Fred Condo
6642772f76
Correct indentation
2018-01-24 16:41:04 -08:00
Fred Condo
8f91f35526
Remove module blacklist
...
- It's not necessary, as SilverStripe returns a not-found page when an
attempt is made to retrieve a file directly from a module.
- Also format as a fenced code block and style as nginx.
2018-01-24 15:53:23 -08:00
Fred Condo
de25c93b75
Update nginx configuration
...
- Add buffer parameters without which some parts of the CMS fail with
"too big header"
- Use RFC-2606-compliant example domains
- Remove configuration that allows arbitrary PHP execution
- Improve sample denials to show how to secure modules
- Restore missing boilerplate for MIME types
2018-01-24 15:36:43 -08:00
Damian Mooyman
e770146141
Merge remote-tracking branch 'origin/3.6' into 3
2018-01-16 17:06:59 +13:00
Damian Mooyman
bb37bc5491
Added 3.6.4 changelog
2018-01-16 16:40:43 +13:00
Daniel Hensby
bb90751cc8
Merge branch '3.6' into 3
2018-01-15 16:44:48 +00:00
Damian Mooyman
39a8410460
Merge pull request #7754 from oetiker/patch-1
...
JSON.parse does not like empty strings
2018-01-15 10:56:15 +13:00
Tobias Oetiker
396005381f
JSON.parse does not like empty strings
...
Add some protection for the case that envent.data is empty or null
2018-01-12 16:21:33 +01:00
Daniel Hensby
4c51cf67e7
Merge pull request #7742 from nglasl/3.6
...
FIX, adding a missing return statement.
2018-01-09 23:43:18 +00:00
Nathan
2ef4a2d4ee
FIX, adding a missing return statement.
...
This causes issues such as an `_function` to incorrectly return null.
2018-01-10 09:50:18 +11:00
Daniel Hensby
c80cc17cf6
Merge branch '3.6' into 3
2018-01-09 13:35:45 +00:00
Daniel Hensby
a049876418
Merge branch '3.5' into 3.6
2018-01-09 13:34:56 +00:00
Damian Mooyman
677336fbef
Merge pull request #7726 from dhensby/pulls/3.5/functionaltest-html5-forms
...
FIX Allow HTML 5 input tags in FunctionalTest form submissions
2018-01-08 13:32:44 +13:00
Daniel Hensby
44930f211b
FIX Allow HTML 5 input tags in FunctionalTest form submissions
2017-12-22 11:15:56 +00:00
Daniel Hensby
7897b3bb25
Merge branch '3.6' into 3
2017-12-14 15:31:51 +00:00
Daniel Hensby
7b0500982e
Merge branch '3.5' into 3.6
2017-12-14 15:25:36 +00:00
Daniel Hensby
81150c5922
FIX Use PHP 5.3 array syntax
2017-12-14 15:24:53 +00:00
Damian Mooyman
3346b37ef0
Merge branch '3.6' into 3
2017-12-08 11:53:49 +13:00
Damian Mooyman
052f11a427
Remove merge artifact
2017-12-08 11:52:48 +13:00
Damian Mooyman
b7b3e4b1f8
Merge remote-tracking branch 'origin/3.6' into 3
2017-12-07 14:09:33 +13:00
Damian Mooyman
c22726bfd7
Merge remote-tracking branch 'origin/3.5' into 3
2017-12-07 14:09:02 +13:00
Damian Mooyman
bf74e8347a
Added 3.6.3 changelog
2017-12-07 13:35:49 +13:00
Damian Mooyman
b6a7e47441
Added 3.5.6 changelog
2017-12-07 13:27:17 +13:00
Damian Mooyman
50aa1f22a6
Merge branch '3.6' into 3
2017-12-07 13:20:58 +13:00
Loz Calver
aac828a6ee
Merge pull request #7559 from silverstripe/pulls/3/auto-index-sort
...
NEW Add sort columns to DB index automatically
2017-12-06 16:13:48 +00:00
Daniel Hensby
89166a2ff2
Try using parseSortColumn from ArrayList
2017-12-06 13:38:58 +00:00
Daniel Hensby
2e43780a8a
NEW Add sort columns to DB index automatically
2017-12-06 13:38:25 +00:00
Damian Mooyman
8537dd56dd
Added 3.6.3-rc2 changelog
2017-12-06 18:11:03 +13:00
Damian Mooyman
55739fa5af
Merge pull request #50 from silverstripe-security/pulls/3.6/ss-2017-007
...
[ss-2017-007] Ensure xls formulae are safely sanitised on output (3.6)
2017-12-06 17:41:49 +13:00
Damian Mooyman
d47667bb07
Merge pull request #52 from silverstripe-security/pulls/3.6/ss-2017-006
...
[ss-2017-006] Fix user agent invalidation on session startup (3.6 branch)
2017-12-06 17:41:07 +13:00
Damian Mooyman
c5d6eb816d
Merge pull request #55 from silverstripe-security/pulls/3.6/ss-2017-009
...
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt (3.6 branch)
2017-12-06 17:39:17 +13:00
Damian Mooyman
c0fffb33cd
Merge branch '3.6' into pulls/3.6/ss-2017-009
2017-12-06 17:39:01 +13:00
Damian Mooyman
e281c64fca
Merge remote-tracking branch 'silverstripe-security/3.5' into 3.6
2017-12-06 17:32:56 +13:00
Damian Mooyman
a8465900bd
Merge pull request #47 from silverstripe-security/patch/3.5/SS-2017-008
...
[SS-2017-008] FIX Make sure int params are successfull cast to int
2017-12-06 17:30:51 +13:00
Damian Mooyman
d6a93f5215
Merge remote-tracking branch 'silverstripe-security/3.5' into 3.6
...
# Conflicts:
# security/Member.php
2017-12-06 17:26:45 +13:00
Damian Mooyman
91cf85087b
Merge remote-tracking branch 'origin/3.5' into 3.6
2017-12-06 17:21:09 +13:00
Damian Mooyman
d09c2d7b03
Added 3.5.6-rc1 changelog
2017-12-06 16:27:12 +13:00
Damian Mooyman
5f7f1ea150
Added 3.5.6-rc1 changelog
2017-12-06 16:27:08 +13:00
Damian Mooyman
dd4c5417e7
Merge pull request #49 from silverstripe-security/pulls/3.5/ss-2017-007
...
[ss-2017-007] Ensure xls formulae are safely sanitised on output (3.5)
2017-12-06 16:25:58 +13:00
Damian Mooyman
44de03da01
Merge pull request #53 from silverstripe-security/pulls/3.5/ss-2017-006
...
[ss-2017-006] Fix user agent invalidation on session startup (3.5 branch)
2017-12-06 16:25:39 +13:00
Damian Mooyman
3e2bcaa0b4
Merge pull request #54 from silverstripe-security/pulls/3.5/ss-2017-009
...
[ss-2017-009] Prevent disclosure of sensitive information via LoginAttempt (3.5 branch)
2017-12-06 16:25:19 +13:00
Damian Mooyman
975d462e0c
Merge pull request #7661 from dhensby/pulls/3.5/versioned-base-class
...
FIX Use baseDataClass for allVersions as with other methods
2017-12-06 14:13:14 +13:00
Damian Mooyman
77b46672e2
Merge branch '3.5' into pulls/3.5/versioned-base-class
2017-12-06 11:37:46 +13:00
Damian Mooyman
c5837c62e8
Merge pull request #7679 from dhensby/pulls/3.5/fix-critical-issues
...
Fixing scrutinizer issues
2017-12-06 11:30:57 +13:00
Daniel Hensby
8d1a5ed8b7
More code style fixes
2017-12-05 14:20:13 +00:00
Daniel Hensby
2aa1d8f2c4
remove create_function usage
2017-12-05 14:20:13 +00:00
Daniel Hensby
84d7afb347
FIX Use baseDataClass for allVersions as with other methods
2017-12-05 13:02:20 +00:00
Robbie Averill
2538f59ab7
Merge pull request #5211 from stevie-mayhew/pulls/reset-button
...
BUGFIX: don't try and switch out of context of the tab system
2017-12-05 19:59:49 +13:00
Damian Mooyman
db54112f3c
[ss-2017-006] Fix user agent invalidation on session startup
2017-12-01 14:24:11 +13:00
Damian Mooyman
25e276cf37
[ss-2017-006] Fix user agent invalidation on session startup
2017-12-01 10:55:00 +13:00