Maxime Rainville
7ce2abf74d
Merge remote-tracking branch 'origin/4.4' into 4.5
2020-02-17 14:43:38 +13:00
Maxime Rainville
a9598eec3f
Added 4.4.5 changelog
2020-02-17 14:02:57 +13:00
Maxime Rainville
acd7d94167
Merge branch '4.4' into 4.5
2020-02-17 13:07:26 +13:00
Serge Latyntcev
ad1b00ec7d
[CVE-2019-19325] XSS through non-scalar FormField attributes
...
Silverstripe Forms allow malicious HTML or JavaScript to be inserted
through non-scalar FormField attributes, which allows performing XSS (Cross-Site Scripting)
on some forms built with user input (Request data). This can lead to phishing attempts
to obtain a user's credentials or other sensitive user input.
There is no known attack vector for extracting user-session information or credentials automatically,
it required a user to fall for the phishing attempt.
XSS can also be used to modify the presentation of content in malicious ways.
2020-02-17 09:58:29 +13:00
Serge Latyntcev
08eaed4190
Added 4.5.0 changelog
2019-12-19 11:24:04 +13:00
Serge Latyntcev
e1a1459df3
Added 4.5.0-rc2 changelog
2019-12-19 11:23:31 +13:00
Serge Latyntcev
84d0d75e96
Added 4.5.0-rc1 changelog
2019-11-18 17:18:05 +13:00
Serge Latyntcev
efc9bec5e6
Added 4.5.0-alpha1 changelog
2019-11-14 14:39:41 +13:00
DorsetDigital
7e361b6127
Doc: Remove old reference to theme
...
Update siteconfig doc to remove reference to setting the current theme.
2019-11-09 10:28:05 +00:00
Mojmir Fendek
e2bea6b41f
API Add withConfig
method ( #9011 )
...
* With config functionality added.
* Update docs/en/02_Developer_Guides/04_Configuration/00_Configuration.md
2019-10-31 16:12:04 +13:00
Serge Latyntcev
2d4cbf8fef
DOC Describe our current branch naming conventions
2019-10-30 15:31:36 +13:00
Sam Minnée
e6ea109127
Merge pull request #9298 from ScopeyNZ/pulls/4/update-method-visibility-docs
...
DOCS Update contribution guidelines around method visibility
2019-10-23 11:52:20 +13:00
Serge Latyntsev
bd2ccf70fa
Merge pull request #9282 from open-sausages/pulls/4/docs/clarify-basic-auth
...
DOCS Clarify BasicAuth limitations
2019-10-22 14:01:51 +13:00
Maxime Rainville
e59625fe5a
NEW Add ability to define image size preset for the TinyMCE editor. ( #9276 )
...
* NEW Add ability to define image size preset for the TinyMCE editor.
* DOC Explain how to define image size pre-sets
2019-10-22 11:50:28 +13:00
Guy Marriott
6458697663
DOCS Update contribution guidelines around method visibility
...
This is in response to the RFC discussion in #8996
2019-10-21 11:00:16 -07:00
jeremy
7900d2aeb1
Update docs/en/02_Developer_Guides/06_Testing/00_Unit_Testing.md
...
Better worded
Co-Authored-By: Robbie Averill <robbie@averill.co.nz>
2019-10-18 11:23:44 +11:00
jeremy
1197b94415
Update Test documentation about database behaviours
...
This update is based on what I have experienced and this conversation on Slack https://silverstripe-users.slack.com/archives/C6PLF83H9/p1571281365001600
2019-10-18 10:38:23 +11:00
Ingo Schommer
36ceaa00dd
DOCS Update demo links
...
Promote the new landing page: https://www.silverstripe.org/try
[ci-skip]
2019-10-11 13:48:29 +13:00
Ingo Schommer
8dcda91538
DOCS Clarify BasicAuth limitations
2019-10-10 10:41:39 +13:00
Guy Marriott
3a1904d1bb
DOCS Update contact information for translations docs
2019-10-04 09:44:39 -07:00
Serge Latyntcev
7dfc35d204
DOC Fix the required NodeJS version for CMS custamisation
2019-10-01 14:27:23 +13:00
Loz Calver
daf995da63
Fix syntax error in DataList docs
2019-09-30 09:36:12 +01:00
Serge Latyntcev
a706e37ec3
DOC Fix Contribution guide broken links
2019-09-30 13:36:19 +13:00
Serge Latyntsev
80b282b605
DOC Forget about google groups
2019-09-26 14:39:38 +12:00
Maxime Rainville
d7f5ed3e65
DOC Substituce old apache syntax for Require
2019-09-25 16:59:48 +12:00
Robbie Averill
d95fe203b8
Merge pull request #9263 from creative-commoners/pulls/4/js-api-docs-semver-warning
...
DOC Add warning about Semver status of modern JS / GraphQL tooling
2019-09-24 18:17:29 -07:00
Aaron Carlino
b0a17f5df1
Update changelog
2019-09-25 11:23:57 +12:00
Garion Herman
637a891b8c
DOC Include link to semver.org in modern JS / GQL warning
2019-09-25 11:22:04 +12:00
Garion Herman
3db0fa46b5
DOC Add warning about Semver status of modern JS / GraphQL tooling
2019-09-25 10:26:06 +12:00
Serge Latyntcev
88fde6e7c3
Merge branch '4.4' into 4
2019-09-24 17:29:06 +12:00
Serge Latyntcev
50a1aa4c4d
Merge branch '4.3' into 4.4
2019-09-24 17:28:31 +12:00
Aaron Carlino
b002ef1171
Merge branch '4.4' into 4
2019-09-24 17:26:50 +12:00
Serge Latyntcev
26a4fb38ba
Added 4.3.6 changelog
2019-09-24 17:20:48 +12:00
Aaron Carlino
79a89e751d
Added 4.4.4 changelog
2019-09-24 17:05:26 +12:00
Aaron Carlino
c1047fac32
DOCS: Add docs for versioned files migration
2019-09-24 16:04:22 +12:00
Aaron Carlino
28057e3a71
DOCS: Add FileShortcodeProvider change to changelog
2019-09-24 16:03:48 +12:00
Aaron Carlino
1f92b21a04
DOCS: Add FileShortcodeProvider change to changelog
2019-09-24 16:03:48 +12:00
Aaron Carlino
8ee5e621fd
DOCS: Add docs for versioned files migration
2019-09-24 16:00:51 +12:00
Aaron Carlino
99ab3c6421
DOCS: Add FileShortcodeProvider change to changelog
2019-09-24 16:00:51 +12:00
Serge Latyntcev
f185dfb2c5
DOC Clarify that Security release is a SilverStripe Core release
2019-09-18 11:19:55 +12:00
Christopher Darling
c8f274de80
DOCS fix DataList::exclude() code example
2019-09-15 20:34:18 +01:00
Robbie Averill
b8e81983b9
DOCS Update PSR-12 compliance in GridField_ActionProvider docs code examples
...
[ci skip]
2019-09-13 18:09:10 -07:00
Robbie Averill
ed47f43133
Merge pull request #9169 from jakxnz/patch-1
...
Update 04_Create_a_GridField_ActionProvider.md
2019-09-13 18:05:51 -07:00
Ingo Schommer
229df95fe9
DOCS Warning about protected file serving in 4.x
2019-09-13 18:01:44 -07:00
Serge Latyntsev
233e0e7aa0
ENH PasswordExpirationMiddleware implementation ( #9207 )
2019-09-12 14:34:06 +12:00
Aaron Carlino
da6582f593
NEW: Remove web installer, move to separate package ( #9231 )
...
* Remove installer
* Remove exposed install files
* Replace Dev/Install classes still in use
* Update changelog
* FIX make the grid field actions consistent to what they look like on pages
Resolves https://github.com/silverstripe/silverstripe-admin/issues/904
* Docs changes
2019-09-11 13:10:25 +12:00
Andre Kiste
75cd9dc944
Merge pull request #9202 from open-sausages/pulls/4/document-ss32-variant-migration
...
DOC Explain how to mgirate SS3.2 variants
2019-09-11 11:47:28 +12:00
Matt Peel
7083f016c1
Update secure coding standards
...
As of SS4.0.0 and the introduction of TrustedProxyMiddleware, the default now if no trusted proxies are defined is that nothing is a trusted proxy, whereas in SS3 a missing declaration was treated as everything being allowed.
2019-09-10 12:55:24 +12:00
Andre Kiste
23719af2a1
Apply suggestions from code review
...
Typos
2019-09-09 13:36:53 +12:00
Maxime Rainville
c165561580
Fix typos
...
Co-Authored-By: Robbie Averill <robbie@averill.co.nz>
2019-09-09 09:06:40 +12:00