Damian Mooyman
5f6ac27934
Bug fix sqlquery select
2015-05-28 18:24:07 +12:00
Damian Mooyman
94b2963ad8
Added 3.0.13 changelog
2015-03-31 14:11:11 +13:00
Chris Pitt
9a97ae962f
Merge branch 'pulls/3.0/xss-fix' into '3.0.13'
...
Backport of SS-2015-009 into 3.0
See merge request !4
2015-03-30 11:23:18 +13:00
Christopher Pitt
bdef4fc7a5
Fixed XSS vulnerability relating to rewrite_hash
2015-03-30 10:59:39 +13:00
Damian Mooyman
11521fb92d
Added 3.0.12 changelog
2015-03-19 17:35:09 +13:00
Daniel Hensby
663f9c9cbe
Merge pull request #3913 from muskie9/patch-5
...
DOCS Update common-problems.md
2015-02-17 22:33:33 +00:00
Nic
54fef8961b
Update common-problems.md
...
Properly instruct where to put `DirectoryIndex disabled`
2015-02-17 16:32:54 -06:00
Daniel Hensby
75299f7e4d
Merge pull request #3911 from muskie9/patch-4
...
Update Common Problems with mod_rewrite issue
2015-02-17 15:44:25 +00:00
Nic
a41f860ee2
Update Common Problems with mod_rewrite issue
...
3.0 docs
2015-02-17 09:42:21 -06:00
Daniel Hensby
aa6debcdea
Removing redundant PHP syntax declaration
2015-02-16 13:57:04 +00:00
Will Rossiter
d6336873d4
Merge pull request #3761 from camfindlay/patch-12
...
BUG Fix tutorial index page for the new doc site
2015-01-08 10:17:49 +13:00
Cam Findlay
ac922a0aa6
BUG Fix tutorial index page for the new doc site
...
Required for roll out of new docs.
2015-01-08 09:59:35 +13:00
Ingo Schommer
28760e051d
Merge pull request #3674 from ss23/api-https-fix
...
API Fix HTTPS proxy header detection (Same as #3152 )
2014-11-25 08:23:44 +13:00
Stephen Shkardoon
b3407abe4b
API Fix HTTPS proxy header detection (Same as #3152 )
...
Didn't use the de facto standard HTTP_X_FORWARDED_PROTO or the less standard HTTP_FRONT_END_HTTPS.
Removed the 'X-Forwarded-Proto', since PHP should prefix/underscore all HTTP headers before it hits $_SERVER.
References:
- https://docs.djangoproject.com/en/1.4/ref/settings/#secure-proxy-ssl-header
- https://drupal.org/node/1859252
- https://drupal.org/node/313145
- http://scottwb.com/blog/2013/02/06/always-on-https-with-rails-behind-an-elb/
2014-11-25 03:21:36 +13:00
Ingo Schommer
1661213e5b
FIX Opt-out pf form message escaping ( fixes #2796 )
...
This fixes a limitation introduced through http://www.silverstripe.org/ss-2013-008-xss-in-numericfield-validation/ .
Form messages used to accept HTML, now they’re escaped by default, effectively removing the ability
to pass in HTML and take care of escaping manually.
We pass through HTML to message in core through the CTF system, so this needs to be fixed.
It’s an alternative fix to https://github.com/silverstripe/silverstripe-framework/pull/2803 .
2014-08-22 16:59:34 +12:00
Joel Marcey
0c85680371
Support PHPUnit 3.8+ compatibility
...
Summary:
PHPUnit 3.8+ adds a method to its PHPUnit_Framework_TestListener called addRiskyTest(). Need to stub it out to avoid "must implement this interface method" fatals when using 3.8+
Test Plan:
Reviewers:
CC:
Task ID: #
Blame Rev:
2014-08-22 13:43:23 +12:00
Damian Mooyman
a6f244faff
Merge pull request #3231 from tscole/patch-2
...
Update i18n.php
2014-06-24 09:14:17 +12:00
tscole
32c2028368
Update i18n.php
...
Norwegian should use 'nb' and not 'no' in common languages array
2014-06-23 14:52:08 +01:00
Damian Mooyman
d76486344a
Merge pull request #3172 from stevie-mayhew/patch-1
...
Update datamodel.md
2014-05-29 16:58:26 +12:00
Stevie Mayhew
0da889bde2
Update datamodel.md
...
Fix broken link to SS_List->column
2014-05-29 16:25:40 +12:00
Damian Mooyman
083c0e083b
Merge pull request #3171 from ss23/patch-4
...
Update i18n.md
2014-05-29 14:34:10 +12:00
Stephen Shkardoon
6b410aa9a0
Update i18n.md
...
Fix a link being inside backticks, which broke the formatting.
2014-05-29 13:13:45 +12:00
Damian Mooyman
d9c037bb69
Merge remote-tracking branch 'origin/3.0.11' into 3.0
2014-05-13 14:02:28 +12:00
Damian Mooyman
ce516ca1cd
Release docs
2014-05-13 13:02:21 +12:00
Will Morgan
1d4082b6f0
MINOR Use composer @stable for PHPUnit
...
Using stable will allow some packages to be downloaded as zips instead of clones all the time.
2014-05-13 11:25:56 +12:00
Will Morgan
8ab3881bfa
MINOR Use composer @stable for PHPUnit
...
Using stable will allow some packages to be downloaded as zips instead of clones all the time.
2014-05-09 16:42:43 +12:00
Damian Mooyman
98e5c1556f
Release docs update
2014-05-07 15:54:55 +12:00
Damian Mooyman
0099a18182
Merge pull request #3100 from tractorcow/pulls/3.0-fix-foldername
...
FIX Folder Title not being exactly the same as Name field
2014-05-07 15:34:59 +12:00
Damian Mooyman
0ae96ab030
Changelog tags
2014-05-07 14:11:10 +12:00
Damian Mooyman
953e4b4c49
Added change log for 3.0.11-rc1
2014-05-07 14:03:13 +12:00
Ingo Schommer
ea1a0d16fc
Merge pull request #3106 from tractorcow/pulls/3.0/path-checking
...
Path resolution cleanup
2014-05-07 08:39:17 +12:00
Damian Mooyman
9bfeffd06a
Path resolution cleanup
...
Backport of #3085 to 3.0
2014-05-06 15:20:57 +12:00
Simon Welsh
ddae5825b3
Merge pull request #3102 from ss23/patch-3
...
MINOR LeftAndMain::getRecord check $ClassName before use
2014-05-05 17:47:57 +10:00
Stephen Shkardoon
677f0edcfc
MINOR LeftAndMain::getRecord check $ClassName before use
...
While the check for `$classname` was done in the first conditional, it was left out of the other two, leading to potential issues when an invalid ID was given, instead of the expected `false`.
2014-05-05 19:26:05 +12:00
Hamish Friedlander
ad27cd5ec9
FIX Folder Title not being exactly the same as Name field
...
Backport to 3.0 of PR #3086
2014-05-05 14:39:45 +12:00
Ingo Schommer
fc8da3fb1d
Merge pull request #3087 from tractorcow/pulls/3.0-phpunit
...
BUG Allow PHPUnit installation with composer / Fix travis
2014-05-05 13:20:17 +12:00
Damian Mooyman
b9872c0856
Allow PHPUnit installations with composer
...
Instruct travis to use composer version of phpunit
2014-05-02 18:23:58 +12:00
Damian Mooyman
1766cccace
Merge pull request #3044 from mateusz/hash
...
FIX: ConfirmedPasswordField used to expose existing hash
2014-04-17 13:11:58 +12:00
Hamish Friedlander
f2c4a629a7
FIX: ConfirmedPasswordField used to expose existing hash
2014-04-17 11:57:57 +12:00
Damian Mooyman
6bc9cfe46d
Merge pull request #3040 from mateusz/plugins30
...
BUG Load just one of each plugin.
2014-04-16 15:38:52 +12:00
Mateusz Uzdowski
9d74bc461d
BUG Load just one of each plugin.
2014-04-16 15:08:31 +12:00
Damian Mooyman
c87373d095
Add 3.0.10 upgrade docs
2014-04-08 12:30:24 +12:00
Hamish Friedlander
5b0a969794
Merge pull request #3011 from tractorcow/pulls/absurl
...
Docs / Tests for Director::absoluteURL
2014-04-08 10:04:36 +12:00
Damian Mooyman
15c6b67c29
Docs / Tests for Director::absoluteURL
2014-04-08 09:16:48 +12:00
Damian Mooyman
9230d41186
Include announcement links for security fixes
2014-04-01 17:40:39 +13:00
Damian Mooyman
cf2a314a50
Added change log to upgrade docs
2014-03-31 16:31:25 +13:00
Damian Mooyman
21f50f44e5
3.0.10-rc1 upgrading docs
2014-03-31 16:07:53 +13:00
Martin D
3e05ccb9b7
Fix link to the HtmlEditorField API page
...
Closes #2990
2014-03-30 18:04:17 +13:00
Hamish Friedlander
b5c14150cc
Merge pull request #2987 from tractorcow/pulls/2981
...
FIX Escape the redirect URL before outputting (alternate implementation)
2014-03-27 14:46:18 +13:00
Damian Mooyman
f8e3bbe3ae
BUG Fix encoding of JS redirection script
2014-03-27 14:35:14 +13:00