tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-29 07:59:31 +02:00
Code Issues Projects Releases Wiki Activity
19,782 Commits 29 Branches 516 Tags 147 MiB
7416ce275b
Commit Graph

94 Commits

Author SHA1 Message Date
Daniel Hensby
7416ce275b
FIX doInit comparison should be lowercased 2019-03-05 19:01:12 +00:00
Loz Calver
8d7c2dafab [SS-2018-019] Add confirmation token to dev/build 2018-11-07 11:33:24 +13:00
Robbie Averill
b922c0d732 FIX Check scheme is truthy before setting it to the request 2018-09-03 08:59:37 +02:00
Robbie Averill
3178fbf3bb
Merge pull request #8028 from andrewandante/pulls/4.0/unset_http_scheme_on_cli 
unset http scheme on CLIRequestBuilder
 2018-08-27 16:11:42 +12:00
Damian Mooyman
2a51f34c3e
BUG Prevent canonical URL causing a redirect on CLI unless explicitly enabled 
Replaces #8157
 2018-06-11 13:54:27 +12:00
Damian Mooyman
5bff64b47b BUG Fix Director::test() not persisting removed session keys on teardown 2018-05-24 13:10:03 +12:00
Damian Mooyman
9053014a7e [ss-2018-008] Validate against malformed urls 2018-05-14 17:06:47 +12:00
Andrew Aitken-Fincham
64964f7402
unset http scheme on CLIRequestBuilder 2018-05-02 11:43:51 +01:00
Damian Mooyman
6b38031a1e BUG Fix Director::test() not persisting removed session keys on teardown 2018-02-13 11:35:16 +13:00
Damian Mooyman
740c3326e9
BUG Fix critical issue with incorrectly saved session data 2018-02-02 15:08:52 +13:00
Dylan Wagstaff
e1a4b89912
Code lint fix 
change `else if` to `elseif`
 2018-01-24 09:04:22 +13:00
Dylan Wagstaff
9c3feb4ab4
FIX: Allow absolute URLs be use as resources 
At current certain interfaces exist that assume only local assets will be loaded (e.g. `SilverStripe\Forms\HTMLEditor\TinyMCEConfig::getConfig()`), where as someone may wish to load an off site resource via the use of an absolute URL (e.g. for fontawesome css provided via a CDN). Because asset path parsing is filtered through a `SilverStripe\Core\Manifest\ResourceURLGenerator`, one must either know in advance if they want an internal or external resource (loading different generators), or the API must allow for this (i.e. an inclusion function for each type of asset). So we can either double the API on the implementing class, or simply make an exception for an absolute URL as high as possible; inside the filter - for which the `vendor/module : path/to/file.asset` shorthand syntax was specifically designed not to conflict with.
 2018-01-23 17:31:43 +13:00
Daniel Hensby
db610aaf3b
Fixing string concat CS issues 2018-01-16 18:39:30 +00:00
Robbie Averill
cc90cb0125 FIX HTTPResponse::removeHeader incorrectly converts header name to lowercase 2018-01-16 23:20:52 +13:00
Damian Mooyman
f885101a1b
BUG Fix basic auth in PHP-CGI 
Fixes #7717
 2017-12-21 14:58:19 +13:00
Daniel Hensby
07a0f75426
Merge branch '3.6' into 4.0 2017-11-25 16:56:50 +00:00
Damian Mooyman
c9921447b3
Merge pull request #7539 from colintucker/fix-broken-paginated-list 
Fixed array/object mismatch bug in PaginatedList
 2017-11-15 15:17:15 +13:00
Daniel Hensby
6139de8680
FIX Make sure plain parts are rendered when re-rendering emails 2017-11-08 15:32:51 +00:00
Colin Tucker
f952ef747b
Fixed array/object mismatch bug in PaginatedList 2017-11-06 11:23:41 +00:00
Damian Mooyman
6a73466b41 BUG Fix basicauth 2017-11-03 12:08:38 +13:00
Damian Mooyman
9d3277f3d3
BUG Fix forceWWW and forceSSL not working in _config.php 
API Introduce CanonicalURLMiddleware
BUG Fix Director::makeRelative() failing on multi-domain sites
 2017-10-30 14:42:36 +13:00
Damian Mooyman
b9cb1e69e6 BUG Replace phpdotenv with thread-safe replacement 2017-10-20 18:43:11 +13:00
Damian Mooyman
d0ca9bd17a Merge pull request #7490 from open-sausages/pulls/4.0/my-email-children-deserve-the-best 
BUG Fix enable email subclasses to use their respective templates
 2017-10-19 16:30:37 +13:00
Christopher Joe
dabdc905ce
BUG Fix enable email subclasses to use their respective templates 2017-10-19 14:44:04 +13:00
Nathan J. Brauer
bcc2cc6a0b Adding 308 HTTP Response as an redirect code 
https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml
Often times, 308 are preferred over 301 redirects, as they tell the requester to, for example, re-POST a form submission on the final URL.
 2017-10-18 12:27:00 -07:00
Damian Mooyman
3e6984d5a8
Shift REQUEST_URI mangling into HTTPRequestBuilder::createFromVariables() 2017-10-09 17:35:33 +13:00
Damian Mooyman
199d607a2c Tiny revert 2017-10-09 17:21:43 +13:00
Ingo Schommer
1e913bb938 Remove rewrite-less routing through index.php 
It's currently broken (doesn't rewrite subsequent links),
and is of questionable use. It was introduced during a time
when PHP didn't have a built-in webserver (I think).
Virtually ever webserver will have rewriting capabilities these days (even IIS!),
and if you struggle with the setup as a new user, you can just fall back to PHP's built-in webserver.

This doesn't affect installation capabilities, since these are triggered via install.php.
 2017-10-09 17:21:43 +13:00
Ingo Schommer
1e051386c6 Simplified request building 2017-10-09 17:21:43 +13:00
Ingo Schommer
bd11bc16c7 Avoid double slash in Director mock URLs 
They get faulty results when run through parse_url($url, PHP_URL_PATH)
which we started using in HTTPRequestBuilder
 2017-10-09 17:21:43 +13:00
Ingo Schommer
4a94dfe55b Remove "url" query param reliance, use index.php 
See https://github.com/silverstripe/silverstripe-framework/issues/7430
 2017-10-09 17:21:43 +13:00
Damian Mooyman
fa57deeba4
ENHANCEMENT Allow vendor modules with url rewriting 
API Introduce ModuleResource feature
 2017-09-29 10:28:38 +13:00
Damian Mooyman
f574f6d1b2
Reset test state for modified config options 2017-09-28 17:24:32 +13:00
Christopher Joe
90d0361a6c Enhancement update set_themes to not update config 2017-09-28 16:47:13 +13:00
Christopher Joe
7e92b053f4 Enhancement Add setter and getter for certain classes, so that LeftAndMain no longer updates config during init 2017-09-28 16:47:13 +13:00
Damian Mooyman
da27948777 Merge pull request #7373 from dhensby/pulls/4/rate-limit-security 
NEW RateLimiter for Security controller
 2017-09-28 11:01:37 +13:00
Damian Mooyman
e4fd9b4ff7
Code style fixes 2017-09-28 09:54:29 +13:00
Daniel Hensby
5f739c111e
added ratelimiter tests 2017-09-27 16:42:04 +01:00
Daniel Hensby
51ac297c59
Fixes to ratelimiter and new features 2017-09-27 14:44:38 +01:00
Damian Mooyman
261302a121
ENHANCEMENT Don't force all class names to lowercase 
Speeds up autoloading because composer psr-4 works properly now
 2017-09-20 15:14:55 +12:00
Daniel Hensby
04b1bb816e
NEW RateLimiter for Security controller 2017-09-14 14:23:36 +01:00
Daniel Hensby
9198313658
FIX HTTP Headers are case insensitive 2017-09-13 16:02:12 +01:00
Ingo Schommer
64af679c35 DOCS Corrected env type docs (fixes #7290) 2017-08-30 08:35:41 +12:00
Damian Mooyman
9b4d689bb2 Lazy-load custom methods and extensions on CustomMethods and Extensible traits 
No longer need constructExtensions()
 2017-08-22 15:47:24 +12:00
Christopher Joe
249c7048d9 Fix trim accept header parts 2017-08-21 15:31:13 +12:00
Robbie Averill
392cda15f6 NEW Add updateRules extension point to Director::handleRequest 2017-07-23 22:10:46 +12:00
Robbie Averill
ea4181166f FIX Ensure phpdbg calls are registered by SilverStripe core as a CLI call 2017-07-17 16:56:01 +12:00
Robbie Averill
823e49526f NEW Allow SSViewer and SSViewer_FromString to be injectable 2017-07-13 20:48:58 +12:00
Damian Mooyman
ed26b251c8
ENHANCEMENT: Better output type detection for debugging 2017-07-04 17:33:49 +12:00
Damian Mooyman
f65e3627dc
BUG Implement or exclude all pending upgrader deltas 2017-07-03 12:21:47 +12:00