Commit Graph

3087 Commits

Author SHA1 Message Date
Matt Peel
7083f016c1
Update secure coding standards
As of SS4.0.0 and the introduction of TrustedProxyMiddleware, the default now if no trusted proxies are defined is that nothing is a trusted proxy, whereas in SS3 a missing declaration was treated as everything being allowed.
2019-09-10 12:55:24 +12:00
Robbie Averill
66ca1c925f
Merge pull request #9217 from silverstripe/doc-node10
Update recommended node version in contrib docs
2019-09-06 11:54:41 -07:00
Robbie Averill
23b40557e8
Reduce version for Node 10 to SilverStripe 4.4
[ci skip]

Co-Authored-By: Garion Herman <garion@silverstripe.com>
2019-09-06 11:54:14 -07:00
Ingo Schommer
e3f06c4468 DOCS Remove uservoice mentions
See https://forum.silverstripe.org/t/a-new-way-to-manage-feature-ideas/2264
2019-09-06 16:01:30 +12:00
Sam Minnée
614e99a899
Update recommended node version in contrib docs 2019-09-04 18:55:47 +12:00
Ingo Schommer
9d1d70ba8e
Apply suggestions from code review
Co-Authored-By: Garion Herman <garion@silverstripe.com>
2019-09-04 15:34:36 +12:00
Ingo Schommer
8d7069ef83
Update docs/en/00_Getting_Started/index.md
Co-Authored-By: Garion Herman <garion@silverstripe.com>
2019-09-04 15:33:41 +12:00
Ingo Schommer
79bd50ecce
Update docs/en/00_Getting_Started/index.md
Co-Authored-By: Garion Herman <garion@silverstripe.com>
2019-09-04 15:33:31 +12:00
Ingo Schommer
b34e0bde8a
Update docs/en/00_Getting_Started/00_Server_Requirements.md
Co-Authored-By: Garion Herman <garion@silverstripe.com>
2019-09-04 15:32:41 +12:00
Ingo Schommer
ab09e151a0
Update docs/en/00_Getting_Started/00_Server_Requirements.md
Co-Authored-By: Garion Herman <garion@silverstripe.com>
2019-09-04 15:31:24 +12:00
Ingo Schommer
ccb4118e74 DOCS Public webroot requirement 2019-09-03 18:51:53 +12:00
Ingo Schommer
f93fcd66ef DOCS Moved install guides to forum
We don't keep them updated, and they're better placed in a wiki entry on our forum:
https://forum.silverstripe.org/c/tips
2019-09-03 18:39:56 +12:00
Ingo Schommer
1977ab5ee2 DOCS Remove IIS install docs
This is so outdated it borders on being useless.
I've moved it to the forum as a starting point for our dear Microsoft adventurers instead:
https://forum.silverstripe.org/t/microsoft-iis-webserver-and-sql-server-support/2245
2019-09-03 18:39:56 +12:00
Ingo Schommer
ca5b1cbf61 DOCS Rewrite server requirements
* Remove overly specific PHP RNG instructions (that's just built into PHP7 through random_bytes now, which will throw if no suitable RNG is available)
 * Remove PHP 5 RNG requirements, since we don't support that PHP release any mre
 * Remove verbose explanation of PHP 5.6 support
 * Remove conflicting instructions for PHP memory limits
 * Remove version numbers from supporetd databases other than MySQL, it's up to the community modules to define that
 * Remove Oracle support (code is nine years old!)
 * Make "community supported" status clearer on databases, people can draw their own conclusions as open source users on Github
 * Remove IIS version number, I think we should just stick to "needs web.config" and not give the impression that this is actively tested
 * Remove mention of OSes for web servers, that's kind of irrelevant in today's hosting world (containers, PaaS, etc)
 * Shorten install instructions in favour of a "quickstart" and point to lessons instead
 * Remove mention of archive download option, we really shouldn't promote this - composer is the de-facto standard
 * Add generic descriptions of the hosting environment considerations without going too much into specifics
 * Remove Apache version number, we don't test on different versions, and really mostly rely on mod_rewrite working properly. Laravel does the same (doesn't claim specific Apache version support)
2019-09-03 18:38:15 +12:00
Ingo Schommer
d77c6514b4 DOCS Remove Nginx/HHVM guide
HHVM isn't supported any more, PHP 7 is where it's at
2019-09-03 15:58:18 +12:00
Ingo Schommer
5fc4a05a48 DOCS Remove MySQL SSL instructions
Only a tiny fraction of this is specific to SilverStripe,
and that is already covered under the environment variables elsewhere
2019-09-03 15:57:57 +12:00
Serge Latyntsev
296dc6a489 DOC Fix versioned snapshot image markdown (#9209) 2019-09-02 13:29:08 +12:00
Robbie Averill
0f85fb108f
Merge pull request #9193 from open-sausages/pulls/4/docs-remove-lighthttpd
DOCS Remove Lighty docs
2019-08-26 15:02:26 +12:00
Ingo Schommer
1162b11b20 DOCS Remove Lighty docs
They don't account for protected files, or clear public webroot hosting.
I think this is more of a stackoverflow or forum.silverstripe.org article,
not something we should pretend to have official support for (or check for completeness and secure configuration)
2019-08-26 14:15:06 +12:00
Fred Condo
5a534e3ba5 DOCS: update nginx config to protect .protected
This change replicates what the apache .htaccess for the .protected
assets folder does.
2019-08-20 13:13:59 -07:00
Guy Marriott
f676672f76
Merge branch '4.4' into 4 2019-08-19 16:10:30 +12:00
Guy Marriott
a6614d8a77
Added 4.4.3 changelog 2019-08-19 15:01:22 +12:00
James Cocker
f68fac2c47
4.4.0 Upgrade Docs: Clarified that the shortcode task isn't run automatically 2019-08-16 14:42:16 +01:00
Ryan Potter
fa325d2360
Update pagination code snippet
Update pagination snippet to use summarised pagination.
2019-08-13 15:17:38 +12:00
Aaron Carlino
684f5311a0 Merge branch '4.4' into 4 2019-08-13 12:15:39 +12:00
Aaron Carlino
8cfd3f07ba Added 4.4.2 changelog 2019-08-12 16:08:07 +12:00
Robbie Averill
4936d265a2
DOCS Remove statement about a strict error when overloading PDOQuery constructor
Constructors are not bound by method signature match rules in PHP
2019-08-09 09:16:31 +12:00
Maxime Rainville
4380d7d155 API Add option to disable user-agent header session validation 2019-08-06 22:00:01 +12:00
Robbie Averill
3224c9971b Merge branch '4.4' into 4 2019-08-02 11:24:54 +12:00
Robbie Averill
3b96c51688 Merge branch '4.3' into 4.4 2019-08-02 11:24:45 +12:00
Robbie Averill
2d2b0b82f0 DOCS Fix incorrect rendering of note on list item
[ci skip]
2019-07-25 12:03:12 +02:00
Robbie Averill
f1d8a04928
DOCS Fix broken markdown links for docs.silverstripe.org
[ci skip]
2019-07-22 13:02:57 +02:00
Robbie Averill
2a1394bed7 Merge branch '4.4' into 4 2019-07-19 10:46:00 +02:00
Robbie Averill
40f06fafa9 Merge branch '4.3' into 4.4 2019-07-19 10:45:44 +02:00
Robbie Averill
c7b15eaef5 Merge branch '4.2' into 4.3 2019-07-19 10:45:29 +02:00
Robbie Averill
c8eaf00d66
Revert "Added link to broaden description on SSL sertificates" 2019-07-18 17:36:57 +02:00
MatthewBellwood
4b29f06de2
Added link to broaden description on SSL sertificates 2019-07-18 17:44:52 +03:00
Ingo Schommer
4d93e48b10
DOCS Add silverstripe/login-forms (#9112)
See https://github.com/silverstripe/recipe-cms/issues/26.
Dependant on https://github.com/silverstripe/silverstripe-installer/pull/257.
2019-07-16 10:11:37 +12:00
Serge Latyntcev
29a663c65d Merge branch '4.4' into 4 2019-07-15 09:24:49 +12:00
Serge Latyntcev
d667d64f13 Merge branch '4.3' into 4.4 2019-07-15 09:18:17 +12:00
UndefinedOffset
571a4d9ace NEW: Added support for config condition if PHP extension is loaded 2019-07-02 14:55:36 -03:00
Sam Minnee
4b15c90c72 DOCS: Change default database connector. 2019-07-01 10:37:19 +12:00
Saophalkun Ponlu
6a8c6703d1 Remove use_gzip from HTMLEditorField since it's been removed by TinyMCE codebase (#7261)
* Remove `use_gzip` from HTMLEditorField

* DOCS Mention remove use_gzip in changelog
2019-06-21 09:27:48 +12:00
Ingo Schommer
0a6096a1bb
DOCS File migration background notes (#9058) 2019-06-21 08:47:40 +12:00
Robbie Averill
dcf4c64704
Merge pull request #9077 from lerni/ss-log-example-config-docs-fix
fix #9075 log example yml-config in docs
2019-06-19 20:17:43 +12:00
lerni
0c7458cd21 add single quotes 2019-06-19 08:21:31 +02:00
Serge Latyntcev
5be0c15587 Doc / Fix link to SS-2019-022 in changelogs 2019-06-19 15:14:16 +12:00
lerni
e652b3e421 fix #9075 log example yml-config in docs 2019-06-18 09:17:25 +02:00
Robbie Averill
ca0949057d
Merge pull request #9076 from open-sausages/pulls/4/docs-cascade-publish-delete
DOCS Clarify cascade publish/delete perm checks
2019-06-18 18:09:24 +12:00
Ingo Schommer
732dfe5aaa DOCS Clarify cascade publish/delete perm checks
We decided during implementation not to check permissions explicitly on cascading objects due to performance concerns.
For example, when publishing a page with embedded images, publish permissions on the image are implied - even if Image->canPublish() would return false for this author.

See https://github.com/silverstripe-security/security-issues/issues/57
2019-06-18 16:27:29 +12:00