Steve Boyd
08cc057049
Merge pull request #9404 from creative-commoners/pulls/4/minor-lockstep-release-docs
...
DOCS Add note to update minimum core requirements in minor releases
2020-02-17 10:11:34 +13:00
Serge Latyntcev
ad1b00ec7d
[CVE-2019-19325] XSS through non-scalar FormField attributes
...
Silverstripe Forms allow malicious HTML or JavaScript to be inserted
through non-scalar FormField attributes, which allows performing XSS (Cross-Site Scripting)
on some forms built with user input (Request data). This can lead to phishing attempts
to obtain a user's credentials or other sensitive user input.
There is no known attack vector for extracting user-session information or credentials automatically,
it required a user to fall for the phishing attempt.
XSS can also be used to modify the presentation of content in malicious ways.
2020-02-17 09:58:29 +13:00
Guy Marriott
c31de772ab
Merge pull request #8838 from creative-commoners/pulls/4/slash-means-root
...
Use '/' as an alternative designation for root in routing
2020-02-14 11:29:32 -08:00
Garion Herman
29943f9049
API TestSession request methods now use the correct HTTP method ( #8987 )
...
* API TestSession request methods now use the correct HTTP method
* DOCS Update requests section in Functional Testing to reflect API change
2020-02-14 16:01:06 +13:00
Ingo Schommer
bf5a46901c
DOCS Web worker concurrency caveats ( #9223 )
2020-02-14 15:23:20 +13:00
Garion Herman
be71f34cac
DOCS Add documentation covering Root URL Handler behaviour
2020-02-14 14:41:10 +13:00
Garion Herman
9d1d59d8d1
NEW Accept / as designation for root URL controller
2020-02-14 14:41:10 +13:00
Steve Boyd
8c7e10bd55
Merge branch '4.5' into 4
2020-02-11 16:45:35 +13:00
Steve Boyd
9d5c3ef20e
Merge branch '4.4' into 4.5
2020-02-11 16:45:15 +13:00
Steve Boyd
8dcaed25f4
Merge pull request #9386 from silverstripe-terraformers/feature/orm-column
...
ORM bugfix and enhancement
2020-02-11 15:56:03 +13:00
Garion Herman
a2beabd430
DOCS Add note to update minimum core requirements in minor releases
2020-02-11 14:19:03 +13:00
Mojmir Fendek
285e6caafa
PR fixes
2020-02-11 10:43:01 +13:00
Mojmir Fendek
448147c2f1
PR fixes
2020-02-10 09:17:34 +13:00
Mojmir Fendek
660f80d284
PR fixes
2020-02-07 13:49:19 +13:00
Guy Marriott
73990ac189
Merge pull request #9399 from creative-commoners/broken-link
...
DOCS fix a broken link
2020-02-06 16:07:40 -08:00
brynwhyman
b60def66dd
DOCS fix a broken link
2020-02-07 12:49:17 +13:00
Robbie Averill
fe496a29ec
Merge pull request #9397 from mikenuguid/bugfix/update-orm-scaffoldformfield
...
FIX Update ORM DBField types to use Injector in scaffoldFormField()
2020-02-04 22:38:34 +13:00
mnuguid
ca36a47bb1
FIX Update ORM DBField types to use Injector in scaffoldFormField()
...
- This is usable in cases where a DBField is needed to be overloaded through the Injector.
2020-02-04 21:43:47 +13:00
Dylan Wagstaff
3a99a57d41
Merge pull request #9385 from mooror/patch-1
...
Updated the "Template Syntax" Documentation
2020-02-04 11:03:22 +13:00
Bryn Whyman
27517c55e7
Merge pull request #9396 from muskie9/patch-11
...
DOCS correct changelog link in README
2020-02-03 15:48:52 +13:00
Steve Boyd
566b81f326
Merge pull request #9392 from creative-commoners/pulls/4/document-tweak-releases
...
DOC Add documentation for tweak releases
2020-02-03 15:33:36 +13:00
Garion Herman
4ce63e4460
DOC Tweak wording on detach-tagged-base explanation [ci skip]
2020-02-03 15:20:47 +13:00
Nic
dd537f0cc9
DOCS correct changelog link in README
2020-02-02 20:20:38 -06:00
Garion Herman
efb1ebdd1a
DOC Add documentation for tweak releases
2020-02-03 14:53:40 +13:00
Robbie Averill
c6f5e7e2fa
Merge pull request #9393 from open-sausages/pulls/4/docs-damian-core-committer
...
DOCS Removed Damian as core committer :(
2020-01-31 12:32:12 +13:00
Ingo Schommer
daf32f2327
DOCS Removed Damian as core committer :(
2020-01-31 12:20:01 +13:00
Mojmir Fendek
99786dda22
ORM Column now supports related table lookup
2020-01-28 15:46:30 +13:00
Benjamin Blake
7c32a848aa
Updated the "Template Syntax" Documentation
...
Added a notice to the "Variables" section of the "Template Syntax" documentation to warn developers about common template variable gotchas
2020-01-27 15:18:40 -07:00
Mojmir Fendek
9c38c5f625
CMS action related extension points ( #9340 )
...
* CMS action related extension points
* Refactor to use fewer extension points
* Remove explicit return type
Co-authored-by: Aaron Carlino <unclecheese@leftandmain.com>
2020-01-27 15:09:15 +13:00
Robbie Averill
a80fd433e2
Merge pull request #9384 from kenlog/patch-3
...
Docs: Fix link to Middleware not found
2020-01-25 11:02:30 -08:00
Valentino Pesce
24c28e4457
Docs: Fix link to Middleware not found
...
Fix link to Middleware not found in page Rate Limiting
2020-01-25 19:21:15 +01:00
Robbie Averill
a98a2d9c7f
Merge pull request #9379 from tiller1010/patch-1
...
Update to link
2020-01-24 12:41:44 -08:00
Loz Calver
87ad14dad3
Merge pull request #9371 from Greg808/patch-1
...
added addExtraClass
2020-01-24 09:20:16 +00:00
Andre Kiste
c7cec6e48b
Merge pull request #9320 from open-sausages/pulls/4/disabled-link-to-existing-gridfield-button
...
BUG The "Link existing" should be disabled rather than readonly
2020-01-24 15:59:34 +13:00
Maxime Rainville
6ff0f3f466
BUG The "Link existing" should be disabled rather than readonly.
2020-01-24 14:47:12 +13:00
Robbie Averill
1fac44ab7a
Merge pull request #9378 from kenlog/patch-2
...
Docs: Fix route that doesn't exist
2020-01-21 12:53:10 -08:00
Tyler Trout
4a1c91f91d
Update to link
...
Clicking "ReactJS in SilverStripe" on https://docs.silverstripe.org/en/4/developer_guides/customising_the_admin_interface/cms_layout/ directs to 404.
2020-01-20 09:47:43 -05:00
Valentino Pesce
0c5fda2003
Docs: Fix route that doesn't exist
2020-01-19 19:03:35 +01:00
Robbie Averill
4121099484
Merge branch '4.5' into 4
2020-01-16 20:00:02 -08:00
Robbie Averill
53fcd47dfc
Merge branch '4.4' into 4.5
2020-01-16 19:59:42 -08:00
Robbie Averill
26e3b6f4e3
Merge branch '4.3' into 4.4
2020-01-16 19:59:24 -08:00
Garion Herman
aa37e887be
Merge pull request #9375 from unclecheese/pulls/4/fix-injector-callout
...
DOC: Fix unterminated injector callout block
2020-01-17 11:03:29 +13:00
Aaron Carlino
681ed4f78a
DOC: Fix unterminated injector callout block
2020-01-17 10:47:16 +13:00
Mojmir Fendek
acbbf80d14
CMS action related extension points ( #9340 )
...
* CMS action related extension points
* Refactor to use fewer extension points
* Remove explicit return type
Co-authored-by: Aaron Carlino <unclecheese@leftandmain.com>
2020-01-15 14:24:49 +13:00
Robbie Averill
7c1a0571f7
Merge pull request #9367 from martinduparc/patch-2
...
array_key_exists() on objects is deprecated in PHP 7.4
2020-01-14 09:39:49 -08:00
Robbie Averill
38d7bd700d
Merge pull request #9373 from manja/4.5
...
Fixed issue with merging existing entities in text collector
2020-01-14 09:27:35 -08:00
Robbie Averill
bdc723ff69
Merge pull request #9361 from kinglozzer/configure-database-glob
...
Minor performance improvement in DatabaseAdapterRegistry::autoconfigure()
2020-01-14 09:25:07 -08:00
Martin D
ec6a353543
array_key_exists() on objects is deprecated
...
Ref: https://wiki.php.net/rfc/deprecations_php_7_4#array_key_exists_with_objects
2020-01-14 09:22:49 -08:00
Robbie Averill
0567dce72f
Merge pull request #9370 from mandrew/patch-4
...
Adding SS_ENVIRONMENT_TYPE to documentation
2020-01-14 09:20:45 -08:00
Nemanja Karadzic
18f0829053
Fixed issue with merging existing entities in text collector
2020-01-14 14:20:40 +01:00