09:45:34 +12:00
Steve Boyd
0f40cc38ec FIX Respect searchable_fields 2023-03-23 10:57:03 +13:00
Steve Boyd
41bb35f3f3 FIX Reduce array method calls 2023-03-22 11:06:23 +13:00
Guy Sartorelli
046befc4ba
ENH Improve deprecation logging 2023-03-06 13:25:44 +13:00
Guy Sartorelli
128b327c6d
API Add method to check if env var is set 2023-03-06 11:49:22 +13:00
Guy Sartorelli
652281507f
FIX Correctly identify deprecated API in withNoReplacement (#10706) 2023-02-27 15:25:27 +13:00
Guy Sartorelli
ab566b0a15
API Add new deprecation notices. (#10691) 
These are removed in CMS 5.
 2023-02-15 13:26:36 +13:00
Guy Sartorelli
3a14aafc7f
API Deprecate Diff in favour of CMS5's HtmlDiff 2023-02-08 11:15:28 +13:00
Steve Boyd
b973c88648 API Deprecate HTML4Value 2023-01-16 15:28:23 +13:00
Guy Sartorelli
0d662ba95f
Merge branch '4.12' into 4 2022-12-19 01:38:09 +00:00
Sabina Talipova
4e1b99b8c7
Merge pull request #10588 from creative-commoners/pulls/4/stop-using-depr 
API Stop using deprecated API
 2022-12-05 16:35:09 +13:00
Guy Sartorelli
8bb712a461
Merge branch '4.11' into 4.12-release 2022-11-30 10:54:02 +13:00
Michal Kleiner
b107622400
FIX Improve rounding logic for storing of long decimal numbers (#10593) 
Co-authored-by: Michal Kleiner <michal.kleiner@cub3.com>
 2022-11-29 15:07:56 +13:00
Steve Boyd
b5533e4680 API Stop using deprecated API 2022-11-28 19:16:31 +13:00
Michal Kleiner
da06a2d0cf
Merge pull request #10577 from creative-commoners/pulls/4/textcollector-class-notation 2022-11-25 10:27:59 +13:00
Steve Boyd
20582936d8 Merge branch '4.12' into 4 2022-11-23 16:42:25 +13:00
Steve Boyd
cb76f312a4 Merge branch '4.11' into 4.12-release 2022-11-21 13:44:23 +13:00
Steve Boyd
dc98cad48a Merge branch '4.10' into 4.11 2022-11-21 13:43:59 +13:00
Steve Boyd
fe13856769 [CVE-2022-37429] Sanitise XSS 2022-11-21 13:06:40 +13:00
Guy Sartorelli
17f1c7ceed
Merge pull request #10585 from creative-commoners/pulls/4.11/cve-2022-37430 
Sanitise mixed case javascript
 2022-11-21 13:03:30 +13:00
Guy Sartorelli
e5b81109de
Merge pull request #10584 from creative-commoners/pulls/4.11/cve-2022-38462 
Don't allow CRLF in header values
 2022-11-21 13:02:25 +13:00
Steve Boyd
4308a93cc8 [CVE-2022-38148] Validate SortColumn exists 2022-11-21 13:01:32 +13:00
Guy Sartorelli
b17b29eea1
Merge pull request #10583 from creative-commoners/pulls/4.11/cve-2022-38724-embed-shortcode 
Restrict embed shortcode attributes
 2022-11-21 13:01:23 +13:00
Sabina Talipova
ad116c63e6
Merge pull request #10565 from creative-commoners/pulls/4/stop-depr 
API Stop using deprecated API
 2022-11-16 14:26:18 +13:00
Steve Boyd
137ebcebec API Stop using deprecated API 2022-11-15 18:20:54 +13:00
Daniel Hensby
c49abf0fcc
Merge remote-tracking branch 'upstream/4.11' into 4.12 2022-11-11 13:25:54 +00:00
Guy Sartorelli
521c8179b1
ENH Correctly parse SomeClass::class syntax in textcollection 2022-11-11 11:37:53 +13:00
Steve Boyd
49e637d244 MNT Explicitly test with blowfish 2022-11-10 11:36:56 +13:00
Guy Sartorelli
ed63beeeee
Merge branch '4.11' into 4 2022-11-09 10:53:09 +13:00
Steve Boyd
7cfd827776 MNT Use restore_error_handler() 2022-11-03 16:19:17 +13:00
Steve Boyd
128f78c1cf FIX Filter out E_USER_DEPRECATED unrelated to unit test 2022-11-02 11:40:34 +13:00
Steve Boyd
b1dc861aac NEW Record deprecated config 2022-10-31 19:00:59 +13:00
Steve Boyd
a3c1cb0ddf
ENH Set PasswordEncryption on default admin 2022-10-27 13:57:27 +13:00
Guy Sartorelli
168ca00555
[CVE-2022-38724] Restrict embed shortcode attributes 2022-10-26 09:31:12 +13:00
Steve Boyd
59b980edd7 Merge branch '4.11' into 4 2022-10-21 11:46:39 +13:00
Steve Boyd
bd2eb15c72 FIX Ensure Deprecation works with 1.x branches 2022-10-20 13:14:58 +13:00
Steve Boyd
e3a6cad8a8 FIX Allow passing objects to InjectionCreator::create() 
Co-authored-by: Nate Devereux <nate@daveclark.co.nz>
 2022-10-19 18:04:48 +13:00
Christian Bünte
e24fb3f86c
Fix i18nTextCollector produces corrupt output / namespaces when running under PHP8.0 (#10228) 
* FIX i18nTextCollector produces corrupt output / namespaces when running under PHP8.0
 2022-09-29 13:40:40 +13:00
Guy Sartorelli
421864d111
Merge branch '4.11' into 4 2022-09-29 09:41:06 +13:00
Guy Sartorelli
4a598ded51
FIX Allow removing named extensions in yaml config 2022-09-27 13:15:28 +13:00
Guy Sartorelli
d3c28579b7
[CVE-2022-38462] Don't allow CRLF in header values 2022-09-07 11:22:07 +12:00
Steve Boyd
2b5420ee7d [CVE-2022-37430] Sanitise mixed case javascript 2022-08-23 15:36:48 +12:00
Sergey Shevchenko
ebb1601d5d fix: misc suggested changes 
* disable resolve_relative_css_refs by default
* variable naming
* using proper path joiner
* test comment typo
 2022-08-05 15:35:26 +12:00
Sergey Shevchenko
bc9a323418 fix: more tests, improved paths detection, readability 2022-08-05 15:35:26 +12:00
Sergey Shevchenko
a2906cd02c ENH Requirements_Backend::resolveCSSReferences(): Tests, config, doc, safety. 
* Changed to ignore absolute paths altogether
* Improve tests
* Added config flag
* Changed docs
 2022-08-05 15:35:26 +12:00
Sergey Shevchenko
8370ffc2a0 ENH Test for Requirements_Backend::resolveCSSReferences() 2022-08-05 15:35:26 +12:00