Guy Sartorelli
17f1c7ceed
Merge pull request #10585 from creative-commoners/pulls/4.11/cve-2022-37430
...
Sanitise mixed case javascript
2022-11-21 13:03:30 +13:00
Guy Sartorelli
e5b81109de
Merge pull request #10584 from creative-commoners/pulls/4.11/cve-2022-38462
...
Don't allow CRLF in header values
2022-11-21 13:02:25 +13:00
Guy Sartorelli
b17b29eea1
Merge pull request #10583 from creative-commoners/pulls/4.11/cve-2022-38724-embed-shortcode
...
Restrict embed shortcode attributes
2022-11-21 13:01:23 +13:00
Daniel Hensby
bb5b093004
Merge pull request #10578 from MadeHQ/4.11
...
Prevent infinite loop when getting table name for ComponentID
2022-11-10 21:49:03 +00:00
Lee Bradley
78b661dcf6
Prevent infinite loop when getting table name for ComponentID
...
If the field isn't in the first 2 classes then would just continue to loop
Fix means it will continue going to parent classes
Can be seen in the UsedOnTable in `admin` module if you have injected a new `Image` class that extends the built in one
2022-11-10 14:00:29 +00:00
Guy Sartorelli
e53380ce89
Merge pull request #10576 from creative-commoners/pulls/4.11/use-blowfish
...
MNT Explicitly test with blowfish
2022-11-10 17:18:20 +13:00
Steve Boyd
49e637d244
MNT Explicitly test with blowfish
2022-11-10 11:36:56 +13:00
Michal Kleiner
27eb390d2b
Merge pull request #10560 from creative-commoners/pulls/4.11/default-admin-encryption
2022-10-27 14:48:52 +13:00
Steve Boyd
a3c1cb0ddf
ENH Set PasswordEncryption on default admin
2022-10-27 13:57:27 +13:00
Guy Sartorelli
168ca00555
[CVE-2022-38724] Restrict embed shortcode attributes
2022-10-26 09:31:12 +13:00
Michal Kleiner
0c207c3079
Merge pull request #10555 from creative-commoners/pulls/4.11/inject-objects
2022-10-19 21:07:48 +13:00
Steve Boyd
e3a6cad8a8
FIX Allow passing objects to InjectionCreator::create()
...
Co-authored-by: Nate Devereux <nate@daveclark.co.nz>
2022-10-19 18:04:48 +13:00
Guy Sartorelli
0b80643210
Merge pull request #10522 from creative-commoners/pulls/4.11/backport-textcollector-fix
...
Fix i18nTextCollector produces corrupt output / namespaces when runni…
2022-09-29 14:42:39 +13:00
Christian Bünte
e24fb3f86c
Fix i18nTextCollector produces corrupt output / namespaces when running under PHP8.0 ( #10228 )
...
* FIX i18nTextCollector produces corrupt output / namespaces when running under PHP8.0
2022-09-29 13:40:40 +13:00
Guy Sartorelli
b36c987eef
Merge pull request #10519 from lekoala/patch-30
...
request may not have a session
2022-09-29 09:05:12 +13:00
Thomas Portelange
54892fa267
request may not have a session
...
see https://github.com/silverstripe/silverstripe-framework/pull/10512
2022-09-28 10:44:13 +02:00
Michal Kleiner
b80309093c
Merge pull request #10516 from creative-commoners/pulls/4.11/override-named-extension
2022-09-27 23:43:52 +13:00
Guy Sartorelli
4a598ded51
FIX Allow removing named extensions in yaml config
2022-09-27 13:15:28 +13:00
Guy Sartorelli
7e9ced0824
Merge pull request #10470 from creative-commoners/pulls/4.11/case-insensitive-casting
...
FIX Normalise casing before casting fields
2022-09-08 12:45:09 +12:00
Guy Sartorelli
d3c28579b7
[CVE-2022-38462] Don't allow CRLF in header values
2022-09-07 11:22:07 +12:00
Guy Sartorelli
6d885ab894
FIX Normalise casing before casting fields
2022-08-25 17:36:06 +12:00
Steve Boyd
2b5420ee7d
[CVE-2022-37430] Sanitise mixed case javascript
2022-08-23 15:36:48 +12:00
Guy Sartorelli
a7c8ce8d0c
Merge pull request #10432 from creative-commoners/pulls/4.11/remove-travis
...
MNT Remove travis
2022-08-03 12:29:56 +12:00
Steve Boyd
befc202dec
MNT Remove travis
2022-08-03 12:07:37 +12:00
Steve Boyd
fc029b96ed
Merge branch '4.10' into 4.11
2022-08-02 18:24:24 +12:00
Guy Sartorelli
55b23d0c9f
Merge pull request #10429 from creative-commoners/pulls/4.10/standardise-modules
...
MNT Standardise modules
2022-08-02 15:00:00 +12:00
Guy Sartorelli
051e74a289
Merge pull request #10430 from kinglozzer/backtrace
...
FIX: Invalid argument warning in backtrace
2022-08-01 20:42:47 +12:00
Loz Calver
6b15bd6dd4
FIX: Invalid argument warning in backtrace
2022-08-01 09:08:52 +01:00
Steve Boyd
44b2058fbc
MNT Standardise modules
2022-08-01 10:05:19 +12:00
Steve Boyd
b24c289892
Merge branch '4.10' into 4.11
2022-07-28 14:05:07 +12:00
Guy Sartorelli
dcadb9acb1
Merge pull request #10426 from creative-commoners/pulls/4.10/mb3
...
MNT Update Utf8TestHelper for MySQL 8.0.30
2022-07-28 13:52:17 +12:00
Steve Boyd
bdf7d09144
MNT Update Utf8TestHelper for MySQL 8.0.30
2022-07-28 13:21:23 +12:00
Guy Sartorelli
0a58a443f3
Merge pull request #10422 from creative-commoners/pulls/4.11/revert-skiptest
...
MNT No longer mark tests as skipped if running mysql 8
2022-07-26 15:58:11 +12:00
Steve Boyd
ce46e2da47
MNT No longer mark tests as skipped if running mysql 8
2022-07-26 13:54:10 +12:00
Guy Sartorelli
92d8180c69
Merge pull request #10420 from creative-commoners/pulls/4.11/ignore-test
...
MNT Skip test if Page class missing
2022-07-25 17:06:48 +12:00
Steve Boyd
24daf3ae83
MNT Skip test if Page class missing
2022-07-25 16:35:28 +12:00
Steve Boyd
f6693d4ea5
Merge branch '4.10' into 4.11
2022-07-22 11:20:22 +12:00
Guy Sartorelli
5a91cfca8a
Merge pull request #10416 from creative-commoners/pulls/4.10/backport-ci
...
MNT Add GitHub Actions CI
2022-07-22 11:18:17 +12:00
Steve Boyd
5eb8d3e25f
MNT Skip test in MySQL8
2022-07-22 11:16:32 +12:00
Steve Boyd
dd210e0f84
FIX Check if blank method passed ( #10417 )
2022-07-21 15:49:48 +12:00
Steve Boyd
674e6d9b7b
MNT Update utf8 aliases for mysql 8 and mariadb 10.6
2022-07-21 15:19:16 +12:00
Steve Boyd
9db1cd056e
MNT Add GitHub Actions CI
2022-07-21 14:44:02 +12:00
Steve Boyd
c0e8a21acf
Merge branch '4.10' into 4.11
2022-07-08 17:13:03 +12:00
Guy Sartorelli
cc3ec577ed
MNT Remove scrutinizer config. ( #10396 )
2022-07-08 16:44:50 +12:00
Guy Sartorelli
3cad03357a
Merge pull request #10384 from creative-commoners/pulls/4.11/remove-wrong-message
...
FIX Unexpected message issue
2022-07-08 13:20:11 +12:00
Michal Kleiner
f2abba8e9e
Merge pull request #10387 from kinglozzer/10386-form-attributes
...
FIX Add missing casting for Form::getAttributesHTML (fixes #10386 )
2022-07-05 01:39:35 +12:00
Loz Calver
9b45342a06
FIX: Add missing casting for Form::getAttributesHTML ( fixes #10386 )
2022-07-04 12:24:58 +01:00
Steve Boyd
55c3e24a50
Merge branch '4.10' into 4.11
2022-07-04 21:02:23 +12:00
Guy Sartorelli
8a314a90e7
Merge pull request #10385 from silverstripe/pulls/4.10/pdo
...
FIX PDO in PHP 8
2022-07-04 18:24:10 +12:00
Sabina Talipova
babc811381
FIX Remove unexpected message
2022-07-04 16:05:57 +12:00