Controller (and subclasses) failed to enforce $allowed_action restrictions
on parent classes if a child class didn't have it explicitly defined.
Controllers which are extended with $allowed_actions (through an Extension)
now deny access to methods defined on the controller, unless this class also has them in its own
$allowed_actions definition.
Controller (and subclasses) failed to enforce $allowed_action restrictions
on parent classes if a child class didn't have it explicitly defined.
Controllers which are extended with $allowed_actions (through an Extension)
now deny access to methods defined on the controller, unless this class also has them in its own
$allowed_actions definition.
Shortcodes have traditionally had a problem that they are inside <p> tags,
but generate block level elements. This breaks HTML compliance.
This makes the shortcode parser now mutate the DOM based on the "class" attribute on
the shortcode to insert the generated block level element at the right place in the DOM
- for "left" and "right" elements it puts them just before the block level
element they are inside
- for "leftAlone" and "center" elements it splits the DOM around the shortcode.
The trade off is that shortcodes are no longer "text level" features. They need
knowledge of the HTML they are in to perform this transformation, so they can
only be used in (valid) HTML
The _ss_environment.php file can now be in any parent folder of the framework (according to realpath())
Removing the description of '3 levels deep' and replaced with explanation of infinite depth.
- Avoid using "if" to check for file existence (use try_files instead)
- Replicate the behavior of the .htaccess files
- TODO: get static error pages to work
- Avoid using "if" to check for file existence (use try_files instead)
- Replicate the behavior of the .htaccess files
- TODO: get static error pages to work
Title in CMS is set using header X-Title. But UTF-8 characters can't be used in HTTP headers. So the title should be encoded just before sending X-Title header and decoded before setting HTML document title (fixes#7942).
