Commit Graph

3198 Commits

Author SHA1 Message Date
Serge Latyntcev
6c39962b7a Merge branch '4.5' into 4 2020-02-19 10:21:11 +13:00
Serge Latyntcev
6c2f179a43 Merge branch '4.4' into 4.5 2020-02-19 10:20:50 +13:00
Bernard Hamlin
765810b013
Update CVE number to CVE-2019-19325 2020-02-19 09:58:12 +13:00
Tyler Trout
b7391fd34f
Update 02_FixtureFactories.md
- Removed duplicate `use SilverStripe\Core\Injector\Injector;`
- Changed $myPageObj to $MyObjectObj
2020-02-17 16:49:52 -05:00
Maxime Rainville
affd43052a Merge branch '4.5' into 4 2020-02-17 18:11:23 +13:00
Maxime Rainville
5fd16cd7e1 Add 4.5.1 changelog 2020-02-17 17:47:23 +13:00
Maxime Rainville
7ce2abf74d Merge remote-tracking branch 'origin/4.4' into 4.5 2020-02-17 14:43:38 +13:00
Maxime Rainville
a9598eec3f Added 4.4.5 changelog 2020-02-17 14:02:57 +13:00
Maxime Rainville
acd7d94167 Merge branch '4.4' into 4.5 2020-02-17 13:07:26 +13:00
Steve Boyd
08cc057049
Merge pull request #9404 from creative-commoners/pulls/4/minor-lockstep-release-docs
DOCS Add note to update minimum core requirements in minor releases
2020-02-17 10:11:34 +13:00
Serge Latyntcev
ad1b00ec7d [CVE-2019-19325] XSS through non-scalar FormField attributes
Silverstripe Forms allow malicious HTML or JavaScript to be inserted
through non-scalar FormField attributes, which allows performing XSS (Cross-Site Scripting)
on some forms built with user input (Request data). This can lead to phishing attempts
to obtain a user's credentials or other sensitive user input.
There is no known attack vector for extracting user-session information or credentials automatically,
it required a user to fall for the phishing attempt.
XSS can also be used to modify the presentation of content in malicious ways.
2020-02-17 09:58:29 +13:00
Guy Marriott
c31de772ab
Merge pull request #8838 from creative-commoners/pulls/4/slash-means-root
Use '/' as an alternative designation for root in routing
2020-02-14 11:29:32 -08:00
Garion Herman
29943f9049
API TestSession request methods now use the correct HTTP method (#8987)
* API TestSession request methods now use the correct HTTP method

* DOCS Update requests section in Functional Testing to reflect API change
2020-02-14 16:01:06 +13:00
Ingo Schommer
bf5a46901c
DOCS Web worker concurrency caveats (#9223) 2020-02-14 15:23:20 +13:00
Garion Herman
be71f34cac DOCS Add documentation covering Root URL Handler behaviour 2020-02-14 14:41:10 +13:00
Garion Herman
a2beabd430 DOCS Add note to update minimum core requirements in minor releases 2020-02-11 14:19:03 +13:00
Guy Marriott
73990ac189
Merge pull request #9399 from creative-commoners/broken-link
DOCS fix a broken link
2020-02-06 16:07:40 -08:00
brynwhyman
b60def66dd DOCS fix a broken link 2020-02-07 12:49:17 +13:00
Dylan Wagstaff
3a99a57d41
Merge pull request #9385 from mooror/patch-1
Updated the "Template Syntax" Documentation
2020-02-04 11:03:22 +13:00
Steve Boyd
566b81f326
Merge pull request #9392 from creative-commoners/pulls/4/document-tweak-releases
DOC Add documentation for tweak releases
2020-02-03 15:33:36 +13:00
Garion Herman
4ce63e4460 DOC Tweak wording on detach-tagged-base explanation [ci skip] 2020-02-03 15:20:47 +13:00
Garion Herman
efb1ebdd1a DOC Add documentation for tweak releases 2020-02-03 14:53:40 +13:00
Ingo Schommer
daf32f2327 DOCS Removed Damian as core committer :( 2020-01-31 12:20:01 +13:00
Benjamin Blake
7c32a848aa
Updated the "Template Syntax" Documentation
Added a notice to the "Variables" section of the "Template Syntax" documentation to warn developers about common template variable gotchas
2020-01-27 15:18:40 -07:00
Valentino Pesce
24c28e4457
Docs: Fix link to Middleware not found
Fix link to Middleware not found in page Rate Limiting
2020-01-25 19:21:15 +01:00
Robbie Averill
a98a2d9c7f
Merge pull request #9379 from tiller1010/patch-1
Update to link
2020-01-24 12:41:44 -08:00
Loz Calver
87ad14dad3
Merge pull request #9371 from Greg808/patch-1
added addExtraClass
2020-01-24 09:20:16 +00:00
Tyler Trout
4a1c91f91d
Update to link
Clicking "ReactJS in SilverStripe" on https://docs.silverstripe.org/en/4/developer_guides/customising_the_admin_interface/cms_layout/ directs to 404.
2020-01-20 09:47:43 -05:00
Valentino Pesce
0c5fda2003
Docs: Fix route that doesn't exist 2020-01-19 19:03:35 +01:00
Aaron Carlino
681ed4f78a DOC: Fix unterminated injector callout block 2020-01-17 10:47:16 +13:00
Greg808
67725fe271
added addExtraClass
I am not quiet sure if this is needed but if you want to only add the custom action to the GridField action menu than you need to add the extra classes otherwise it would add it to the action menu and to the gridfield.
2020-01-13 13:05:39 +01:00
Michael Andrewartha
bc5aa53ed9
Adding SS_ENVIRONMENT_TYPE to documentation
Before running a dev/build the first time, you need to specify dev as your environment type. The variable wasn't mentioned as part of the list so I've added it. Let me know if it's not clear about the difference between the states, or it should be better documented here somehow.
2020-01-13 22:59:06 +13:00
Benjamin Blake
7ca70d353b
Updated "Extensions and DataExtensions" Docs
Updated the new notice to make it use more imperative language (credit @NightJar)
2020-01-12 15:22:00 -07:00
Benjamin Blake
61af8b00ab
Updated "Extensions and DataExtensions" docs
Corrected a typo and add more information to hopefully clarify the text.
2020-01-12 14:56:55 -07:00
Benjamin Blake
74f7606080
Updated "Extensions and DataExtensions" Docs
Added a notice to the "Owner" section that will remind developers of the limitations of the owner system when it comes to private and protected properties and methods
2020-01-12 14:47:28 -07:00
Garion Herman
6229d014e0
Merge pull request #9363 from conny-nyman/docs/search_filters
DOC Updated search filter modifiers documentation
2020-01-13 08:49:12 +13:00
Conny Nyman
2bd5f8cbcf DOC Updated search filter modifiers documentation to mention that they only work on data lists 2020-01-11 11:09:24 +02:00
Ingo Schommer
c61881a4c0
DOCS Clearer create module instructions (#9365)
* DOCS Clearer create module instructions

Incl. link to skeleton

* Update docs/en/02_Developer_Guides/05_Extending/00_Modules.md

Co-Authored-By: Garion Herman <garion@silverstripe.com>

Co-authored-by: Garion Herman <garion@silverstripe.com>
2020-01-08 10:41:28 +13:00
Maxime Rainville
5a082e74b6
Merge pull request #9349 from open-sausages/pulls/4/doc-new-release-life-cyle
Update the documentation to reflect our new release lifecyle
2020-01-08 09:14:44 +13:00
Maxime Rainville
34ce2609f4
Adjusting the stated beta period
Co-Authored-By: Bryn Whyman <bryn.whyman@silverstripe.com>
2020-01-07 10:14:32 +13:00
Maxime Rainville
d9f48e76bc
Some minor sentence rewording
Co-Authored-By: Bryn Whyman <bryn.whyman@silverstripe.com>
2020-01-07 10:08:32 +13:00
Valentino Pesce
c8c1c86d70
FIX: module link "recaptcha" not found 2019-12-23 15:38:27 +01:00
Garion Herman
81497776f3 DOC Tweak names and link in 4.5.0 changelog 2019-12-20 09:53:30 +13:00
Andrew Aitken-Fincham
910f5efbf2 fix markdown tables for url variables documentation 2019-12-19 10:54:45 +00:00
Serge Latyntcev
eaf6bca706 Merge branch '4.5' into 4 2019-12-19 11:26:38 +13:00
Serge Latyntcev
08eaed4190 Added 4.5.0 changelog 2019-12-19 11:24:04 +13:00
Serge Latyntcev
e1a1459df3 Added 4.5.0-rc2 changelog 2019-12-19 11:23:31 +13:00
Maxime Rainville
3f15957b5f DOC New release lifecycle 2019-12-18 17:05:11 +13:00
Robbie Averill
9fb4c75393
Merge pull request #9299 from open-sausages/pulls/4/rfc-8996
DOC RFC-8996 clarify public APIs
2019-12-13 18:02:55 -08:00
Matt Peel
1633ddea9c
Fix PHP versions in upgrade guide
Make versions less generic, and add note about following PHP's supported versions guide
2019-12-10 12:17:55 +13:00