Commit Graph

15265 Commits

Author SHA1 Message Date
Loz Calver
0d89a13c2d FIX: GridFieldDetailForm failing to save many_many relations 2015-09-22 14:46:57 +01:00
Damian Mooyman
a13d7e2b53 Merge pull request #4616 from spekulatius/patch-1
Update 01_Extensions.md
2015-09-21 10:40:13 +12:00
Peter Thaleikis
7ca97cd86d Update 01_Extensions.md
adding missing space
2015-09-20 15:15:54 +12:00
Damian Mooyman
c2a407a01b Add note to changelog 2015-09-18 14:51:04 +12:00
Damian Mooyman
b12bdb754b Added 3.1.15 changelog 2015-09-18 14:21:20 +12:00
Damian Mooyman
7f71a2ccfe Update translations 2015-09-18 14:21:20 +12:00
johndalangin
23d0f51592 Added cookie_secure configuration directive
Seeing that cookie_secure is not yet added to the documentation, I took the liberty to add it myself.

Thanks and hope this helps!
2015-09-17 15:53:58 +08:00
Damian Mooyman
e64d73c1f7 BUG Fix ClassInfo::table_for_object_field 2015-09-17 18:31:46 +12:00
Will Morgan
6261b7eb53 Merge pull request #4595 from kinglozzer/pulls/uploadfield-file-link-fix
FIX: Editing existing file links in HtmlEditorField was broken
2015-09-16 10:33:40 +01:00
Damian Mooyman
c4710b2272 Merge remote-tracking branch 'origin/3.1' into 3.2
Conflicts:
	admin/code/GroupImportForm.php
	admin/code/MemberImportForm.php
	tests/model/DataListTest.php
2015-09-15 13:18:47 +12:00
Damian Mooyman
8ddb4c7ffe Merge remote-tracking branch 'origin/3.1.14' into 3.1 2015-09-15 11:07:14 +12:00
Damian Mooyman
00caeb700d Added 3.1.14 changelog
Update translations
2015-09-15 10:58:15 +12:00
Damian Mooyman
b7f3095098 Merge pull request #4602 from SpiritLevel/patch-2
FIX: #103 in silverstripe-installer
2015-09-14 15:06:36 +12:00
David Alexander
81ca74bc30 FIX: #103
See also #58
2015-09-14 13:41:32 +12:00
Damian Mooyman
6699f65b3f Merge pull request #4594 from kinglozzer/uploadfield-attach-nonexistent
FIX: UploadField error when attempting to attach non-existent file IDs
2015-09-11 16:33:42 +12:00
Loz Calver
6056e9cb1b FIX: Editing existing file links in HtmlEditorField was broken 2015-09-10 09:57:50 +01:00
Ingo Schommer
f935f2f25e Merge pull request #3 from silverstripe-security/fixes/ss-2015-020
[ss-2015-020]: Prevent possible Privilege escalation
2015-09-10 16:51:13 +12:00
Damian Mooyman
7367cf54c4 [ss-2015-020]: Prevent possible Privilege escalation 2015-09-10 13:01:24 +12:00
Damian Mooyman
45b22c788e BUG Fix missing framework/admin/tests 2015-09-10 11:06:15 +12:00
Loz Calver
06cc18526a FIX: UploadField error when attempting to attach non-existent file IDs 2015-09-09 09:24:56 +01:00
Damian Mooyman
6ad277c412 Fix merge regressions 2015-09-09 16:12:12 +12:00
Damian Mooyman
309ac0d196 Merge remote-tracking branch 'origin/3.1' into 3.2
Conflicts:
	.travis.yml
	admin/code/CMSProfileController.php
	admin/tests/LeftAndMainTest.php
	control/HTTP.php
	security/Permission.php
	tests/forms/FormTest.php
	tests/model/ArrayListTest.php
	tests/security/PermissionTest.php
2015-09-09 14:35:29 +12:00
Ingo Schommer
4c73721bab Merge pull request #1 from silverstripe-security/fixes/ss-2015-016
[ss-2015-016]: Fix XSS in install.php
2015-09-09 09:48:56 +12:00
Daniel Hensby
00385792c5 Merge pull request #4588 from tractorcow/fix/3.1/admin-tests
BUG Fix missing framework/admin/tests
2015-09-08 09:57:53 +01:00
Christopher Pitt
751d77386c Merge pull request #2 from silverstripe-security/fixes/ss-2015-015
[ss-2015-015]: Fix insecure returnURL in DatabaseAdmin
2015-09-08 10:53:59 +12:00
Damian Mooyman
d8fd64c3e2 [ss-2015-016]: Fix XSS in install.php 2015-09-08 10:08:28 +12:00
Damian Mooyman
7192932022 [ss-2015-015]: Fix insecure returnURL in DatabaseAdmin 2015-09-08 09:48:09 +12:00
Loz Calver
b87c2ae78d Merge pull request #4589 from johndalangin/patch-3
Typo Correction
2015-09-07 10:56:27 +01:00
johndalangin
1b661c9f17 Typo Correction 2015-09-07 17:08:49 +08:00
Loz Calver
d0b53b5135 Merge pull request #4585 from javabrett/patch-1
Update 02_Composer.md
2015-09-07 09:23:08 +01:00
Damian Mooyman
96d20bc180 BUG Fix missing framework/admin/tests 2015-09-07 18:04:56 +12:00
Brett Randall
e0b0c17685 Update 02_Composer.md
Fixed typo, "in to thier" -> "into their".
2015-09-05 13:50:57 +10:00
Loz Calver
40619be0e6 Merge pull request #4579 from schellmax/patch-1
fixed typo in shortcode docs
2015-09-03 14:58:15 +01:00
Matthias Schelling
f43c528a0d fixed typo in shortcode docs 2015-09-03 14:46:42 +02:00
Damian Mooyman
83f276fa3f Merge pull request #4575 from powtac/patch-1
Typo
2015-09-03 13:51:00 +12:00
Simon Brüchner
9416c31805 Typo 2015-09-02 15:51:04 +02:00
Damian Mooyman
92f9af1984 Update translations 2015-09-02 11:15:53 +12:00
Damian Mooyman
ed401176f9 Added 3.1.14-rc1 changelog 2015-09-02 11:04:21 +12:00
Damian Mooyman
b390f463ea Merge pull request #4566 from chillu/pulls/pragma-docs
Clarify use of HTTP Pragma response header
2015-09-02 09:27:41 +12:00
Will Morgan
17e97babf1 Merge pull request #4549 from kinglozzer/pulls/recursion-arraylist-sort
FIX: Recursion errors when sorting objects with circular dependencies (fixes #4464)
2015-09-01 16:42:17 +01:00
Loz Calver
0943b3b1a0 FIX: Recursion errors when sorting objects with circular dependencies (fixes #4464) 2015-09-01 09:37:06 +01:00
Ingo Schommer
d66dd05458 Merge pull request #4565 from tractorcow/pulls/3.2/fix-numeric
BUG Remove html5 number field due to insufficient localisation support
2015-09-01 13:18:06 +12:00
Damian Mooyman
e86b45bf5d BUG Remove html5 number field due to insufficient localisation support 2015-09-01 12:23:35 +12:00
Ingo Schommer
dc650e3cf1 Clarify use of HTTP Pragma response header
The HTTP Pragma header is obsolete for HTTP 1.1,
and technically only defined for a HTTP request (not response).
Refer to https://www.mnot.net/cache_docs/#PRAGMA
,http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.32.
It is superseded by the "Cache-Control" directive.

See HTTP 1.1 spec at https://tools.ietf.org/html/rfc7234#section-5.4:
'Because the meaning of "Pragma: no-cache" in responses is
not specified, it does not provide a reliable replacement for
"Cache-Control: no-cache" in them.'

Sending a "Pragma: nocache" response header is a prudent
backwards compatibility measure for HTTP 1.0 clients.
The intended behaviour is for the majority clients as well as any
intermediary proxies to ignore this header.

Sending an empty Pragma is a known hack
for preventing PHP from adding "Pragma: nocache" to responses
with started sessions (see http://php.net/session_cache_limiter),
since PHP does not allow unsetting existing header() calls.
2015-09-01 11:45:30 +12:00
Damian Mooyman
843e54509a Merge pull request #4475 from JeroenDeDauw/rm-unused-vars
Remove unused local vars
2015-09-01 11:42:16 +12:00
Damian Mooyman
3f181d1ce1 Merge pull request #4545 from JorisDebonnet/patch-1
Correct link to previous changelog
2015-08-31 10:20:19 +12:00
Ingo Schommer
bba1be3cd0 Merge pull request #4558 from sminnee/simplify-build-matrix-31
MINOR: Simplify build matrix for 3.x builds.
2015-08-31 10:18:00 +12:00
Daniel Hensby
ea757e72a6 Merge pull request #4560 from willmorgan/bugfixes/localstorage-win81-ie11
Fix localStorage for Windows 8.1 IE11 desktop mode
2015-08-29 21:15:19 +01:00
James Bolitho
0cb98bcce2 Fix localStorage for Windows 8.1 IE11 desktop mode
In IE11 windows 8 call to window.localStorage was throwing out an access denied error.  Using try and catch manages the issue and allows the script to execute in IE 11 in desktop mode.

I think it is a problem with IE11 rather than the way Silverstripe is implementing the preview via an iframe from what I have been reading. http://blogs.msdn.com/b/ieinternals/archive/2009/09/16/bugs-in-ie8-support-for-html5-postmessage-sessionstorage-and-localstorage.aspx.  It seems that the way IE11 deals with localStorage is broken in certain cases but I am not 100% certain of the cause yet as I have not been able to find a definitive answer.  I only noticed it was a problem when a new client said they couldn't view the admin screen properly in IE11.  I took a look in IE11 and I was experiencing the same problem which makes the admin interface layout screw up and the preview doesn't work due the error mentioned in the first post.

Instead of the original code I submitted I have amended it and added an additional function to test more robustly to see if localStorage is available and can be accessed properly.  It is a copy of the code on a blog post Mathias Bynens has written about detecting if localStorage is available and can be used: https://mathiasbynens.be/notes/localstorage-pattern

I have added a console.warn as you suggested if localStorage is not available so that at least you get a warning if localStorage tests fail.

I have tested this on Windows 8.1: Firefox, Chrome & Mac: Firefox, Safari, Chrome and it seems to work as expected.  On IE11 it displays the admin area correctly now but obviously doesn't save the preview settings between page loads if localStorage is not available.
2015-08-29 15:54:14 +01:00
Sam Minnee
ab44f5ef47 MINOR: Simplify build matrix for 3.x builds.
This is a companion to https://github.com/silverstripe/silverstripe-framework/pull/4556
but targeted at the build needs of SilverStripe 3.x. Commit into 3.1 and
then the merge forward into 3.2 and 3.
2015-08-29 15:50:49 +12:00