silverstripe-framework

mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-25 22:19:33 +02:00

Author	SHA1	Message	Date
Damian Mooyman	7aa67f856b	Move files to middleware folder	2017-06-27 13:32:39 +12:00
Sam Minnee	67887febc5	fix - session now uses request	2017-06-27 13:32:39 +12:00
Sam Minnee	69fe166897	API: Director::handleRequest() is no longer static - use a Director service NEW: Add HTMLMiddlewareAware trait to HTTPApplication, Director, and RequestHandler NEW: Allow service specs to be passed to Director rules. This refactor of the controller middlewares takes a service definition approach rather than a static-method-and-config approach that Director historically had. The use of a trait for middleware means that the Middlewares array property can be defined on RequestHandler, Director, and HTTPApplication objects in the same way.	2017-06-27 13:32:39 +12:00
Sam Minnee	e92c63c545	API: Remove $sid argument of Session::start() NEW: Pass HTTPRequest to session NEW: Pass HTTPReuqest optionally to Director statics The session handler now expects to operate on a specific HTTPRequest object.	2017-06-27 13:32:39 +12:00
Sam Minnee	ccc86306b6	NEW: Add TrustedProxyMiddleware API: SS_TRUSTED_PROXY_HOST_HEADER replace with middleware config API: SS_TRUSTED_PROXY_PROTOCOL_HEADER replace with middleware config API: SS_TRUSTED_PROXY_IP_HEADER replace with middleware config API: Front-End-Https = “on” header no longer supported This middleware replaces the TRUSTED_PROXY setting and shifts its configuration out of the env vars and bootstrap and into the Director flow.	2017-06-27 13:32:39 +12:00
Sam Minnee	c4d038f20d	NEW: Add HTTPRequest::getScheme()/setScheme() NEW: Add HTTPRequest::setIP() API: Rely on HTTPRequestBuilder to set scheme and IP These changes tidy up HTTPRequest making it a container for information and removing special logic from it. This makes it less feature-rich: it doesn’t contain trusted-proxy logic. This will be able to provided by a middleware. The new getScheme() method is designed to be closish to PSR-7’s getUri()->getScheme() equivalent. There are no more direct $_SERVER references in HTTPRequest.	2017-06-27 13:32:39 +12:00
Sam Minnee	4d89daac78	NEW: Register Injector::inst()->get(HTTPRequest) HTTPRequest is provided as a service so that global references for session, hostname, etc can be facilitated. It’s a bit of a hack and should be avoided but we’re unlikely to scrub it completely from the Silverstripe 4 code.	2017-06-27 13:32:39 +12:00
Sam Minnee	10866c0809	API: Replace Director::direct() with Director::handleRequest(). There was no longer any code in direct() and so I opted to expose the handleRequest() method instead.	2017-06-27 13:32:39 +12:00
Sam Minnee	72a7655e95	NEW: Moved allowed-hosts checking to a middleware.	2017-06-27 13:32:39 +12:00
Sam Minnee	db080c0603	NEW: Move session activation to SessionMiddleware.	2017-06-27 13:32:39 +12:00
Sam Minnee	254204a3a6	NEW: Replace AuthenticationRequestFilter with AuthenticationMiddleware	2017-06-27 13:32:39 +12:00
Sam Minnee	e855622890	NEW: Replace FlushRequestFilter with FlushMiddleware	2017-06-27 13:32:39 +12:00
Sam Minnee	95a266c6b9	FIX: Add tests for middleware	2017-06-27 13:32:39 +12:00
Sam Minnee	c482cd673e	DOC: Documentation and upgrade notes for director middleware	2017-06-27 13:32:39 +12:00
Sam Minnee	b30f410ea0	API: Deprecate RequestFilter. NEW: Allow application of HTTPMiddleware to Director. Director can now use the same HTTPMiddleware objects as the app object. They can be applied either globally or pre-rule.	2017-06-27 13:32:39 +12:00
Sam Minnee	26b9bf11ed	NEW: Allow “%$” prefix in Injector::get() Injector::get() looks up services by name. In yaml config it can make things clearer to prefix service names by %$, which is how they must be prefixed when referencing nested services within service definitions. This change means that any other system referencing services will support an optional prefix without needing to specifically code support in themselves.	2017-06-27 13:32:39 +12:00
Damian Mooyman	0ed1750106	Merge remote-tracking branch 'origin/3' # Conflicts: # .travis.yml # .tx/config # _config/database.yml # admin/code/LeftAndMain.php # admin/code/ModelAdmin.php # admin/code/SecurityAdmin.php # admin/javascript/jquery-changetracker/lib/jquery.changetracker.js # admin/javascript/lang/cs.js # admin/javascript/lang/de.js # admin/javascript/lang/eo.js # admin/javascript/lang/es.js # admin/javascript/lang/fa_IR.js # admin/javascript/lang/fi.js # admin/javascript/lang/fr.js # admin/javascript/lang/hr.js # admin/javascript/lang/id.js # admin/javascript/lang/id_ID.js # admin/javascript/lang/it.js # admin/javascript/lang/ja.js # admin/javascript/lang/lt.js # admin/javascript/lang/mi.js # admin/javascript/lang/nb.js # admin/javascript/lang/nl.js # admin/javascript/lang/pl.js # admin/javascript/lang/ro.js # admin/javascript/lang/ru.js # admin/javascript/lang/sk.js # admin/javascript/lang/sl.js # admin/javascript/lang/sl_SI.js # admin/javascript/lang/sr.js # admin/javascript/lang/sr@latin.js # admin/javascript/lang/sr_RS.js # admin/javascript/lang/sr_RS@latin.js # admin/javascript/lang/src/cs.js # admin/javascript/lang/src/de.js # admin/javascript/lang/src/eo.js # admin/javascript/lang/src/es.js # admin/javascript/lang/src/fa_IR.js # admin/javascript/lang/src/fi.js # admin/javascript/lang/src/fr.js # admin/javascript/lang/src/hr.js # admin/javascript/lang/src/id.js # admin/javascript/lang/src/id_ID.js # admin/javascript/lang/src/it.js # admin/javascript/lang/src/ja.js # admin/javascript/lang/src/lt.js # admin/javascript/lang/src/mi.js # admin/javascript/lang/src/nb.js # admin/javascript/lang/src/nl.js # admin/javascript/lang/src/pl.js # admin/javascript/lang/src/ro.js # admin/javascript/lang/src/ru.js # admin/javascript/lang/src/sk.js # admin/javascript/lang/src/sl.js # admin/javascript/lang/src/sl_SI.js # admin/javascript/lang/src/sr.js # admin/javascript/lang/src/sr@latin.js # admin/javascript/lang/src/sr_RS.js # admin/javascript/lang/src/sr_RS@latin.js # admin/javascript/lang/src/sv.js # admin/javascript/lang/src/zh.js # admin/javascript/lang/sv.js # admin/javascript/lang/zh.js # admin/templates/Includes/ModelAdmin_Content.ss # composer.json # control/HTTPRequest.php # core/Config.php # core/Core.php # core/Diff.php # core/Object.php # core/PaginatedList.php # core/TempPath.php # core/manifest/ConfigStaticManifest.php # dev/Profiler.php # docs/en/00_Getting_Started/00_Server_Requirements.md # docs/en/00_Getting_Started/03_Environment_Management.md # docs/en/02_Developer_Guides/01_Templates/03_Requirements.md # docs/en/02_Developer_Guides/07_Debugging/03_Template_debugging.md # docs/en/02_Developer_Guides/13_i18n/index.md # filesystem/File.php # filesystem/GD.php # filesystem/ImagickBackend.php # filesystem/Upload.php # forms/DatetimeField.php # forms/FormField.php # forms/GroupedDropdownField.php # forms/TabSet.php # forms/gridfield/GridFieldFilterHeader.php # javascript/lang/es.js # javascript/lang/src/es.js # lang/af.yml # lang/ar.yml # lang/az.yml # lang/bg.yml # lang/bs.yml # lang/ca.yml # lang/cs.yml # lang/de.yml # lang/en.yml # lang/eo.yml # lang/es.yml # lang/es_AR.yml # lang/es_MX.yml # lang/et_EE.yml # lang/fa_IR.yml # lang/fi.yml # lang/fo.yml # lang/fr.yml # lang/gl_ES.yml # lang/he_IL.yml # lang/hr.yml # lang/hu.yml # lang/id.yml # lang/id_ID.yml # lang/is.yml # lang/it.yml # lang/ja.yml # lang/lt.yml # lang/lv.yml # lang/mi.yml # lang/ms.yml # lang/nb.yml # lang/ne.yml # lang/nl.yml # lang/pl.yml # lang/pt.yml # lang/pt_BR.yml # lang/ro.yml # lang/ru.yml # lang/si.yml # lang/sk.yml # lang/sl.yml # lang/sl_SI.yml # lang/sr.yml # lang/sr@latin.yml # lang/sr_RS.yml # lang/sr_RS@latin.yml # lang/sv.yml # lang/th.yml # lang/tr.yml # lang/uk.yml # lang/zh.yml # lang/zh_CN.yml # lang/zh_TW.yml # model/DataDifferencer.php # model/DataQuery.php # model/Image.php # model/ManyManyList.php # model/connect/DBSchemaManager.php # model/connect/PDOConnector.php # model/fieldtypes/Bigint.php # model/fieldtypes/DBFloat.php # model/fieldtypes/DBInt.php # model/fieldtypes/Double.php # model/fieldtypes/ForeignKey.php # model/fieldtypes/PrimaryKey.php # parsers/HTML/HTMLBBCodeParser.php # security/Member.php # security/MemberAuthenticator.php # security/RandomGenerator.php # security/Security.php # tests/control/CookieTest.php # tests/control/HTTPRequestTest.php # tests/core/CoreTest.php # tests/filesystem/UploadTest.php # tests/forms/FormFieldTest.php # tests/forms/FormTest.php # tests/forms/GroupedDropdownFieldTest.php # tests/forms/HtmlEditorFieldToolbarTest.php # tests/forms/RequirementsTest.php # tests/model/DBFieldTest.php # tests/model/DataObjectTest.php # tests/model/ManyManyListTest.php # tests/model/VersionableExtensionsTest.php # tests/model/VersionedTest.php # tests/parsers/ShortcodeParserTest.php # tests/security/MemberAuthenticatorTest.php # tests/security/MemberTest.php # tests/security/SecurityTest.php # tests/view/SSViewerTest.php # thirdparty/simpletest/encoding.php # thirdparty/simpletest/page.php # thirdparty/simpletest/tag.php # thirdparty/spyc/spyc.php # thirdparty/tinymce-spellchecker/classes/SpellChecker.php # thirdparty/tinymce-spellchecker/classes/utils/JSON.php # thirdparty/tinymce-spellchecker/classes/utils/Logger.php # thirdparty/tinymce/tiny_mce.js # thirdparty/tinymce/tiny_mce_gzip.php # thirdparty/tinymce/tiny_mce_src.js # view/Requirements.php # view/SSViewer.php # view/ViewableData.php	2017-06-27 13:27:14 +12:00
Ingo Schommer	60a3c8754a	Simplify SecurityTest redirect assertion It causes inexplicable failures in the installer test, while it's passing running in framework standalone. This might be related to the cms module being present (with framework tests executed). Either way, testing that FunctionalTest can follow a redirect and correctly display the "/" homepage isn't really the point of this test. It should limit its assertion to the presence of a redirect. See https://travis-ci.org/silverstripe/silverstripe-installer/jobs/246703789	2017-06-27 09:23:37 +12:00
Damian Mooyman	17c8e913bc	Merge pull request #7053 from creative-commoners/pulls/4.0/restore-extension-constructor NEW restored Extension::__construct()	2017-06-26 21:39:55 +12:00
Franco Springveldt	d3d426bdfc	NEW restored Extension::__construct()	2017-06-26 17:34:43 +12:00
Damian Mooyman	22f3d5cec0	Merge pull request #7058 from sminnee/fix-install-db FIX: Allow DB::setConfig() in _config.php	2017-06-26 17:29:31 +12:00
Sam Minnee	3c35d25a64	FIX: Allow DB::setConfig() in _config.php This wasn’t working because the database was being validated before _config.php was loaed. This is how the installer sets config so this is an important fix.	2017-06-26 14:04:20 +12:00
Loz Calver	f60dcba5e7	Merge pull request #7050 from dhensby/pulls/4/intervention-image DOCS InterventionBackend updates	2017-06-23 12:03:23 +01:00
Daniel Hensby	fea36f2d7b	DOCS Update Image docs to reflect intervention/image changes	2017-06-23 11:18:21 +01:00
Daniel Hensby	b1d8c0308b	Remove asset cache that belongs in assets module	2017-06-23 10:45:41 +01:00
Ingo Schommer	fa568e333e	Fixed linting errors	2017-06-23 11:19:16 +12:00
Ingo Schommer	12c2edc1d5	Fix DeprecationTest The $project use has changed in `3873e4ba00`. The test isn't really reliant on $project anyway, it just tests that any other module identifier doesn't interfere with core notification settings.	2017-06-23 10:22:26 +12:00
Ingo Schommer	fb09e0b65f	Fix merge error	2017-06-23 09:27:46 +12:00
Ingo Schommer	e592bed3e5	Fixed merge error	2017-06-22 23:07:58 +12:00
Damian Mooyman	3873e4ba00	API Refactor bootstrap, request handling See https://github.com/silverstripe/silverstripe-framework/pull/7037 and https://github.com/silverstripe/silverstripe-framework/issues/6681 Squashed commit of the following: commit `8f65e56532` Author: Ingo Schommer <me@chillu.com> Date: Thu Jun 22 22:25:50 2017 +1200 Fixed upgrade guide spelling commit `76f95944fa` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 16:38:34 2017 +1200 BUG Fix non-test class manifest including sapphiretest / functionaltest commit `9379834cb4` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 15:50:47 2017 +1200 BUG Fix nesting bug in Kernel commit `188ce35d82` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 15:14:51 2017 +1200 BUG fix db bootstrapping issues commit `7ed4660e7a` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 14:49:07 2017 +1200 BUG Fix issue in DetailedErrorFormatter commit `738f50c497` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 11:49:19 2017 +1200 Upgrading notes on mysite/_config.php commit `6279d28e5e` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 11:43:28 2017 +1200 Update developer documentation commit `5c90d53a84` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 22 10:48:44 2017 +1200 Update installer to not use global databaseConfig commit `f9b2ba4755` Author: Damian Mooyman <damian@silverstripe.com> Date: Wed Jun 21 21:04:39 2017 +1200 Fix behat issues commit `5b59a912b6` Author: Damian Mooyman <damian@silverstripe.com> Date: Wed Jun 21 17:07:11 2017 +1200 Move HTTPApplication to SilverStripe\Control namespace commit `e2c4a18f63` Author: Damian Mooyman <damian@silverstripe.com> Date: Wed Jun 21 16:29:03 2017 +1200 More documentation Fix up remaining tests Refactor temp DB into TempDatabase class so it’s available outside of unit tests. commit `5d235e64f3` Author: Damian Mooyman <damian@silverstripe.com> Date: Wed Jun 21 12:13:15 2017 +1200 API HTTPRequestBuilder::createFromEnvironment() now cleans up live globals BUG Fix issue with SSViewer Fix Security / View tests commit `d88d4ed4e4` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 20 16:39:43 2017 +1200 API Refactor AppKernel into CoreKernel commit `f7946aec33` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 20 16:00:40 2017 +1200 Docs and minor cleanup commit `12bd31f936` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 20 15:34:34 2017 +1200 API Remove OutputMiddleware API Move environment / global / ini management into Environment class API Move getTempFolder into TempFolder class API Implement HTTPRequestBuilder / CLIRequestBuilder BUG Restore SS_ALLOWED_HOSTS check in original location API CoreKernel now requires $basePath to be passed in API Refactor installer.php to use application to bootstrap API move memstring conversion globals to Convert BUG Fix error in CoreKernel nesting not un-nesting itself properly. commit `bba9791146` Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 19 18:07:53 2017 +1200 API Create HTTPMiddleware and standardise middleware for request handling commit `2a10c2397b` Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 19 17:42:42 2017 +1200 Fixed ORM tests commit `d75a8d1d93` Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 19 17:15:07 2017 +1200 FIx i18n tests commit `06364af3c3` Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 19 16:59:34 2017 +1200 Fix controller namespace Move states to sub namespace commit `2a278e2953` Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 19 12:49:45 2017 +1200 Fix forms namespace commit `b65c21241b` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 15 18:56:48 2017 +1200 Update API usages commit `d1d4375c95` Author: Damian Mooyman <damian@silverstripe.com> Date: Thu Jun 15 18:41:44 2017 +1200 API Refactor $flush into HTPPApplication API Enforce health check in Controller::pushCurrent() API Better global backup / restore Updated Director::test() to use new API commit `b220534f06` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 22:05:57 2017 +1200 Move app nesting to a test state helper commit `603704165c` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 21:46:04 2017 +1200 Restore kernel stack to fix multi-level nesting commit `2f6336a15b` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 17:23:21 2017 +1200 API Implement kernel nesting commit `fc7188da7d` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 15:43:13 2017 +1200 Fix core tests commit `a0ae723514` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 15:23:52 2017 +1200 Fix manifest tests commit `ca03395251` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 15:00:00 2017 +1200 API Move extension management into test state commit `c66d433977` Author: Damian Mooyman <damian@silverstripe.com> Date: Tue Jun 13 14:10:59 2017 +1200 API Refactor SapphireTest state management into SapphireTestState API Remove Injector::unregisterAllObjects() API Remove FakeController commit `f26ae75c6e` Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 12 18:04:34 2017 +1200 Implement basic CLI application object commit `001d559662` Author: Damian Mooyman <damian@silverstripe.com> Date: Mon Jun 12 17:39:38 2017 +1200 Remove references to SapphireTest::is_running_test() Upgrade various code commit `de079c041d` Author: Damian Mooyman <damian@silverstripe.com> Date: Wed Jun 7 18:07:33 2017 +1200 API Implement APP object API Refactor of Session	2017-06-22 22:50:45 +12:00
Daniel Hensby	4ad6bdbe7e	Merge pull request #7028 from kinglozzer/logout-token WIP: Add CSRF token to logout action	2017-06-22 09:39:49 +01:00
Loz Calver	5d27dccd60	NEW: Add CSRF token to logout action	2017-06-21 15:42:13 +01:00
Loz Calver	4d73982263	Merge pull request #7038 from SpiritLevel/patch-1 Update 03_Environment_Management.md	2017-06-20 09:04:42 +01:00
David Alexander	3b812417ad	Update 03_Environment_Management.md @dhensby I thought I saw a recent merge making PDO the default.	2017-06-20 10:12:55 +12:00
Damian Mooyman	306d801258	Merge pull request #6984 from dhensby/pulls/4/default-pdo NEW DB Driver defaults to PDO	2017-06-18 21:27:32 +12:00
Chris Joe	8c91d48d3a	Merge pull request #7033 from open-sausages/pulls/4.0/remove-parse-indexspec FIX Remove reference to removed method parseIndexSpec	2017-06-16 16:40:51 +12:00
Chris Joe	102eaed36c	Merge pull request #6722 from open-sausages/pulls/4.0/requirements-html-cleanup Better HTML generation behaviour for Requirements_Backend	2017-06-16 13:52:06 +12:00
Damian Mooyman	dd4eb6ce44	Merge pull request #6960 from open-sausages/pulls/4.0/security-process-docs Internal security process docs	2017-06-16 13:50:58 +12:00
Chris Joe	fa203d8c99	Merge pull request #7034 from open-sausages/pulls/4.0/fix-i18n-countries BUG Removed reserved / removed / invalid country codes	2017-06-16 13:26:42 +12:00
Damian Mooyman	64e802f795	API Move createTag to HTML class ENHANCEMENT Better HTML generation behaviour for Requirements_Backend	2017-06-16 12:22:05 +12:00
Damian Mooyman	54879402ce	BUG Removed reserved / removed / invalid country codes Fixes #6996	2017-06-16 11:38:00 +12:00
Lukas	a990c99d6e	NEW: suffix subfolder in silverstripe-cache with php-version (#6810 ) Note that this changes the default temp path value * Was: /tmp/silverstripe-cache-Users-FOO-webroot-BAR-php7.1.5/USER * Now: /tmp/silverstripe-cache-Users-FOO-webroot-BAR/USER-php7.1.5	2017-06-16 11:25:02 +12:00
Damian Mooyman	957d238caa	FIX Remove reference to removed method parseIndexSpec Fixes #6968	2017-06-16 11:20:52 +12:00
Chris Joe	65e2347342	Merge pull request #6989 from open-sausages/pulls/4.0/cms-reauth-style ENHANCEMENT Update style of CMSLogin form	2017-06-15 20:20:27 +12:00
Damian Mooyman	619942f426	Remove trash file	2017-06-15 18:33:47 +12:00
Damian Mooyman	0f90c5b63f	ENHANCEMENT Update style of CMSLogin form	2017-06-15 18:13:14 +12:00
Damian Mooyman	22e084f288	Merge pull request #7026 from Firesphere/move_default_admin Move default admin	2017-06-15 18:12:51 +12:00
Damian Mooyman	024371c37e	API Change authentication ValidationResult handling to pass by-reference	2017-06-15 17:25:23 +12:00
Damian Mooyman	62d095305b	API Update DefaultAdmin services API Improve validation of authentication process	2017-06-15 15:53:57 +12:00
Simon Erkelens	576eee72dc	Remove DefaultAdmin things from Security and Member into the MemberAuthenticator, unifying and removing duplicate code.	2017-06-15 14:20:29 +12:00

1 2 3 4 5 ...

18557 Commits