Ingo Schommer
52841533ed
Better ErrorPage upgrading guide ( #7066 )
...
See https://github.com/silverstripe/silverstripe-framework/issues/4149
2017-06-26 21:31:31 -07:00
Damian Mooyman
cf758ddd4f
Merge pull request #7052 from sminnee/director-middleware
...
Allow application of HTTPMiddleware to Director.
2017-06-27 14:21:23 +12:00
Ingo Schommer
daed8cb056
Merge pull request #7061 from jonom/errorpage-separation
...
Removed ErrorPage
2017-06-27 14:00:43 +12:00
Damian Mooyman
f699650b5f
Update based on feedback
2017-06-27 13:32:39 +12:00
Damian Mooyman
d20ab50f9d
API Stronger Injector service unregistration
...
BUG Fix up test regressions
FIX director references to request object
API Move all middlewares to common namespace
API Implement RequestHandlerMiddlewareAdapter
ENHANCEMENT Improve IP address parsing
Fix up PHPDoc / psr2 linting
BUG Fix property parsing in TrustedProxyMiddleware
BUG Fix Director::is_https()
2017-06-27 13:32:39 +12:00
Sam Minnee
ccc86306b6
NEW: Add TrustedProxyMiddleware
...
API: SS_TRUSTED_PROXY_HOST_HEADER replace with middleware config
API: SS_TRUSTED_PROXY_PROTOCOL_HEADER replace with middleware config
API: SS_TRUSTED_PROXY_IP_HEADER replace with middleware config
API: Front-End-Https = “on” header no longer supported
This middleware replaces the TRUSTED_PROXY setting and shifts its
configuration out of the env vars and bootstrap and into the Director
flow.
2017-06-27 13:32:39 +12:00
Sam Minnee
e855622890
NEW: Replace FlushRequestFilter with FlushMiddleware
2017-06-27 13:32:39 +12:00
Sam Minnee
c482cd673e
DOC: Documentation and upgrade notes for director middleware
2017-06-27 13:32:39 +12:00
Damian Mooyman
0ed1750106
Merge remote-tracking branch 'origin/3'
...
# Conflicts:
# .travis.yml
# .tx/config
# _config/database.yml
# admin/code/LeftAndMain.php
# admin/code/ModelAdmin.php
# admin/code/SecurityAdmin.php
# admin/javascript/jquery-changetracker/lib/jquery.changetracker.js
# admin/javascript/lang/cs.js
# admin/javascript/lang/de.js
# admin/javascript/lang/eo.js
# admin/javascript/lang/es.js
# admin/javascript/lang/fa_IR.js
# admin/javascript/lang/fi.js
# admin/javascript/lang/fr.js
# admin/javascript/lang/hr.js
# admin/javascript/lang/id.js
# admin/javascript/lang/id_ID.js
# admin/javascript/lang/it.js
# admin/javascript/lang/ja.js
# admin/javascript/lang/lt.js
# admin/javascript/lang/mi.js
# admin/javascript/lang/nb.js
# admin/javascript/lang/nl.js
# admin/javascript/lang/pl.js
# admin/javascript/lang/ro.js
# admin/javascript/lang/ru.js
# admin/javascript/lang/sk.js
# admin/javascript/lang/sl.js
# admin/javascript/lang/sl_SI.js
# admin/javascript/lang/sr.js
# admin/javascript/lang/sr@latin.js
# admin/javascript/lang/sr_RS.js
# admin/javascript/lang/sr_RS@latin.js
# admin/javascript/lang/src/cs.js
# admin/javascript/lang/src/de.js
# admin/javascript/lang/src/eo.js
# admin/javascript/lang/src/es.js
# admin/javascript/lang/src/fa_IR.js
# admin/javascript/lang/src/fi.js
# admin/javascript/lang/src/fr.js
# admin/javascript/lang/src/hr.js
# admin/javascript/lang/src/id.js
# admin/javascript/lang/src/id_ID.js
# admin/javascript/lang/src/it.js
# admin/javascript/lang/src/ja.js
# admin/javascript/lang/src/lt.js
# admin/javascript/lang/src/mi.js
# admin/javascript/lang/src/nb.js
# admin/javascript/lang/src/nl.js
# admin/javascript/lang/src/pl.js
# admin/javascript/lang/src/ro.js
# admin/javascript/lang/src/ru.js
# admin/javascript/lang/src/sk.js
# admin/javascript/lang/src/sl.js
# admin/javascript/lang/src/sl_SI.js
# admin/javascript/lang/src/sr.js
# admin/javascript/lang/src/sr@latin.js
# admin/javascript/lang/src/sr_RS.js
# admin/javascript/lang/src/sr_RS@latin.js
# admin/javascript/lang/src/sv.js
# admin/javascript/lang/src/zh.js
# admin/javascript/lang/sv.js
# admin/javascript/lang/zh.js
# admin/templates/Includes/ModelAdmin_Content.ss
# composer.json
# control/HTTPRequest.php
# core/Config.php
# core/Core.php
# core/Diff.php
# core/Object.php
# core/PaginatedList.php
# core/TempPath.php
# core/manifest/ConfigStaticManifest.php
# dev/Profiler.php
# docs/en/00_Getting_Started/00_Server_Requirements.md
# docs/en/00_Getting_Started/03_Environment_Management.md
# docs/en/02_Developer_Guides/01_Templates/03_Requirements.md
# docs/en/02_Developer_Guides/07_Debugging/03_Template_debugging.md
# docs/en/02_Developer_Guides/13_i18n/index.md
# filesystem/File.php
# filesystem/GD.php
# filesystem/ImagickBackend.php
# filesystem/Upload.php
# forms/DatetimeField.php
# forms/FormField.php
# forms/GroupedDropdownField.php
# forms/TabSet.php
# forms/gridfield/GridFieldFilterHeader.php
# javascript/lang/es.js
# javascript/lang/src/es.js
# lang/af.yml
# lang/ar.yml
# lang/az.yml
# lang/bg.yml
# lang/bs.yml
# lang/ca.yml
# lang/cs.yml
# lang/de.yml
# lang/en.yml
# lang/eo.yml
# lang/es.yml
# lang/es_AR.yml
# lang/es_MX.yml
# lang/et_EE.yml
# lang/fa_IR.yml
# lang/fi.yml
# lang/fo.yml
# lang/fr.yml
# lang/gl_ES.yml
# lang/he_IL.yml
# lang/hr.yml
# lang/hu.yml
# lang/id.yml
# lang/id_ID.yml
# lang/is.yml
# lang/it.yml
# lang/ja.yml
# lang/lt.yml
# lang/lv.yml
# lang/mi.yml
# lang/ms.yml
# lang/nb.yml
# lang/ne.yml
# lang/nl.yml
# lang/pl.yml
# lang/pt.yml
# lang/pt_BR.yml
# lang/ro.yml
# lang/ru.yml
# lang/si.yml
# lang/sk.yml
# lang/sl.yml
# lang/sl_SI.yml
# lang/sr.yml
# lang/sr@latin.yml
# lang/sr_RS.yml
# lang/sr_RS@latin.yml
# lang/sv.yml
# lang/th.yml
# lang/tr.yml
# lang/uk.yml
# lang/zh.yml
# lang/zh_CN.yml
# lang/zh_TW.yml
# model/DataDifferencer.php
# model/DataQuery.php
# model/Image.php
# model/ManyManyList.php
# model/connect/DBSchemaManager.php
# model/connect/PDOConnector.php
# model/fieldtypes/Bigint.php
# model/fieldtypes/DBFloat.php
# model/fieldtypes/DBInt.php
# model/fieldtypes/Double.php
# model/fieldtypes/ForeignKey.php
# model/fieldtypes/PrimaryKey.php
# parsers/HTML/HTMLBBCodeParser.php
# security/Member.php
# security/MemberAuthenticator.php
# security/RandomGenerator.php
# security/Security.php
# tests/control/CookieTest.php
# tests/control/HTTPRequestTest.php
# tests/core/CoreTest.php
# tests/filesystem/UploadTest.php
# tests/forms/FormFieldTest.php
# tests/forms/FormTest.php
# tests/forms/GroupedDropdownFieldTest.php
# tests/forms/HtmlEditorFieldToolbarTest.php
# tests/forms/RequirementsTest.php
# tests/model/DBFieldTest.php
# tests/model/DataObjectTest.php
# tests/model/ManyManyListTest.php
# tests/model/VersionableExtensionsTest.php
# tests/model/VersionedTest.php
# tests/parsers/ShortcodeParserTest.php
# tests/security/MemberAuthenticatorTest.php
# tests/security/MemberTest.php
# tests/security/SecurityTest.php
# tests/view/SSViewerTest.php
# thirdparty/simpletest/encoding.php
# thirdparty/simpletest/page.php
# thirdparty/simpletest/tag.php
# thirdparty/spyc/spyc.php
# thirdparty/tinymce-spellchecker/classes/SpellChecker.php
# thirdparty/tinymce-spellchecker/classes/utils/JSON.php
# thirdparty/tinymce-spellchecker/classes/utils/Logger.php
# thirdparty/tinymce/tiny_mce.js
# thirdparty/tinymce/tiny_mce_gzip.php
# thirdparty/tinymce/tiny_mce_src.js
# view/Requirements.php
# view/SSViewer.php
# view/ViewableData.php
2017-06-27 13:27:14 +12:00
Jonathon Menz
d0da319004
Removed ErrorPage
...
Removed references to ErrorPage so it can be split off in to a separate module. (#4149 )
2017-06-26 10:03:03 -07:00
Daniel Hensby
fea36f2d7b
DOCS Update Image docs to reflect intervention/image changes
2017-06-23 11:18:21 +01:00
Damian Mooyman
3873e4ba00
API Refactor bootstrap, request handling
...
See https://github.com/silverstripe/silverstripe-framework/pull/7037
and https://github.com/silverstripe/silverstripe-framework/issues/6681
Squashed commit of the following:
commit 8f65e56532
Author: Ingo Schommer <me@chillu.com>
Date: Thu Jun 22 22:25:50 2017 +1200
Fixed upgrade guide spelling
commit 76f95944fa
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 16:38:34 2017 +1200
BUG Fix non-test class manifest including sapphiretest / functionaltest
commit 9379834cb4
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 15:50:47 2017 +1200
BUG Fix nesting bug in Kernel
commit 188ce35d82
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 15:14:51 2017 +1200
BUG fix db bootstrapping issues
commit 7ed4660e7a
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 14:49:07 2017 +1200
BUG Fix issue in DetailedErrorFormatter
commit 738f50c497
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 11:49:19 2017 +1200
Upgrading notes on mysite/_config.php
commit 6279d28e5e
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 11:43:28 2017 +1200
Update developer documentation
commit 5c90d53a84
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 10:48:44 2017 +1200
Update installer to not use global databaseConfig
commit f9b2ba4755
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 21 21:04:39 2017 +1200
Fix behat issues
commit 5b59a912b6
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 21 17:07:11 2017 +1200
Move HTTPApplication to SilverStripe\Control namespace
commit e2c4a18f63
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 21 16:29:03 2017 +1200
More documentation
Fix up remaining tests
Refactor temp DB into TempDatabase class so it’s available outside of unit tests.
commit 5d235e64f3
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 21 12:13:15 2017 +1200
API HTTPRequestBuilder::createFromEnvironment() now cleans up live globals
BUG Fix issue with SSViewer
Fix Security / View tests
commit d88d4ed4e4
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 20 16:39:43 2017 +1200
API Refactor AppKernel into CoreKernel
commit f7946aec33
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 20 16:00:40 2017 +1200
Docs and minor cleanup
commit 12bd31f936
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 20 15:34:34 2017 +1200
API Remove OutputMiddleware
API Move environment / global / ini management into Environment class
API Move getTempFolder into TempFolder class
API Implement HTTPRequestBuilder / CLIRequestBuilder
BUG Restore SS_ALLOWED_HOSTS check in original location
API CoreKernel now requires $basePath to be passed in
API Refactor installer.php to use application to bootstrap
API move memstring conversion globals to Convert
BUG Fix error in CoreKernel nesting not un-nesting itself properly.
commit bba9791146
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 18:07:53 2017 +1200
API Create HTTPMiddleware and standardise middleware for request handling
commit 2a10c2397b
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 17:42:42 2017 +1200
Fixed ORM tests
commit d75a8d1d93
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 17:15:07 2017 +1200
FIx i18n tests
commit 06364af3c3
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 16:59:34 2017 +1200
Fix controller namespace
Move states to sub namespace
commit 2a278e2953
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 12:49:45 2017 +1200
Fix forms namespace
commit b65c21241b
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 15 18:56:48 2017 +1200
Update API usages
commit d1d4375c95
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 15 18:41:44 2017 +1200
API Refactor $flush into HTPPApplication
API Enforce health check in Controller::pushCurrent()
API Better global backup / restore
Updated Director::test() to use new API
commit b220534f06
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 22:05:57 2017 +1200
Move app nesting to a test state helper
commit 603704165c
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 21:46:04 2017 +1200
Restore kernel stack to fix multi-level nesting
commit 2f6336a15b
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 17:23:21 2017 +1200
API Implement kernel nesting
commit fc7188da7d
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 15:43:13 2017 +1200
Fix core tests
commit a0ae723514
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 15:23:52 2017 +1200
Fix manifest tests
commit ca03395251
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 15:00:00 2017 +1200
API Move extension management into test state
commit c66d433977
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 14:10:59 2017 +1200
API Refactor SapphireTest state management into SapphireTestState
API Remove Injector::unregisterAllObjects()
API Remove FakeController
commit f26ae75c6e
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 12 18:04:34 2017 +1200
Implement basic CLI application object
commit 001d559662
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 12 17:39:38 2017 +1200
Remove references to SapphireTest::is_running_test()
Upgrade various code
commit de079c041d
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 7 18:07:33 2017 +1200
API Implement APP object
API Refactor of Session
2017-06-22 22:50:45 +12:00
David Alexander
3b812417ad
Update 03_Environment_Management.md
...
@dhensby I thought I saw a recent merge making PDO the default.
2017-06-20 10:12:55 +12:00
Chris Joe
102eaed36c
Merge pull request #6722 from open-sausages/pulls/4.0/requirements-html-cleanup
...
Better HTML generation behaviour for Requirements_Backend
2017-06-16 13:52:06 +12:00
Damian Mooyman
dd4eb6ce44
Merge pull request #6960 from open-sausages/pulls/4.0/security-process-docs
...
Internal security process docs
2017-06-16 13:50:58 +12:00
Damian Mooyman
64e802f795
API Move createTag to HTML class
...
ENHANCEMENT Better HTML generation behaviour for Requirements_Backend
2017-06-16 12:22:05 +12:00
Damian Mooyman
62d095305b
API Update DefaultAdmin services
...
API Improve validation of authentication process
2017-06-15 15:53:57 +12:00
Daniel Hensby
6f2b08b962
Merge branch '3.6' into 3
2017-06-14 12:02:27 +01:00
3Dgoo
f0c00bfb78
Fixing language typo in docs
2017-06-13 05:37:07 +09:30
Simon Erkelens
2b26cafcff
Separate out the log-out handling.
...
Repairing tests and regressions
Consistently use `Security::getCurrentUser()` and `Security::setCurrentUser()`
Fix for the logout handler to properly logout, some minor wording updates
Remove the login hashes for the member when logging out.
BasicAuth to use `HTTPRequest`
2017-06-07 21:11:58 +12:00
Antony Thorpe
6348f2e3e8
Updated Form.php & 04_Form_Security.md
...
Changed the `strictFormMethodCheck` protected property from false to true to step out on the front foot with this security setting. In the documentation under the title [Cross-Site Request Forgery](https://github.com/silverstripe/silverstripe-framework/blob/master/docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md#cross-site-request-forgery-csrf ) it states, "it is also recommended to limit form submissions to the intended HTTP verb (mostly GET or POST) through [api:Form::setStrictFormMethodCheck()]." The same advice is noted in [Form Security](c2292a4cc1/docs/en/02_Developer_Guides/03_Forms/04_Form_Security.md (strict-form-submission)
).
Why not make this the default behaviour? Is there a scenario where this would cause a problem? Have manually tested in the CMS (alpha7) and is working fine.
Note: Original commit that establised the API Form::setStrictFormMethodCheck is 14c59be8
.
2017-06-06 21:10:49 +12:00
Damian Mooyman
9b965ed5fa
Add in missing changelog notes
2017-06-06 11:08:05 +12:00
Ingo Schommer
b137e91998
Internal security process docs
2017-06-02 11:30:12 +12:00
Justin Brown
ac08e16720
Update to 00_CSV_Import.md
...
Adding further explanation for using a custom CsvBulkLoader in ModelAdmin instead of the default one. I think some people might be able to guess at this, but others (like me) might benefit from making things a bit more explicit. This a follow up from my [question on StackOverflow](https://stackoverflow.com/questions/44271755/adding-custom-csvbulkuploader-to-modeladmin-in-silverstripe ).
2017-05-31 09:05:05 -06:00
Ed Linklater
f007fca51f
Docs: Correct Stevie's name on committers page
2017-05-31 12:27:06 +12:00
Daniel Hensby
21d2e5cad1
Merge branch '3.6' into 3
2017-05-31 00:12:14 +01:00
Daniel Hensby
becb769167
Merge branch '3.5' into 3.6
2017-05-31 00:11:48 +01:00
Daniel Hensby
294df1320f
Merge branch '3.4' into 3.5
2017-05-31 00:11:18 +01:00
Daniel Hensby
143c4a63cf
Added 3.6.0 changelog
2017-05-30 22:11:03 +00:00
Daniel Hensby
2f7f761a9c
Added 3.5.4 changelog
2017-05-30 22:03:17 +00:00
Daniel Hensby
deca99a5fe
Added 3.4.6 changelog
2017-05-30 21:58:52 +00:00
Damian Mooyman
e7d87add9f
API Remove legacy HTMLEditor classes
2017-05-30 11:01:28 +12:00
Nick
318b0248b7
Update 05_Dataobject_Relationship_Management.md
...
Correct a naffed up code block and a typo
2017-05-29 20:54:50 +12:00
Daniel Hensby
659053a256
Added 3.6.0-rc1 changelog
2017-05-29 00:36:04 +00:00
Daniel Hensby
cda7e8dc39
Merge remote-tracking branch 'security/3.5.4' into 3.6.0
2017-05-29 01:29:05 +01:00
Daniel Hensby
9a38bedd18
Added 3.5.4-rc1 changelog
2017-05-29 00:08:27 +00:00
Daniel Hensby
24166700e8
Merge remote-tracking branch 'security/3.4.6' into 3.5.4
2017-05-29 01:02:35 +01:00
Daniel Hensby
b5ad4bdcc6
Added 3.4.6-rc2 changelog
2017-05-28 23:49:04 +00:00
Daniel Hensby
eeb549faf3
Added 3.4.6-rc1 changelog
2017-05-28 21:34:38 +00:00
Aaron Carlino
06615e3d76
Resample doc images for react di
2017-05-26 11:08:07 +12:00
Chris Joe
5ec8d40c19
Merge pull request #6957 from open-sausages/pulls/4/react-di-documentation
...
Docs for React DI
2017-05-26 10:59:42 +12:00
Daniel Hensby
893f19a5ea
DOCS Updating index definition examples
2017-05-25 23:29:12 +01:00
Aaron Carlino
bfc373cf0f
update docs with new api
2017-05-25 16:34:32 +12:00
Aaron Carlino
75981989b0
Docs for React DI
2017-05-25 14:58:55 +12:00
Christopher Joe
e327bf3c70
Enhancement add contribution notes about releasing to NPM
2017-05-24 17:07:05 +12:00
Damian Mooyman
fba8e2c245
API Remove Object class
...
API DataObjectSchema::manyManyComponent() return array is now associative array
2017-05-23 13:50:35 +12:00
Damian Mooyman
2aa3b5d5fa
Merge pull request #6934 from robbieaverill/pulls/4.0/consistent-instance-method
...
API Consistent use of inst() naming across framework
2017-05-22 11:57:20 +12:00
Damian Mooyman
4197090e11
Merge pull request #6940 from kinglozzer/randomgenerator
...
Only use random_bytes() for RandomGenerator (closes #6397 )
2017-05-22 10:29:55 +12:00
Loz Calver
e653e90997
Only use random_bytes() for RandomGenerator ( closes #6397 )
2017-05-19 11:18:56 +01:00
Robbie Averill
f2cbe86f03
Remove CustomMethods::createMethod and create_function implementations, replace with closures
2017-05-19 15:56:44 +12:00