Commit Graph

19895 Commits

Author SHA1 Message Date
Robbie Averill
7a8a24d175 Reset force SSL domain/patterns in setup to prevent global state pollution 2018-05-29 17:34:22 +12:00
Robbie Averill
063d765e94 Add test assertion for response instance
This prevents middlewares that return null (like the example delegate in this test) from killing a testsuite
2018-05-29 17:26:29 +12:00
Robbie Averill
6d98a912c9 Merge branch 'heads/4.1.1' into 4.1 2018-05-28 18:26:20 +12:00
Robbie Averill
01ed8a316b
Added 4.1.1 changelog 2018-05-24 16:52:15 +12:00
Robbie Averill
722202fef4 Merge remote-tracking branch 'origin/4.0.4' into 4.1.1
# Conflicts:
  #	src/Control/Director.php
2018-05-24 15:41:11 +12:00
Robbie Averill
fe4f6f42d3
Updated 4.0.4 changelog 2018-05-24 13:51:21 +12:00
Damian Mooyman
5bff64b47b BUG Fix Director::test() not persisting removed session keys on teardown 2018-05-24 13:10:03 +12:00
Robbie Averill
e7e32d13a3
FIX Add namespace and encryptor to tests that expect blowfish to be available 2018-05-24 11:24:56 +12:00
Robbie Averill
bb1f0cce58
Added 4.0.4 changelog 2018-05-24 11:15:14 +12:00
Robbie Averill
5b7eca2b63
Merge pull request #70 from silverstripe-security/pulls/4.0/ss-2018-012
[ss-2018-012] File security documentation
2018-05-14 17:16:53 +12:00
Damian Mooyman
299131ed22 [ss-2018-012] File security documentation 2018-05-14 17:16:36 +12:00
Robbie Averill
c28f411abd
Merge pull request #66 from silverstripe-security/pulls/4.0/security-password-fix
SECURITY: Remove password text from session data on failed submission
2018-05-14 17:15:28 +12:00
Aaron Carlino
f847f186b1 [ss-2018-013] Remove password text from session data on failed submission 2018-05-14 17:14:38 +12:00
Robbie Averill
5887201dd5
Merge pull request #64 from silverstripe-security/pulls/4.0/ss-2018-010
[SS-2018-010] Fix regression of SS-2017-002
2018-05-14 17:12:45 +12:00
Robbie Averill
beec0c0d47 [SS-2018-010] Fix regression of SS-2017-002 2018-05-14 17:12:07 +12:00
Robbie Averill
1e6790bfb6
Merge pull request #62 from silverstripe-security/pulls/4.0/ss-2018-001
[ss-2018-001] Restrict non-admins from being assigned to admin groups
2018-05-14 17:11:03 +12:00
Damian Mooyman
e409d6f673 [ss-2018-001] Restrict non-admins from being assigned to admin groups 2018-05-14 17:10:22 +12:00
Robbie Averill
39b62e5fbb
Merge pull request #61 from silverstripe-security/pulls/4.0/ss-2018-008
[ss-2018-008] Validate against malformed urls
2018-05-14 17:07:09 +12:00
Damian Mooyman
9053014a7e [ss-2018-008] Validate against malformed urls 2018-05-14 17:06:47 +12:00
Robbie Averill
6f50728b18
Merge pull request #59 from silverstripe-security/pulls/4.0/ss-2018-006
[ss-2018-006] Prevent code execution in template value resolution
2018-05-14 17:06:04 +12:00
Robbie Averill
cd716fb61b Switch check for is_string 2018-05-14 17:05:31 +12:00
Damian Mooyman
2e13ae746f [ss-2018-006] Prevent code execution in template value resolution 2018-05-14 17:05:31 +12:00
Robbie Averill
3e205d69c3
Merge pull request #57 from silverstripe-security/pulls/4.0/ss-2018-005
[ss-2018-005] Prevent unauthenticated isDev / isTest being allowed
2018-05-14 17:04:23 +12:00
Damian Mooyman
d935140a95 [ss-2018-005] Prevent unauthenticated isDev / isTest being allowed 2018-05-14 17:03:39 +12:00
Daniel Hensby
62631dc3ee
Merge pull request #8013 from open-sausages/pulls/4.1/fix-password-validator-fields
BUG Prevent password validator min score producing false negatives
2018-04-30 12:16:56 +01:00
Damian Mooyman
b07e13d2f8 BUG Fix incorrect installer base tag generation (#8018)
Fixes #7926
2018-04-24 10:53:08 +12:00
Damian Mooyman
9a12fac218
BUG Prevent password validator min score producing false negatives
Replaces #7995
2018-04-18 10:35:31 +12:00
Damian Mooyman
73d31d4797
Merge pull request #8008 from blueo/patch-1
Add .htaccess to base with public rewrite
2018-04-18 09:38:34 +12:00
Bernard Hamlin
3d2a3198d7
Add .htaccess to base with public rewrite
Upgrading from 4.0 to 4.1 we needed this extra file. It is created by default with the cms recipe eg: https://raw.githubusercontent.com/silverstripe/recipe-cms/1/.htaccess
2018-04-16 14:51:12 +12:00
Damian Mooyman
5a8c5601a9
Merge remote-tracking branch 'origin/4.0' into 4.1
# Conflicts:
#	.travis.yml
#	composer.json
2018-04-13 09:55:23 +12:00
Damian Mooyman
81a2c15eb0
Merge pull request #7777 from open-sausages/pulls/4.0/selenium-upgrade
API Update behat-extension from selenium > chromedriver
2018-04-12 15:37:27 +12:00
Damian Mooyman
c54b07a952
API Update to use new chromedriver + behat-extension + facebook/webdriver 2018-04-12 14:19:14 +12:00
Robbie Averill
09b4f26151 Merge branch '4.0' into 4.1 2018-04-10 16:18:08 +12:00
Robbie Averill
b6c6bd6af2
Merge pull request #7989 from open-sausages/pulls/4.0/bulk-through-bug
BUG Fix many_many through crashing ModelAdmin
2018-04-10 15:43:25 +12:00
Damian Mooyman
e11ba9a2d7 BUG Fix many_many through crashing ModelAdmin 2018-04-10 14:51:49 +12:00
Damian Mooyman
facaad5a03
Merge pull request #7982 from wilr/pulls/fix-selectiongroup
Fix invalid markup in SelectionGroup selected values
2018-04-10 13:16:16 +12:00
Will Rossiter
09cc75a656 MINOR Add visiblity to SelectionGroup test functions 2018-04-05 10:33:27 +12:00
Will Rossiter
2512761587 Fix invalid markup in SelectionGroup selected values 2018-04-05 10:16:25 +12:00
Damian Mooyman
99426cdb05
Merge remote-tracking branch 'origin/4.0' into 4.1 2018-04-04 17:36:45 +12:00
Damian Mooyman
7d05c500ae
Merge pull request #7961 from wilr/features/resourceurl-fixtures
Use ModuleResourceLoader for fixtures path
2018-03-29 15:27:38 +13:00
Damian Mooyman
75a29b8b16
Merge pull request #7967 from NightJar/patch-2
Reorder HTML to be semantically correct on render
2018-03-29 15:26:22 +13:00
Dylan Wagstaff
c5fcab81df
Reorder HTML to be semantically correct on render
Don't close the unordered list every iteration :)
2018-03-29 12:01:27 +13:00
Daniel Hensby
54b6c6f6e8
Merge pull request #7965 from andreaslindahl/DBMultiEnum
Fix for "too few parameters" error when using DBMultiEnum
2018-03-28 17:31:12 +01:00
Andreas Lindahl
dd44deacb4 Fix for "too few parameters" error when using DBMultiEnum 2018-03-28 16:42:12 +02:00
Daniel Hensby
773511a6c3
Merge branch '4.0' into 4.1 2018-03-28 11:18:08 +01:00
Daniel Hensby
0adbc6b21f
Merge branch '3.6' into 4.0 2018-03-28 11:14:21 +01:00
Daniel Hensby
b36ba81a40
Merge branch '3.5' into 3.6 2018-03-28 11:06:32 +01:00
Damian Mooyman
45a7b44a15
Merge pull request #7858 from dhensby/pulls/3.5/add-support-file
Add support.md file
2018-03-28 16:56:11 +13:00
Will Rossiter
20c6ddd354
Use ModuleResourceLoader for fixtures path
This adds the ability to refer to a fixture file path by the ModuleResourceLoader path (e.g  protected static $fixture_file = 'vendor/module:tests/fixtures.yml')
2018-03-28 10:36:56 +13:00
Daniel Hensby
61463424ff
Support file grammer improvements 2018-03-27 11:49:04 +01:00