Christopher Pitt
da852ceea1
Improved PHPDoc comments
2015-11-14 12:55:30 +13:00
Damian Mooyman
1e1a7a345c
Merge remote-tracking branch 'origin/3'
...
Conflicts:
control/Director.php
filesystem/File.php
filesystem/GD.php
filesystem/ImagickBackend.php
forms/HtmlEditorField.php
javascript/UploadField_uploadtemplate.js
model/Image.php
model/Image_Backend.php
model/fieldtypes/Enum.php
templates/AssetUploadField.ss
tests/model/ImageTest.php
tests/search/FulltextFilterTest.php
2015-11-03 14:23:16 +13:00
Patrick Nelson
f192a6ecaf
FIX #4392 : Ensure headers are checked first before being clobbered by globally maintained state. Also ensuring tests utilize separate responses for isolation.
2015-10-09 13:50:33 -04:00
Damian Mooyman
d6f3115276
Merge pull request #4656 from spekulatius/fixing-phpdoc-blocks
...
fixing phpdoc blocks to refering to Objects to built-in types of PHP
2015-10-07 16:00:24 +13:00
Peter Thaleikis
6ef03d29bb
removing a bunch of trailing spaces in the source code
2015-10-06 18:31:58 +13:00
Peter Thaleikis
c13dfc2fa0
fixing phpdoc blocks to refering to Objects to built-in types of PHP
2015-10-06 18:28:04 +13:00
Damian Mooyman
278caa86f4
Merge pull request #4636 from spekulatius/converting-spaces-to-tabs
...
converting spaces as intentation to tabs
2015-10-06 11:51:45 +13:00
Peter Thaleikis
5fda95d951
converting spaces as intentation to tabs
2015-09-28 22:21:30 +13:00
Peter Thaleikis
21216b47ab
remove trailing spaces in the codebase
2015-09-28 22:21:08 +13:00
Damian Mooyman
b552a7370f
Merge remote-tracking branch 'origin/3'
...
Conflicts:
tests/model/ImageTest.php
2015-09-09 15:44:47 +12:00
Damian Mooyman
309ac0d196
Merge remote-tracking branch 'origin/3.1' into 3.2
...
Conflicts:
.travis.yml
admin/code/CMSProfileController.php
admin/tests/LeftAndMainTest.php
control/HTTP.php
security/Permission.php
tests/forms/FormTest.php
tests/model/ArrayListTest.php
tests/security/PermissionTest.php
2015-09-09 14:35:29 +12:00
Ingo Schommer
dc650e3cf1
Clarify use of HTTP Pragma response header
...
The HTTP Pragma header is obsolete for HTTP 1.1,
and technically only defined for a HTTP request (not response).
Refer to https://www.mnot.net/cache_docs/#PRAGMA
,http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.32 .
It is superseded by the "Cache-Control" directive.
See HTTP 1.1 spec at https://tools.ietf.org/html/rfc7234#section-5.4 :
'Because the meaning of "Pragma: no-cache" in responses is
not specified, it does not provide a reliable replacement for
"Cache-Control: no-cache" in them.'
Sending a "Pragma: nocache" response header is a prudent
backwards compatibility measure for HTTP 1.0 clients.
The intended behaviour is for the majority clients as well as any
intermediary proxies to ignore this header.
Sending an empty Pragma is a known hack
for preventing PHP from adding "Pragma: nocache" to responses
with started sessions (see http://php.net/session_cache_limiter ),
since PHP does not allow unsetting existing header() calls.
2015-09-01 11:45:30 +12:00
Damian Mooyman
09210efbc0
Merge remote-tracking branch 'origin/3'
...
Conflicts:
composer.json
control/Session.php
docs/en/05_Contributing/01_Code.md
docs/en/05_Contributing/02_Release_Process.md
forms/FormField.php
model/DataQuery.php
model/Image.php
model/queries/SQLConditionalExpression.php
view/SSViewer.php
view/ViewableData.php
2015-07-31 15:49:35 +12:00
Peter Thaleikis
bd4fc4afcb
minor codestyle stuff
2015-07-27 19:17:37 +12:00
Daniel Hensby
33d93c2a31
Fixing issues with HTTP cache control
2015-06-29 22:16:02 +01:00
Damian Mooyman
e14f743bf0
Set deprecation level for all changes in 3.x to 4.0
2015-06-19 13:07:41 +12:00
Jeremy Shipman
e766658ee3
API: Allow HTTP Cache Headers to be customized
2015-06-13 12:16:56 +12:00
Damian Mooyman
43f49e8434
Merge remote-tracking branch 'origin/3.1' into 3
...
Conflicts:
admin/code/ModelAdmin.php
control/Director.php
model/SQLQuery.php
security/Member.php
tests/control/HTTPTest.php
tests/model/SQLQueryTest.php
tests/security/SecurityTest.php
tests/view/SSViewerTest.php
2015-03-31 19:54:15 +13:00
Sean Harvey
a7d3f89136
BUG Check for existence of HTTP_USER_AGENT to avoid E_NOTICE error.
...
In some cases, a request may not have an HTTP_USER_AGENT. This should
check the variable exists before attempting to check it. The specific
case where it failed for me was Active Directory Federation Services
sending a web request to a SilverStripe site, but failing because it
doesn't have an agent string.
2015-03-26 12:17:22 +13:00
Damian Mooyman
dff65867cc
Merge remote-tracking branch 'origin/3.1' into 3
...
Conflicts:
control/HTTP.php
control/HTTPResponse.php
docs/en/05_Contributing/01_Code.md
forms/CompositeField.php
forms/FormAction.php
forms/FormField.php
forms/InlineFormAction.php
forms/NumericField.php
forms/TreeDropdownField.php
forms/TreeMultiselectField.php
templates/forms/TreeDropdownField.ss
tests/core/CoreTest.php
tests/forms/NumericFieldTest.php
tests/model/DataDifferencerTest.php
2015-02-20 10:17:19 +13:00
John Milmine
06b142a1e5
adding config variable to cancel ajax caching
2015-01-29 14:19:08 +13:00
Damian Mooyman
eb069e605d
Remove all redundant whitespace
2014-08-19 09:17:15 +12:00
Ingo Schommer
ec325a3c7f
API Fix HTTPS proxy header detection
...
Didn't use the de facto standard HTTP_X_FORWARDED_PROTO or the less standard HTTP_FRONT_END_HTTPS.
Removed the 'X-Forwarded-Proto', since PHP should prefix/underscore all HTTP headers before it hits $_SERVER.
References:
- https://docs.djangoproject.com/en/1.4/ref/settings/#secure-proxy-ssl-header
- https://drupal.org/node/1859252
- https://drupal.org/node/313145
- http://scottwb.com/blog/2013/02/06/always-on-https-with-rails-behind-an-elb/
2014-05-22 18:34:15 +12:00
Damian Mooyman
5e9ae578c3
BUG Fix edge case IE8 / dev / ssl / download file crash
...
Prevents issue at http://support.microsoft.com/kb/323308 appearing on dev
2014-04-28 09:17:35 +12:00
Damian Mooyman
477c3c9de6
BUG Fix regression introduced in #2356 (method call on non-object)
2013-09-23 13:32:55 +12:00
Mateusz Uzdowski
1461ae9e4c
BUG Fix regression in IE no-cache https file downloads.
...
Currently IE6-8 will refuse to download files over HTTPS with default
Framework settings.
Currently the HTTP::add_cache_headers competely overrides Cache-Control
headers on each request, so there is no way to inject custom headers
from the API-consuning methods.
Also of note: adding no-store header also fixes the issue but will
prevent proxies from caching the request body (which they do when using
no-cache). So the setting max-age to some low number is a better choice
here.
2013-08-26 17:15:58 +12:00
Hamish Friedlander
c6b4d993cc
FIX Director::forceSSL and forceWWW not setting Vary header
...
If you have a Varnish box in front of a SilverStripe install, and
you call forceSSL, the Vary header wouldnt get sent. As a result
Varnish would respond with the same redirect reponse after the
redirect, leading to an infinite loop
2013-07-06 15:24:01 +12:00
Jeremy Shipman
b1ba8bd05b
FIX: Updated protocol check to become more stringent.
2013-05-20 12:46:44 +12:00
Jeremy Shipman
d21fd1f0bb
FIX: Don't rewrite urls to be absolute, if they are a URI with a protocol.
...
This is determined in this fix by the existence of a colon ':', to show the uri has a protocol.
2013-05-20 11:59:04 +12:00
Will Rossiter
07b9bd8527
PHPDoc + coding conventions
2013-05-10 21:59:20 +12:00
Damian Mooyman
b6fc1d314e
BUG HTTP will now correctly pass over mailto: links when converting relative links to absolute (e.g. in Emails)
2013-04-18 14:25:51 +12:00
Ingo Schommer
bea1b9002d
Merge remote-tracking branch 'origin/3.0' into 3.1
...
Conflicts:
control/HTTP.php
2013-02-26 13:28:35 +01:00
Ingo Schommer
92458d9f43
Fixed line lengths
2013-02-18 14:41:49 +01:00
Damian Mooyman
1ca15d0399
API HTTP::urlRewriter with (string)$code deprecated in 3.1. Fixed regressions and CSS urls.
...
urlRewriter will expect a callable as a second parameter,
but will work with the current api and simply raise a deprecation error.
HTTP::absoluteURLs now correctly rewrites urls into absolute urls. Resolves introduced in c56a80d6ce
HTTP::absoluteURLs now handles additional cases where urls were not translated.
Test cases for HTTP::absoluteURLs added for both css and attribute links.
Cleaned up replacement expression and improved documentation.
2013-01-24 09:49:44 +01:00
Simon Welsh
3439e30ac1
Corrects indentation and line length
2013-01-24 19:56:02 +13:00
Ingo Schommer
c11b3918fc
Merge remote-tracking branch 'origin/3.0' into 3.1
...
Conflicts:
admin/css/screen.css
admin/scss/_style.scss
core/PaginatedList.php
email/Mailer.php
2013-01-21 11:14:57 +01:00
Hamish Friedlander
f41a7d8b65
FIX: Fix issue with not being able to log out on Chrome when caching enabled because of Chrome bug
2013-01-08 17:47:05 +13:00
Hamish Friedlander
2916f2043c
NEW: Improve HTTP caching logic to automatically disable caching for requests that use the session.
...
This improvement makes it easier to set a side-wide default cache time without needing to worry about CSRF-protected forms, etc.
2013-01-08 17:47:05 +13:00
Sam Minnee
b114aa2488
BUGFIX: Added X-Forwarded-Protocol and User-Agent to Vary header.
2013-01-08 17:47:05 +13:00
Simon Welsh
c56a80d6ce
Use preg_replace_callback over preg_replace with e modifier
2012-12-20 13:40:42 +13:00
Simon Welsh
b0121b541c
Add codesniffer that ensures indentation is with tabs.
2012-12-12 17:33:31 +13:00
Simon Welsh
fc5dd2994c
Add codesniffer that ensures indentation is with tabs.
2012-12-12 00:12:11 +13:00
Sean Harvey
d13b067b54
Remove deprecated HTTP::getMimeType() use get_mime_type() instead
2012-11-16 14:33:20 +13:00
Sam Minnee
1f7fc1f76a
FIX Remove instances of lines longer than 120c
...
The entire framework repo (with the exception of system-generated files) has been amended to respect the 120c line-length limit. This is in preparation for the enforcement of this rule with PHP_CodeSniffer.
2012-09-30 17:18:13 +13:00
Ingo Schommer
e2f073f38a
Method visibility according to coding conventions
2012-09-20 10:46:59 +02:00
Sean Harvey
78423c1bd0
BUGFIX Ensure HTTP::get_mime_type() checks the full path in
...
file_exists() before using the finfo class
2012-05-18 09:22:02 +12:00
Sean Harvey
c9bcfd49ec
BUGFIX Only use finfo if the file exists, otherwise the MIME type
...
detection won't work, such as in the case of HTTPRequest::send_file()
2012-05-17 14:54:30 +12:00
Stig Lindqvist
7d9cf5b365
MINOR Use File::get_file_extension for fallback mime-type detection
2012-05-15 10:03:00 +12:00
Stig Lindqvist
c9bc485f34
MINOR Failover to configuration if the finfo module doesn't exists when getting file mime-type.
2012-05-14 10:04:35 +12:00
Ingo Schommer
a0c0154dac
Merge pull request #429 from halkyon/http_changes
...
API CHANGE Removed old HTTP::sendRequest() and HTTP::sendPostRequest()
2012-05-11 01:03:22 -07:00