tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-07-09 04:49:40 +02:00
Code Issues Projects Releases Wiki Activity
15,325 Commits 29 Branches 518 Tags 147 MiB
8865f680e6
Commit Graph

17 Commits

Author SHA1 Message Date
Daniel Hensby
c2a0e8945f FIX undeclared constant issue 2016-02-27 21:00:45 +13:00
Ingo Schommer
faa94d51d5 [ss-2016-003] Hostname, IP and Protocol Spoofing through HTTP Headers 2016-02-24 11:33:54 +13:00
Simon Erkelens
1831947157 Declare the global mapping 
Fix for  #4426
 2015-07-23 20:52:09 +02:00
Daniel Hensby
ca8d0f2818 Merge branch '3.1' into 3.2 
Conflicts:
	dev/Debug.php
	docs/en/05_Contributing/01_Code.md
	forms/FormField.php
	i18n/i18nTextCollector.php
	model/DataQuery.php
 2015-07-20 10:48:01 +01:00
Damian Mooyman
5ace4905c9 BUG Fix issue when SS_ALLOWED_HOSTS is run in CLI 2015-07-08 11:01:06 +12:00
Damian Mooyman
8331171f2c Merge remote-tracking branch 'origin/3.1' into 3 
Conflicts:
	.scrutinizer.yml
	admin/javascript/LeftAndMain.Panel.js
	core/startup/ParameterConfirmationToken.php
	dev/Debug.php
	dev/FixtureBlueprint.php
	docs/en/00_Getting_Started/05_Coding_Conventions.md
	docs/en/00_Getting_Started/index.md
	docs/en/02_Developer_Guides/01_Templates/01_Syntax.md
	filesystem/File.php
	filesystem/Folder.php
	forms/FieldList.php
	forms/LabelField.php
	forms/MoneyField.php
	forms/TextField.php
	forms/TreeDropdownField.php
	forms/Validator.php
	forms/gridfield/GridField.php
	forms/gridfield/GridFieldExportButton.php
	lang/de.yml
	lang/fi.yml
	model/DataObject.php
	model/SQLQuery.php
	parsers/ShortcodeParser.php
	security/ChangePasswordForm.php
	security/Security.php
	tests/control/DirectorTest.php
	tests/core/startup/ParameterConfirmationTokenTest.php
	tests/dev/FixtureBlueprintTest.php
	tests/forms/FieldListTest.php
	tests/forms/MoneyFieldTest.php
	tests/model/SQLQueryTest.php
	tests/security/SecurityTest.php
 2015-06-02 19:13:38 +12:00
Damian Mooyman
0319f7855b FIX Incorrect env setting in 3.1.13 2015-06-02 12:27:08 +12:00
Marcus Nyeholt
9c8fa51321 FIX Allow users to specify allowed hosts 
Allow users to explicitly state which Hosts are allowed to be requested via
this application instance to avoid Host: header forgery attacks.
 2015-05-28 15:58:39 +10:00
Damian Mooyman
75137dbab2 Ensure only trusted proxy servers have control over certain HTTP headers 2015-05-28 10:12:46 +12:00
Damian Mooyman
db54125262 Deprecate stripslashes_recursively and magic quotes 
This code is removed from 4.0
 2015-03-14 21:24:11 +13:00
Zauberfisch
aa77e126c7 Fixed infinity loop when searching _ss_environment 2015-02-17 04:33:40 +00:00
zauberfisch
eb98b003b7 Fixed looking for _ss_environment.php in root dir and removed redundant code 2015-02-13 23:30:29 +00:00
Sean Harvey
07b15db3eb Allow ASSETS_PATH to be overridden like ASSETS_PATH (via jthomerson) 2013-11-01 11:27:03 +13:00
Hamish Friedlander
2110493466 Merge branch '3.0' into 3.1 2013-08-07 09:43:52 +12:00
Hamish Friedlander
5f9387c42c FIX Constants magic_quotes handling needs function from Core 2013-08-05 14:58:44 +12:00
Hamish Friedlander
541436feb0 Merge branch 'origin/3.0' into 3.1 2013-07-24 12:09:44 +12:00
Hamish Friedlander
604d9bf7dc Split Core.php into Constants.php and Core.php and adjust main.php startup 
The recent flush filter fix had a problem that you couldnt set a custom
BASE_PATH in _ss_environment because that file didnt get included until
after checking the confirmation token. This patch pulls the part of Core.php
that defines BASE_PATH into a seperate file that can be included earlier
in the startup sequence so that ParameterConfirmationToken can access it.

Core.php includes Constants.php with a require_once call, so for startup
scripts that dont pull in Constants.php themselves (like cli-script.php)
no change is needed.
 2013-07-22 13:52:00 +12:00