Daniel Hensby
1fb574a5bd
NEW: Variadic URL parameter matches for url_handlers ( #9438 )
...
* Add wildcard URL parameter matches for url_handlers
* Extra tests for wildcard parameters
* Add a PHP warning if more params appear after wildcard param
2020-03-25 09:16:13 +13:00
Robbie Averill
b6512edec8
Merge pull request #9434 from mattclegg/bugfix--silverstripe-admin--requirements
...
[BUGFIX] silverstripe/admin is not required to be installed
2020-03-16 09:48:39 -07:00
mattclegg
06dab6b539
[BUGFIX] silverstripe/admin is not required to be installed
...
If the silverstripe/admin module is not installed then the javascript/css requirements fail to load
2020-03-16 18:54:01 +05:45
Ramon Lapenta
9c7eac481e
Add "option" to list elements that belong to "listbox"
...
The accessibility attribute `role="listbox"` requires its immediate children to be set as `role="option"`, currently they don't have this option and accessibility tests are failing.
2020-03-10 11:10:04 -06:00
Steve Boyd
667495eaf9
Merge branch '4.5' into 4
2020-03-06 10:53:28 +13:00
Steve Boyd
687435a2f1
Merge branch '4.4' into 4.5
2020-03-06 10:52:22 +13:00
UndefinedOffset
bba0f2f72f
BUGFIX: Fixed issue where TimeField_Readonly would only show "(not set)" instead of the value
2020-02-24 09:59:00 -04:00
Maxime Rainville
affd43052a
Merge branch '4.5' into 4
2020-02-17 18:11:23 +13:00
Maxime Rainville
acd7d94167
Merge branch '4.4' into 4.5
2020-02-17 13:07:26 +13:00
Maxime Rainville
49fda52b12
Merge pull request #94 from silverstripe-security/fix/cve-2019-19325
...
CVE-2019-1935
2020-02-17 12:54:40 +13:00
Serge Latyntcev
ad1b00ec7d
[CVE-2019-19325] XSS through non-scalar FormField attributes
...
Silverstripe Forms allow malicious HTML or JavaScript to be inserted
through non-scalar FormField attributes, which allows performing XSS (Cross-Site Scripting)
on some forms built with user input (Request data). This can lead to phishing attempts
to obtain a user's credentials or other sensitive user input.
There is no known attack vector for extracting user-session information or credentials automatically,
it required a user to fall for the phishing attempt.
XSS can also be used to modify the presentation of content in malicious ways.
2020-02-17 09:58:29 +13:00
Guy Marriott
c31de772ab
Merge pull request #8838 from creative-commoners/pulls/4/slash-means-root
...
Use '/' as an alternative designation for root in routing
2020-02-14 11:29:32 -08:00
Garion Herman
29943f9049
API TestSession request methods now use the correct HTTP method ( #8987 )
...
* API TestSession request methods now use the correct HTTP method
* DOCS Update requests section in Functional Testing to reflect API change
2020-02-14 16:01:06 +13:00
Garion Herman
9d1d59d8d1
NEW Accept / as designation for root URL controller
2020-02-14 14:41:10 +13:00
Steve Boyd
8c7e10bd55
Merge branch '4.5' into 4
2020-02-11 16:45:35 +13:00
Steve Boyd
9d5c3ef20e
Merge branch '4.4' into 4.5
2020-02-11 16:45:15 +13:00
Mojmir Fendek
285e6caafa
PR fixes
2020-02-11 10:43:01 +13:00
Mojmir Fendek
448147c2f1
PR fixes
2020-02-10 09:17:34 +13:00
Mojmir Fendek
660f80d284
PR fixes
2020-02-07 13:49:19 +13:00
mnuguid
ca36a47bb1
FIX Update ORM DBField types to use Injector in scaffoldFormField()
...
- This is usable in cases where a DBField is needed to be overloaded through the Injector.
2020-02-04 21:43:47 +13:00
Mojmir Fendek
99786dda22
ORM Column now supports related table lookup
2020-01-28 15:46:30 +13:00
Mojmir Fendek
9c38c5f625
CMS action related extension points ( #9340 )
...
* CMS action related extension points
* Refactor to use fewer extension points
* Remove explicit return type
Co-authored-by: Aaron Carlino <unclecheese@leftandmain.com>
2020-01-27 15:09:15 +13:00
Maxime Rainville
6ff0f3f466
BUG The "Link existing" should be disabled rather than readonly.
2020-01-24 14:47:12 +13:00
Robbie Averill
4121099484
Merge branch '4.5' into 4
2020-01-16 20:00:02 -08:00
Robbie Averill
53fcd47dfc
Merge branch '4.4' into 4.5
2020-01-16 19:59:42 -08:00
Robbie Averill
26e3b6f4e3
Merge branch '4.3' into 4.4
2020-01-16 19:59:24 -08:00
Mojmir Fendek
acbbf80d14
CMS action related extension points ( #9340 )
...
* CMS action related extension points
* Refactor to use fewer extension points
* Remove explicit return type
Co-authored-by: Aaron Carlino <unclecheese@leftandmain.com>
2020-01-15 14:24:49 +13:00
Robbie Averill
38d7bd700d
Merge pull request #9373 from manja/4.5
...
Fixed issue with merging existing entities in text collector
2020-01-14 09:27:35 -08:00
Martin D
ec6a353543
array_key_exists() on objects is deprecated
...
Ref: https://wiki.php.net/rfc/deprecations_php_7_4#array_key_exists_with_objects
2020-01-14 09:22:49 -08:00
Nemanja Karadzic
18f0829053
Fixed issue with merging existing entities in text collector
2020-01-14 14:20:40 +01:00
Garion Herman
af90d17e19
Merge pull request #9359 from open-sausages/pulls/4.4/dbhtmlvarchar-scafolding
...
BUG Remove bad default when scaffolding form field for DBHTMLVarchar
2020-01-07 09:33:25 +13:00
Maxime Rainville
31a8c16c43
Remove default row size
2020-01-07 09:13:03 +13:00
Loz Calver
a42249b6fc
Minor performance improvement in DatabaseAdapterRegistry::autoconfigure()
2019-12-19 14:39:46 +00:00
Serge Latyntcev
eaf6bca706
Merge branch '4.5' into 4
2019-12-19 11:26:38 +13:00
Maxime Rainville
8d69cf9f75
BUG Remove bad default when scaffolding form field for DBHTMLVarchar
2019-12-18 17:32:02 +13:00
Andre Kiste
6650d81324
BUG Fix extra blank Group being created when creating a new Group ( #9325 )
...
* Fix extra blank Group being created when creating a new Group
* Update tests to reflect expected behavior
* Improved tests
2019-11-27 09:32:33 +13:00
Loz Calver
453945da14
FIX: Session::restart() didn't correctly restart session ( fixes #9259 )
2019-11-20 14:21:30 +00:00
Serge Latyntcev
f67e15b8ee
Merge branch '4.5' into 4
2019-11-20 11:12:49 +13:00
Serge Latyntcev
91e4aa90f1
Merge branch '4.4' into 4.5
2019-11-20 11:09:23 +13:00
Serge Latyntcev
8219491705
Merge branch '4.3' into 4.4
2019-11-20 11:08:35 +13:00
Robbie Averill
77ccadd663
Merge pull request #9300 from LABCAT/patch-1
...
Improvement to docs for send_file function
2019-11-14 09:08:16 -08:00
Serge Latyntcev
559f660e0e
Merge branch '4.4' into 4
2019-11-13 15:40:34 +13:00
Mojmir Fendek
e2bea6b41f
API Add withConfig
method ( #9011 )
...
* With config functionality added.
* Update docs/en/02_Developer_Guides/04_Configuration/00_Configuration.md
2019-10-31 16:12:04 +13:00
Michal Kleiner
4f614423ad
Ensure Requirements_Backend respects explicit false for async/defer
2019-10-30 09:59:57 +13:00
Damian Mooyman
e76601e5c8
BUG FormAction title property cannot be set if useButtonTag is false
2019-10-29 17:21:45 +13:00
LABCAT
501d9a1480
Update HTTPRequest.php
2019-10-23 22:52:53 +13:00
LABCAT
630c6c0514
Update src/Control/HTTPRequest.php
...
Co-Authored-By: Robbie Averill <robbie@averill.co.nz>
2019-10-23 21:05:22 +13:00
Garion Herman
17f4cc6e30
Merge pull request #9281 from creative-commoners/pulls/4/textfield-tip-ui
...
NEW: Add support for Tip UI in TextField
2019-10-23 16:50:43 +13:00
Garion Herman
bed3f2b3c6
NEW Add type declarations to Tip API, add TippableFieldInterface
2019-10-23 10:46:22 +13:00
Garion Herman
195417b061
NEW Extract Tip from TextField, add test coverage
2019-10-22 17:04:58 +13:00