Serge Latyntcev
7db524bd90
FIX DebugViewFrendlyErrorFormatter handle of admin_email
2019-10-04 10:26:54 +13:00
Robbie Averill
e49cec3a00
Merge pull request #9247 from jakxnz/pulls/4/record-login-attempt-outputs
...
ENHANCEMENT: MemberAuthenticator::recordLoginAttempt() outputs
2019-10-03 10:46:34 -07:00
Dylan Wagstaff
047ac060c4
Merge pull request #9265 from emteknetnz/feature/noopener
...
Add noopener attribute to links with a target
2019-10-03 14:42:50 +13:00
Steve Boyd
887f198b07
Add rel attribute to link elements with a target attribute
2019-10-03 14:03:12 +13:00
Serge Latyntcev
7dfc35d204
DOC Fix the required NodeJS version for CMS custamisation
2019-10-01 14:27:23 +13:00
Loz Calver
daf995da63
Fix syntax error in DataList docs
2019-09-30 09:36:12 +01:00
Robbie Averill
84cb596ab8
Merge pull request #9272 from open-sausages/pulls/4/doc-yet-another-link-update
...
DOC Fix Contribution guide broken links
2019-09-29 19:49:59 -07:00
Serge Latyntcev
a706e37ec3
DOC Fix Contribution guide broken links
2019-09-30 13:36:19 +13:00
Damian Mooyman
58c080db5a
FEATURE Option placeholder for upload folder id ( #9262 )
...
* FEATURE Option placeholder for upload folder id
* ENHANCEMENT Add setFolderName() to TinyMCEConfig
* Typehint return type
* Add type to param
2019-09-30 10:50:55 +13:00
Michal Kleiner
1a2dbfd3a5
Update conditional logic when checking array keys before removing methods in CustomMethods
2019-09-30 10:17:59 +13:00
Michal Kleiner
52a039f631
Check array keys existence prior to their usage when removing methods in CustomMethods
2019-09-27 14:57:15 +12:00
Serge Latyntsev
e585e1e859
Merge pull request #9270 from open-sausages/pulls/4/no-google-groups
...
DOC Forget about google groups
2019-09-27 09:36:58 +12:00
Guy Marriott
9c163afdf8
Clarify that $title in FormField can accept ViewableData ( #9268 )
...
Clarify that $title in FormField can accept ViewableData
2019-09-26 10:58:12 -07:00
Serge Latyntsev
80b282b605
DOC Forget about google groups
2019-09-26 14:39:38 +12:00
JorisDebonnet
349589b23b
Clarify that $title in FormField can accept ViewableData
...
When constructing a FormField, an IDE would previously tell you the `$title` needs to be string (or null). Let's make it more clear that a ViewableData instance (such as `HTMLValue::create($title)`) is also accepted. This should help people more quickly find a solution to put html in labels.
2019-09-26 02:39:39 +02:00
Guy Marriott
b15e416165
drop random_compat dependency now PHP support is 7.1+ ( #9267 )
...
drop random_compat dependency now PHP support is 7.1+
2019-09-25 10:27:08 -07:00
Loz Calver
2f35cbd88c
Merge pull request #9266 from open-sausages/pulls/4/update-usage-doc-with-rquire
...
DOC Substituce old apache syntax for Require
2019-09-25 10:42:00 +01:00
Christopher Darling
578dd973a2
drop random_compat dependency now PHP support is 7.1+
...
since 4.5+ is going to be PHP 7.1+ random_compat should no longer be needed
2019-09-25 09:03:11 +01:00
Maxime Rainville
d7f5ed3e65
DOC Substituce old apache syntax for Require
2019-09-25 16:59:48 +12:00
Robbie Averill
d95fe203b8
Merge pull request #9263 from creative-commoners/pulls/4/js-api-docs-semver-warning
...
DOC Add warning about Semver status of modern JS / GraphQL tooling
2019-09-24 18:17:29 -07:00
Aaron Carlino
b0a17f5df1
Update changelog
2019-09-25 11:23:57 +12:00
Garion Herman
637a891b8c
DOC Include link to semver.org in modern JS / GQL warning
2019-09-25 11:22:04 +12:00
Garion Herman
3db0fa46b5
DOC Add warning about Semver status of modern JS / GraphQL tooling
2019-09-25 10:26:06 +12:00
Sam Minnée
af6644f762
Merge pull request #9240 from chrometoasters/pulls/db-readonly-transactions-support
...
NEW Introduce supported database transaction mode check
2019-09-25 10:02:53 +12:00
Serge Latyntcev
88fde6e7c3
Merge branch '4.4' into 4
2019-09-24 17:29:06 +12:00
Serge Latyntcev
50a1aa4c4d
Merge branch '4.3' into 4.4
2019-09-24 17:28:31 +12:00
Aaron Carlino
b002ef1171
Merge branch '4.4' into 4
2019-09-24 17:26:50 +12:00
Aaron Carlino
a0ec2f2811
Update translations
2019-09-24 17:26:37 +12:00
Serge Latyntcev
26a4fb38ba
Added 4.3.6 changelog
2019-09-24 17:20:48 +12:00
Aaron Carlino
79a89e751d
Added 4.4.4 changelog
2019-09-24 17:05:26 +12:00
Aaron Carlino
c1047fac32
DOCS: Add docs for versioned files migration
2019-09-24 16:04:22 +12:00
Aaron Carlino
28057e3a71
DOCS: Add FileShortcodeProvider change to changelog
2019-09-24 16:03:48 +12:00
Serge Latyntcev
8b7063a8e2
[CVE-2019-12617] Fix access escalation for CMS users with limited access through permission cache pollution
2019-09-24 16:03:48 +12:00
Serge Latyntcev
eccfa9b10d
[CVE-2019-12203] Session fixation in "change password" form
...
A potential account hijacking may happen if an attacker has physical access to
victim's computer to perform session fixation. Also possible if the targeted application contains an XSS vulnerability.
Requires the victim to click the password reset link sent to their email.
If all the above happens, attackers may reset the password before the actual user does that.
2019-09-24 16:03:48 +12:00
Aaron Carlino
1f92b21a04
DOCS: Add FileShortcodeProvider change to changelog
2019-09-24 16:03:48 +12:00
Aaron Carlino
8ee5e621fd
DOCS: Add docs for versioned files migration
2019-09-24 16:00:51 +12:00
Serge Latyntcev
5af205993d
[CVE-2019-12617] Fix access escalation for CMS users with limited access through permission cache pollution
2019-09-24 16:00:51 +12:00
Serge Latyntcev
569237c0f4
[CVE-2019-12203] Session fixation in "change password" form
...
A potential account hijacking may happen if an attacker has physical access to
victim's computer to perform session fixation. Also possible if the targeted application contains an XSS vulnerability.
Requires the victim to click the password reset link sent to their email.
If all the above happens, attackers may reset the password before the actual user does that.
2019-09-24 16:00:51 +12:00
Aaron Carlino
99ab3c6421
DOCS: Add FileShortcodeProvider change to changelog
2019-09-24 16:00:51 +12:00
Jackson Darlow
a033662a3a
MemberAuthenticator::recordLoginAttempt() outputs
2019-09-24 14:24:59 +12:00
Guy Marriott
3659f2888d
FIX Add 'legal empty attributes' to allow empty alt values on i… ( #9257 )
...
FIX Add 'legal empty attributes' to allow empty alt values on imgs
2019-09-23 17:03:01 -07:00
Garion Herman
0d27f32cc9
FIX Add 'legal empty attributes' to allow empty alt values on imgs
...
In some situations, a caption is used in place of a value in the alt
attribute, and in others an image may be cosmetic and not in need of an
alt attribute value (though the alt attribute must still be rendered in
this case).
2019-09-24 11:44:12 +12:00
Robbie Averill
3cfc21c405
Merge pull request #9241 from open-sausages/pulls/4.4.3/fix-file-permission
...
Fix administrators not being able to see files that are restricted to groups
2019-09-23 11:13:26 -07:00
Guy Marriott
aa7c057422
FIX: Don't force-add view button to readonly GridField (fixes #… ( #9254 )
...
FIX: Don't force-add view button to readonly GridField (fixes #9249 )
2019-09-23 10:31:25 -07:00
Guy Marriott
190b2f2842
FIX: run member CMS validator when editing via groups (fixes #9… ( #9255 )
...
FIX: run member CMS validator when editing via groups (fixes #9184 )
2019-09-23 10:28:38 -07:00
Loz Calver
efdb9cc718
FIX: run member CMS validator when editing via groups ( fixes #9184 )
2019-09-23 16:59:58 +01:00
Loz Calver
d85ff3bc44
FIX: Don't force-add view button to readonly GridField ( fixes #9249 )
2019-09-23 16:52:47 +01:00
bergice
6a1c6ecec6
Fix administrators not being able to see files that are restricted to groups
...
Resolves https://github.com/silverstripe/silverstripe-asset-admin/issues/777
2019-09-23 16:44:28 +12:00
Guy Marriott
6ff97821ed
Merge branch '4.4' into 4
2019-09-18 15:52:36 -07:00
Guy Marriott
7877ffcc85
Merge branch '4.3' into 4.4
2019-09-18 15:52:18 -07:00