tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity
21,786 Commits 31 Branches 527 Tags 162 MiB
2042d1c6b0
Commit Graph

1705 Commits

Author SHA1 Message Date
Aaron Carlino
2042d1c6b0
MINOR: Allow DevelopmentAdmin to have subclasses (#9702) 2020-09-26 21:21:16 +12:00
Maxime Rainville
cce2b16309 [CVE-2020-6164] Remove/deprecate unused controllers that can potentially give away some information about the underlying project. 2020-07-10 17:57:06 +12:00
Maxime Rainville
8518987cbd [CVE-2019-19326] Stop honouring X-HTTP-Method-Override header, X-Original-Url header and _method POST variable. Add SS_HTTPRequest::setHttpMethod() 2020-07-10 17:56:15 +12:00
Andre Kiste
0ed340faa9
Merge pull request #9584 from open-sausages/pulls/4.5/plain-method-for-chinese-character 
BUG Tweak DBHTMLText::Plain to avoid treating some chinese characters…
 2020-07-09 23:13:12 +12:00
Maxime Rainville
f8360356e0 Merge branch '4.4' into 4.5 2020-07-09 14:28:28 +12:00
Maxime Rainville
b780c4f504 BUG Tweak DBHTMLText::Plain to avoid treating some chinese characters as line breaks. 2020-07-09 13:33:43 +12:00
Maxime Rainville
ec83959f2c API Remove UpgradeBootstrap (not part of our official API) 2020-06-30 21:35:51 +12:00
Aaron Carlino
658ca4deb1 MINOR: Add noindex metatag to debugview 2020-06-25 12:09:28 +12:00
Sam Minnée
eb658e0705
Merge pull request #9528 from silverstripe-terraformers/bugfix/remove-recursive-write-rebased 
Remove recursive write until its fixed [Rebased]
 2020-05-28 17:12:36 +12:00
Adrian Humphreys
d320026375
Remove recursive write until its fixed 2020-05-28 14:34:55 +12:00
Maxime Rainville
42bb28965c Merge branch '4.4' into 4.5 2020-05-26 14:30:27 +12:00
Maxime Rainville
395893b559 Merge branch '4.3' into 4.4 2020-05-26 14:30:02 +12:00
Maxime Rainville
86fcb9e29c Merge branch '4.2' into 4.3 2020-05-26 14:29:16 +12:00
Dan Hensby
13b4d60d4a
Merge branch '4.4' into 4.5 2020-04-27 09:53:42 +01:00
Dan Hensby
85b37999be
Merge branch '4.3' into 4.4 2020-04-27 09:52:52 +01:00
Dan Hensby
e328d6f0d9
Merge branch '4.2' into 4.3 2020-04-27 09:51:24 +01:00
Dan Hensby
33b0b6985a
Update file paths for autoloading compatibility 2020-04-25 10:28:28 +01:00
Dan Hensby
b9f8ab44ac
Rename DBBigint.php for composer autoloading compatability 2020-04-24 23:15:42 +01:00
mattclegg
2169891651
BUGFIX: Ensure realpath returns a string for stripos 
[Deprecated] stripos(): Non-string needles will be interpreted as strings in the future. Use an explicit chr() call to preserve the current behavior
 2020-04-19 11:21:34 +05:45
mattclegg
60e670176a
DOCS: Correct spelling 2020-04-14 15:00:08 +05:45
mattclegg
5585f6633f
DOCS: Update typos 2020-04-14 15:00:08 +05:45
mattclegg
e968f5cb86
DOCS: Remove outdated TODO 2020-04-14 15:00:08 +05:45
Maxime Rainville
14bbaac1cb Merge tag '4.5.3' into 4.5 
Release 4.5.3
 2020-04-14 14:23:57 +12:00
Maxime Rainville
de8fd82c55 Merge branch '4.4' into 4.5 2020-04-14 14:18:18 +12:00
Maxime Rainville
1fe6255f9b Merge tag '4.4.6' into 4.4 
Release 4.4.6
 2020-04-14 14:13:59 +12:00
Serge Latyntcev
9779e42963 BUG Register new sub tasks to fix files affected by CVE-2020-9280 and CVE-2019-12245 2020-04-13 19:43:53 +12:00
Serge Latyntcev
b269d87490 BUG Register new sub tasks to fix files affected by CVE-2020-9280 and CVE-2019-12245 2020-04-13 17:16:57 +12:00
Loz Calver
39fab1974a
Merge pull request #9435 from unclecheese/pulls/4.5/wha-diff 
BUGFIX: Ensure diff arrays are one-dimensional
 2020-04-01 09:16:20 +01:00
Robbie Averill
5002f514b3
FIX Capitalisation fixes in welcome back message (#9439) 2020-03-23 15:54:30 +13:00
Aaron Carlino
7ad5f1bb14 BUGFIX: Ensure diff arrays are one-dimensional 2020-03-17 15:57:28 +13:00
Garion Herman
88660e6435
Merge pull request #9426 from creative-commoners/pulls/4.5/change-atomic-job-title 
DOC Update atomic MigrationTask description
 2020-03-16 15:19:33 +13:00
Steve Boyd
687435a2f1 Merge branch '4.4' into 4.5 2020-03-06 10:52:22 +13:00
Steve Boyd
6d6cc65927 Update description 2020-03-06 09:57:31 +13:00
UndefinedOffset
bba0f2f72f
BUGFIX: Fixed issue where TimeField_Readonly would only show "(not set)" instead of the value 2020-02-24 09:59:00 -04:00
Maxime Rainville
acd7d94167 Merge branch '4.4' into 4.5 2020-02-17 13:07:26 +13:00
Maxime Rainville
49fda52b12
Merge pull request #94 from silverstripe-security/fix/cve-2019-19325 
CVE-2019-1935
 2020-02-17 12:54:40 +13:00
Serge Latyntcev
ad1b00ec7d [CVE-2019-19325] XSS through non-scalar FormField attributes 
Silverstripe Forms allow malicious HTML or JavaScript to be inserted
through non-scalar FormField attributes, which allows performing XSS (Cross-Site Scripting)
on some forms built with user input (Request data). This can lead to phishing attempts
to obtain a user's credentials or other sensitive user input.
There is no known attack vector for extracting user-session information or credentials automatically,
it required a user to fall for the phishing attempt.
XSS can also be used to modify the presentation of content in malicious ways.
 2020-02-17 09:58:29 +13:00
Steve Boyd
9d5c3ef20e Merge branch '4.4' into 4.5 2020-02-11 16:45:15 +13:00
Mojmir Fendek
285e6caafa PR fixes 2020-02-11 10:43:01 +13:00
Mojmir Fendek
448147c2f1 PR fixes 2020-02-10 09:17:34 +13:00
Mojmir Fendek
660f80d284 PR fixes 2020-02-07 13:49:19 +13:00
mnuguid
ca36a47bb1 FIX Update ORM DBField types to use Injector in scaffoldFormField() 
- This is usable in cases where a DBField is needed to be overloaded through the Injector.
 2020-02-04 21:43:47 +13:00
Mojmir Fendek
99786dda22 ORM Column now supports related table lookup 2020-01-28 15:46:30 +13:00
Mojmir Fendek
9c38c5f625 CMS action related extension points (#9340) 
* CMS action related extension points

* Refactor to use fewer extension points

* Remove explicit return type

Co-authored-by: Aaron Carlino <unclecheese@leftandmain.com>
 2020-01-27 15:09:15 +13:00
Robbie Averill
53fcd47dfc Merge branch '4.4' into 4.5 2020-01-16 19:59:42 -08:00
Robbie Averill
26e3b6f4e3 Merge branch '4.3' into 4.4 2020-01-16 19:59:24 -08:00
Robbie Averill
38d7bd700d
Merge pull request #9373 from manja/4.5 
Fixed issue with merging existing entities in text collector
 2020-01-14 09:27:35 -08:00
Martin D
ec6a353543 array_key_exists() on objects is deprecated 
Ref: https://wiki.php.net/rfc/deprecations_php_7_4#array_key_exists_with_objects
 2020-01-14 09:22:49 -08:00
Nemanja Karadzic
18f0829053 Fixed issue with merging existing entities in text collector 2020-01-14 14:20:40 +01:00
Loz Calver
a42249b6fc Minor performance improvement in DatabaseAdapterRegistry::autoconfigure() 2019-12-19 14:39:46 +00:00