Chris Penny
31d5aef520
Bugfix: SSViewer check object exists before calling prop or method
2022-11-24 13:18:56 +13:00
Steve Boyd
20582936d8
Merge branch '4.12' into 4
2022-11-23 16:42:25 +13:00
Steve Boyd
cb76f312a4
Merge branch '4.11' into 4.12-release
2022-11-21 13:44:23 +13:00
Steve Boyd
dc98cad48a
Merge branch '4.10' into 4.11
2022-11-21 13:43:59 +13:00
Guy Sartorelli
c7c108b29a
Merge pull request #10582 from creative-commoners/pulls/4.10/cve-2022-38148
...
Validate SortColumn exists
2022-11-21 13:30:35 +13:00
Guy Sartorelli
20de819d2b
Merge pull request #10586 from creative-commoners/pulls/4.11/cve-2022-37429
...
Sanitise XSS
2022-11-21 13:30:30 +13:00
Steve Boyd
fe13856769
[CVE-2022-37429] Sanitise XSS
2022-11-21 13:06:40 +13:00
Guy Sartorelli
17f1c7ceed
Merge pull request #10585 from creative-commoners/pulls/4.11/cve-2022-37430
...
Sanitise mixed case javascript
2022-11-21 13:03:30 +13:00
Guy Sartorelli
e5b81109de
Merge pull request #10584 from creative-commoners/pulls/4.11/cve-2022-38462
...
Don't allow CRLF in header values
2022-11-21 13:02:25 +13:00
Steve Boyd
4308a93cc8
[CVE-2022-38148] Validate SortColumn exists
2022-11-21 13:01:32 +13:00
Guy Sartorelli
b17b29eea1
Merge pull request #10583 from creative-commoners/pulls/4.11/cve-2022-38724-embed-shortcode
...
Restrict embed shortcode attributes
2022-11-21 13:01:23 +13:00
Sabina Talipova
ad116c63e6
Merge pull request #10565 from creative-commoners/pulls/4/stop-depr
...
API Stop using deprecated API
2022-11-16 14:26:18 +13:00
Steve Boyd
137ebcebec
API Stop using deprecated API
2022-11-15 18:20:54 +13:00
Daniel Hensby
c49abf0fcc
Merge remote-tracking branch 'upstream/4.11' into 4.12
2022-11-11 13:25:54 +00:00
Guy Sartorelli
521c8179b1
ENH Correctly parse SomeClass::class syntax in textcollection
2022-11-11 11:37:53 +13:00
Daniel Hensby
bb5b093004
Merge pull request #10578 from MadeHQ/4.11
...
Prevent infinite loop when getting table name for ComponentID
2022-11-10 21:49:03 +00:00
Lee Bradley
78b661dcf6
Prevent infinite loop when getting table name for ComponentID
...
If the field isn't in the first 2 classes then would just continue to loop
Fix means it will continue going to parent classes
Can be seen in the UsedOnTable in `admin` module if you have injected a new `Image` class that extends the built in one
2022-11-10 14:00:29 +00:00
Guy Sartorelli
e53380ce89
Merge pull request #10576 from creative-commoners/pulls/4.11/use-blowfish
...
MNT Explicitly test with blowfish
2022-11-10 17:18:20 +13:00
Guy Sartorelli
f8befa3dcf
Update translations
2022-11-10 01:56:20 +00:00
Steve Boyd
49e637d244
MNT Explicitly test with blowfish
2022-11-10 11:36:56 +13:00
Guy Sartorelli
ed63beeeee
Merge branch '4.11' into 4
2022-11-09 10:53:09 +13:00
Guy Sartorelli
00d1701d37
Merge pull request #10568 from creative-commoners/pulls/4/restore-err
...
MNT Use restore_error_handler()
2022-11-04 09:29:51 +13:00
Steve Boyd
7cfd827776
MNT Use restore_error_handler()
2022-11-03 16:19:17 +13:00
Daniel Hensby
00f0b01d0e
Merge pull request #10566 from kinglozzer/form-extension-hook
...
NEW: Add onBeforeRender extension hook to Form
2022-11-02 23:54:22 +00:00
Loz Calver
7f8f5afc91
Ensure forms/fields overridden by onBeforeRender() can override templates
2022-11-02 11:57:57 +00:00
Loz Calver
e2cb683f14
FIX: Stop FormField onBeforeRenderHolder extension result being overridden
2022-11-02 10:06:23 +00:00
Loz Calver
c925fae180
NEW: Add onBeforeRender extension hook to Form
2022-11-02 10:05:02 +00:00
Guy Sartorelli
e454db6dc9
Merge pull request #10563 from creative-commoners/pulls/4/conf-version
...
FIX Filter out E_USER_DEPRECATED unrelated to unit test
2022-11-02 12:02:33 +13:00
Steve Boyd
128f78c1cf
FIX Filter out E_USER_DEPRECATED unrelated to unit test
2022-11-02 11:40:34 +13:00
Guy Sartorelli
001e9c75d7
Merge pull request #10562 from creative-commoners/pulls/4/depr-random
...
API Deprecate Member::create_new_password()
2022-11-02 11:10:10 +13:00
Steve Boyd
9091d64652
API Deprecate Member::create_new_password()
2022-11-02 10:08:27 +13:00
Guy Sartorelli
e323fe478e
Merge pull request #10559 from creative-commoners/pulls/4/deprecated-config
...
NEW Record deprecated config
2022-11-01 11:45:03 +13:00
Steve Boyd
b1dc861aac
NEW Record deprecated config
2022-10-31 19:00:59 +13:00
Michal Kleiner
27eb390d2b
Merge pull request #10560 from creative-commoners/pulls/4.11/default-admin-encryption
2022-10-27 14:48:52 +13:00
Steve Boyd
a3c1cb0ddf
ENH Set PasswordEncryption on default admin
2022-10-27 13:57:27 +13:00
Guy Sartorelli
168ca00555
[CVE-2022-38724] Restrict embed shortcode attributes
2022-10-26 09:31:12 +13:00
Steve Boyd
59b980edd7
Merge branch '4.11' into 4
2022-10-21 11:46:39 +13:00
Maxime Rainville
25241a98e1
Merge pull request #10556 from creative-commoners/pulls/4/deprecation-no-manifests
...
FIX Handle calling Deprecation::notice() before manifests are available
2022-10-21 10:28:40 +13:00
Steve Boyd
897f9906f9
FIX Handle calling Deprecation::notice() before manifests are available
2022-10-21 10:08:31 +13:00
Guy Sartorelli
421b706a38
Merge pull request #10554 from creative-commoners/pulls/4/deprecation-api
...
FIX Ensure Deprecation works with 1.x branches
2022-10-20 14:18:22 +13:00
Steve Boyd
bd2eb15c72
FIX Ensure Deprecation works with 1.x branches
2022-10-20 13:14:58 +13:00
Michal Kleiner
0c207c3079
Merge pull request #10555 from creative-commoners/pulls/4.11/inject-objects
2022-10-19 21:07:48 +13:00
Steve Boyd
e3a6cad8a8
FIX Allow passing objects to InjectionCreator::create()
...
Co-authored-by: Nate Devereux <nate@daveclark.co.nz>
2022-10-19 18:04:48 +13:00
Daniel Hensby
0027d9414d
Merge pull request #10547 from HeyImPhil/task/10442-tinymce-links
...
Update tinymce links in comments
2022-10-14 10:14:17 +01:00
Phillip King
c4b3d5304d
Update tinymce links in comments
2022-10-14 16:11:58 +13:00
Guy Sartorelli
d6b3f4d515
Merge pull request #10525 from creative-commoners/pulls/4/deprecated
...
API Update deprecations
2022-10-13 15:25:47 +13:00
Steve Boyd
9c453abf89
API Update deprecations
2022-10-13 14:49:15 +13:00
Steve Boyd
33b6a00f49
ENH Update deprecation messages
2022-10-13 14:48:40 +13:00
Steve Boyd
e6aa183eb4
API Update deprecations for SapphireTest and FunctionalTest
2022-10-13 14:05:49 +13:00
Steve Boyd
2991901660
ENH Update deprecation messages
2022-10-13 14:05:49 +13:00