tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity
18,416 Commits 31 Branches 527 Tags
Commit Graph

2221 Commits

Author SHA1 Message Date
Damian Mooyman
738f50c497
Upgrading notes on mysite/_config.php 2017-06-22 11:49:19 +12:00
Damian Mooyman
6279d28e5e
Update developer documentation 2017-06-22 11:43:28 +12:00
Damian Mooyman
e2c4a18f63
More documentation 
Fix up remaining tests
Refactor temp DB into TempDatabase class so it’s available outside of unit tests.
 2017-06-21 16:29:03 +12:00
Damian Mooyman
d88d4ed4e4 API Refactor AppKernel into CoreKernel 2017-06-20 17:05:46 +12:00
Damian Mooyman
f7946aec33 Docs and minor cleanup 2017-06-20 17:05:46 +12:00
Damian Mooyman
12bd31f936 API Remove OutputMiddleware 
API Move environment / global / ini management into Environment class
API Move getTempFolder into TempFolder class
API Implement HTTPRequestBuilder / CLIRequestBuilder
BUG Restore SS_ALLOWED_HOSTS check in original location
API CoreKernel now requires $basePath to be passed in
API Refactor installer.php to use application to bootstrap
API move memstring conversion globals to Convert
BUG Fix error in CoreKernel nesting not un-nesting itself properly.
 2017-06-20 17:05:46 +12:00
Damian Mooyman
c66d433977 API Refactor SapphireTest state management into SapphireTestState 
API Remove Injector::unregisterAllObjects()
API Remove FakeController
 2017-06-20 16:53:39 +12:00
Damian Mooyman
de079c041d API Implement APP object 
API Refactor of Session
 2017-06-20 16:43:49 +12:00
Chris Joe
102eaed36c Merge pull request #6722 from open-sausages/pulls/4.0/requirements-html-cleanup 
Better HTML generation behaviour for Requirements_Backend
 2017-06-16 13:52:06 +12:00
Damian Mooyman
dd4eb6ce44 Merge pull request #6960 from open-sausages/pulls/4.0/security-process-docs 
Internal security process docs
 2017-06-16 13:50:58 +12:00
Damian Mooyman
64e802f795
API Move createTag to HTML class 
ENHANCEMENT Better HTML generation behaviour for Requirements_Backend
 2017-06-16 12:22:05 +12:00
Damian Mooyman
62d095305b
API Update DefaultAdmin services 
API Improve validation of authentication process
 2017-06-15 15:53:57 +12:00
Simon Erkelens
2b26cafcff Separate out the log-out handling. 
Repairing tests and regressions
Consistently use `Security::getCurrentUser()` and `Security::setCurrentUser()`
Fix for the logout handler to properly logout, some minor wording updates
Remove the login hashes for the member when logging out.
BasicAuth to use `HTTPRequest`
 2017-06-07 21:11:58 +12:00
Antony Thorpe
6348f2e3e8 Updated Form.php & 04_Form_Security.md 
Changed the `strictFormMethodCheck` protected property from false to true to step out on the front foot with this security setting.  In the documentation under the title [Cross-Site Request Forgery](https://github.com/silverstripe/silverstripe-framework/blob/master/docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md#cross-site-request-forgery-csrf) it states, "it is also recommended to limit form submissions to the intended HTTP verb (mostly GET or POST) through [api:Form::setStrictFormMethodCheck()]."  The same advice is noted in [Form Security](c2292a4cc1/docs/en/02_Developer_Guides/03_Forms/04_Form_Security.md (strict-form-submission)).

Why not make this the default behaviour?  Is there a scenario where this would cause a problem?  Have manually tested in the CMS (alpha7) and is working fine.

Note: Original commit that establised the API Form::setStrictFormMethodCheck is 14c59be8.
 2017-06-06 21:10:49 +12:00
Ingo Schommer
b137e91998 Internal security process docs 2017-06-02 11:30:12 +12:00
Ed Linklater
f007fca51f Docs: Correct Stevie's name on committers page 2017-05-31 12:27:06 +12:00
Damian Mooyman
e7d87add9f API Remove legacy HTMLEditor classes 2017-05-30 11:01:28 +12:00
Nick
318b0248b7 Update 05_Dataobject_Relationship_Management.md 
Correct a naffed up code block and a typo
 2017-05-29 20:54:50 +12:00
Aaron Carlino
06615e3d76 Resample doc images for react di 2017-05-26 11:08:07 +12:00
Chris Joe
5ec8d40c19 Merge pull request #6957 from open-sausages/pulls/4/react-di-documentation 
Docs for React DI
 2017-05-26 10:59:42 +12:00
Daniel Hensby
893f19a5ea
DOCS Updating index definition examples 2017-05-25 23:29:12 +01:00
Aaron Carlino
bfc373cf0f update docs with new api 2017-05-25 16:34:32 +12:00
Aaron Carlino
75981989b0 Docs for React DI 2017-05-25 14:58:55 +12:00
Christopher Joe
e327bf3c70 Enhancement add contribution notes about releasing to NPM 2017-05-24 17:07:05 +12:00
Damian Mooyman
fba8e2c245 API Remove Object class 
API DataObjectSchema::manyManyComponent() return array is now associative array
 2017-05-23 13:50:35 +12:00
Damian Mooyman
2aa3b5d5fa Merge pull request #6934 from robbieaverill/pulls/4.0/consistent-instance-method 
API Consistent use of inst() naming across framework
 2017-05-22 11:57:20 +12:00
Damian Mooyman
4197090e11 Merge pull request #6940 from kinglozzer/randomgenerator 
Only use random_bytes() for RandomGenerator (closes #6397)
 2017-05-22 10:29:55 +12:00
Loz Calver
e653e90997 Only use random_bytes() for RandomGenerator (closes #6397) 2017-05-19 11:18:56 +01:00
Robbie Averill
f2cbe86f03 Remove CustomMethods::createMethod and create_function implementations, replace with closures 2017-05-19 15:56:44 +12:00
Robbie Averill
ad43a82923 API Consistent use of inst() naming across framework 2017-05-19 14:38:06 +12:00
Ingo Schommer
100048da33 API PSR-11 compliance (fixes #6594) (#6931) 
Note that our usage of `$asSingleton` in `get()` is fine. Quote from the PSR:

> Two successive calls to get with the same identifier SHOULD return the same value. However, depending on the implementor design and/or user configuration, different values might be returned, so user SHOULD NOT rely on getting the same value on 2 successive calls.
 2017-05-19 13:45:07 +12:00
Loz Calver
471166c15e Merge pull request #6169 from open-sausages/pulls/4.0/duplicate-manymany-option 
API Duplication of many_many relationships now defaults to many_many only
 2017-05-17 09:31:09 +01:00
Damian Mooyman
f5f6fdce12
API Duplication of many_many relationships now defaults to many_many only 
Fixes https://github.com/silverstripe/silverstripe-cms/issues/1453
 2017-05-16 23:26:39 +12:00
Colm McBarron
8666d4abb2 Update YAML format to use namespace 2017-05-16 11:49:39 +01:00
Damian Mooyman
259f957ce8 API Rename services to match FQN of interface / classes 2017-05-16 14:15:49 +12:00
Damian Mooyman
0b70b008b3 API Implement InheritedPermission calculator (#6877) 
* API Implement InheritedPermission calculator

* API Rename RootPermissions to DefaultPermissionChecker
API Refactor inherited permission fields into InheritedPermissionExtension
API Introduce PermissionChecker interface
 2017-05-11 21:07:27 +12:00
Aaron Carlino
7fa47e234f New API for minified files using injectable service 2017-05-11 10:14:16 +12:00
Ingo Schommer
da3236b0e7 Merge pull request #6887 from open-sausages/pulls/4.0/docs-calendar-year-format 
Doc dateformats with calendar year
 2017-05-09 23:07:25 +12:00
Sam Minnée
33119a1f36 Merge branch 'master' into pulls/4.0/remove-deprecated-methods 2017-05-09 15:31:53 +12:00
Ingo Schommer
7c2f49d443 API Removed RootURLController:set_default_homepage_link() 2017-05-09 11:38:35 +12:00
Ingo Schommer
cec983b628 API Removed deprecated ModelAsController::find_old_page() 2017-05-09 11:38:35 +12:00
Ingo Schommer
5784a7d2d7 API Removed deprecated Security::set_login_recording() 2017-05-09 11:38:35 +12:00
Ingo Schommer
2a7c76e9e9 API Removed deprecated DatabaseAdmin#clearAllData() 2017-05-09 11:38:35 +12:00
Ingo Schommer
81e5c7ac40 API Removed deprecated Session::set_config() 2017-05-09 11:38:35 +12:00
Ingo Schommer
1d438d3fb5 API Remove deprecated FormAction::createTag() 2017-05-09 11:38:35 +12:00
Ingo Schommer
0d9b383631 API Removed legacy form fields (fixes #6099) 2017-05-09 11:16:41 +12:00
Ingo Schommer
20e57e9dec Doc dateformats with calendar year 
https://github.com/silverstripe/silverstripe-framework/issues/3749
http://stackoverflow.com/questions/1978051/zend-datetostring-outputs-the-wrong-year-bug-in-my-code-or-zend-date
https://en.wikipedia.org/wiki/ISO_week_date#Disadvantages
 2017-05-08 22:08:14 +12:00
Damian Mooyman
942c0257b7 API Upgrade to behat 3 2017-05-05 14:32:07 +12:00
Damian Mooyman
edcb46bd3a Merge pull request #6836 from sminnee/cli-error-fix 
FIX: Show detailed errors on CLI for live environments
 2017-05-03 15:49:09 +12:00
Aaron Carlino
dd7777321f Added 4.0.0-alpha7 changelog 2017-05-02 13:16:17 +12:00