tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-09-06 17:51:34 +02:00
Code Issues Projects Releases Wiki Activity
20,779 Commits 29 Branches 525 Tags 151 MiB
af8d268cc7
Commit Graph

54 Commits

Author SHA1 Message Date
Robbie Averill
af8d268cc7 DOCS Update documentation for password validation rule configuration 2018-11-13 10:55:26 +02:00
Ingo Schommer
114b0a5ea7
NEW Option for secure "remember me" cookie 
Fixes #8234
 2018-07-30 16:41:49 +01:00
Ingo Schommer
259aa06010 DOCS More resilient example domain 
myapp.com is owned, example.com is specifically reserved for documentation use cases:
https://en.wikipedia.org/wiki/Example.com

[ci skip]
 2018-06-26 10:13:36 +12:00
Ingo Schommer
2e1e8e07b9 DOCS Consistent app/ folder and composer use 
- Stronger wording around "use composer"
- Consistent domain and email address naming
- Removed example for publishing non-composer modules (those shouldn't be encouraged)
- Removed instructions for installing modules from archives

[ci skip]
 2018-06-25 10:40:19 +12:00
Damian Mooyman
3ea98cdb13
Migrate documentation from 3.x 2018-06-13 14:50:02 +12:00
Robbie Averill
1505a89a63 Update to include note about auto redirect to HTTPS for basic auth 2018-04-24 16:42:52 +12:00
Damian Mooyman
cdfb413395
Code block whitespace / formatting cleanup 2017-10-27 15:38:27 +13:00
Aaron Carlino
e7274b0ee4 Add namespaces 2017-10-27 12:45:26 +13:00
Aaron Carlino
50c8a02bff remove tabs 2017-08-07 15:11:17 +12:00
Aaron Carlino
6c0629f025 Remove more deprecated APIs 2017-08-07 14:01:38 +12:00
Aaron Carlino
e4fba5a7b1 add use statements 2017-08-07 14:01:38 +12:00
Aaron Carlino
84feab5a68 Yeah psr2 functions 2017-08-07 14:01:38 +12:00
Aaron Carlino
4c7a068b28 classes psr2 2017-08-07 14:01:38 +12:00
Aaron Carlino
2414eaeafd Yay, clean arrays 2017-08-07 14:01:38 +12:00
Aaron Carlino
eb1695c03d Replace all legacy ::: syntax with GFMD tags 2017-08-07 14:01:38 +12:00
Saophalkun Ponlu
63ba092765 FIX Add namespaces in markdown docs (#7088) 
* FIX Add namespaces in markdown docs

* FIX Convert doc [link] to [link-text](link-uri)
 2017-07-03 13:22:12 +12:00
Sam Minnee
ccc86306b6 NEW: Add TrustedProxyMiddleware 
API: SS_TRUSTED_PROXY_HOST_HEADER replace with middleware config
API: SS_TRUSTED_PROXY_PROTOCOL_HEADER replace with middleware config
API: SS_TRUSTED_PROXY_IP_HEADER replace with middleware config
API: Front-End-Https = “on” header no longer supported

This middleware replaces the TRUSTED_PROXY setting and shifts its
configuration out of the env vars and bootstrap and into the Director
flow.
 2017-06-27 13:32:39 +12:00
Simon Gow
5f82997690 Secure Coding - Security Headers, Force HTTPS and Cookies 
- Amending best practices for secure coding to enforce HTTPS
- Add security headers to enforce HTTPS
- Ensure secure cookies are used.
- Added links for testing, changed documentation as part of peer review.
- Arrange headers to work with HTTP interface.
- fixed Cache-Control case
- Added reference to Secure Sessions.
- Replaced Cardinality with unique
- Fixed innacurate reference to decendant.
- Consistent spelling
- Databases over DBMSs
 2017-04-13 13:59:02 +12:00
Daniel Hensby
6e096f6172
DOCS Updated environment management docs to use .env file 2017-01-31 21:28:51 +00:00
Damian Mooyman
bfd9cb1aca Rename SS_ prefixed classes (#5974) 2016-09-09 18:43:05 +12:00
Ingo Schommer
c96e031367 Moved coding conventions docs into contributing folder 
Also created a contributing/coding_conventions landing page separately from the PHP ones, since we now need to account for JS and CSS conventions as well
 2016-06-13 08:30:44 +12:00
Damian Mooyman
d52db0ba34 Merge 3 into master 
# Conflicts:
#	.travis.yml
#	admin/css/ie7.css
#	admin/css/ie7.css.map
#	admin/css/ie8.css.map
#	admin/css/screen.css
#	admin/css/screen.css.map
#	admin/javascript/LeftAndMain.js
#	admin/scss/_style.scss
#	admin/scss/_uitheme.scss
#	control/HTTPRequest.php
#	core/Object.php
#	css/AssetUploadField.css
#	css/AssetUploadField.css.map
#	css/ConfirmedPasswordField.css.map
#	css/Form.css.map
#	css/GridField.css.map
#	css/TreeDropdownField.css.map
#	css/UploadField.css
#	css/UploadField.css.map
#	css/debug.css.map
#	dev/Debug.php
#	docs/en/00_Getting_Started/00_Server_Requirements.md
#	docs/en/02_Developer_Guides/06_Testing/00_Unit_Testing.md
#	docs/en/02_Developer_Guides/06_Testing/index.md
#	docs/en/02_Developer_Guides/14_Files/02_Images.md
#	docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/How_Tos/Extend_CMS_Interface.md
#	filesystem/File.php
#	filesystem/Folder.php
#	filesystem/GD.php
#	filesystem/Upload.php
#	forms/ToggleField.php
#	forms/Validator.php
#	javascript/lang/en_GB.js
#	javascript/lang/fr.js
#	javascript/lang/src/en.js
#	javascript/lang/src/fr.js
#	model/Image.php
#	model/UnsavedRelationList.php
#	model/Versioned.php
#	model/connect/MySQLDatabase.php
#	model/fieldtypes/DBField.php
#	model/fieldtypes/Enum.php
#	scss/AssetUploadField.scss
#	scss/UploadField.scss
#	templates/email/ChangePasswordEmail.ss
#	templates/forms/DropdownField.ss
#	tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsFormsContext.php
#	tests/behat/features/bootstrap/SilverStripe/Framework/Test/Behaviour/CmsUiContext.php
#	tests/forms/EnumFieldTest.php
#	tests/security/MemberTest.php
#	tests/security/MemberTest.yml
#	tests/security/SecurityTest.php
 2016-04-29 17:50:55 +12:00
Daniel Hensby
745faebd81
Merge 3.2 into 3.3 
Conflicts:
	.travis.yml
 2016-04-26 00:17:09 +01:00
Damian Mooyman
b8e7f9a934 Standardise spelling of "customise" 
Fixes #3988
 2016-03-30 13:17:28 +13:00
Ingo Schommer
f36b110db3 Merge remote-tracking branch 'origin/3.3' 2016-03-04 17:06:04 +13:00
Damian Mooyman
24a6c53645 Merge branch '3.2' into 3.3 
# Conflicts:
#	admin/code/ModelAdmin.php
#	lang/cs.yml
#	lang/lt.yml
#	lang/sk.yml
 2016-02-29 17:03:22 +13:00
Damian Mooyman
2c1f837442 Merge branch '3.1' into 3.2 
# Conflicts:
#	docs/en/01_Tutorials/02_Extending_A_Basic_Site.md
#	docs/en/01_Tutorials/03_Forms.md
#	docs/en/02_Developer_Guides/00_Model/08_SQL_Query.md
#	docs/en/02_Developer_Guides/00_Model/10_Versioning.md
#	docs/en/02_Developer_Guides/03_Forms/Field_types/01_Common_Subclasses.md
#	docs/en/02_Developer_Guides/03_Forms/Field_types/05_UploadField.md
#	docs/en/02_Developer_Guides/09_Security/01_Access_Control.md
#	docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
#	docs/en/02_Developer_Guides/14_Files/01_Image.md
#	docs/en/02_Developer_Guides/14_Files/index.md
#	lang/cs.yml
#	lang/fi.yml
#	lang/sk.yml
 2016-02-29 16:59:20 +13:00
Damian Mooyman
3b0a9f4ba2 Merge remote-tracking branch 'origin/3' 
# Conflicts:
#	admin/javascript/LeftAndMain.Menu.js
#	control/HTTPRequest.php
#	css/GridField.css
#	css/GridField.css.map
#	docs/en/02_Developer_Guides/03_Forms/Field_types/01_Common_Subclasses.md
#	docs/en/02_Developer_Guides/06_Testing/00_Unit_Testing.md
#	docs/en/02_Developer_Guides/06_Testing/index.md
#	docs/en/02_Developer_Guides/14_Files/01_File_Management.md
#	docs/en/02_Developer_Guides/14_Files/02_Images.md
#	filesystem/Upload.php
#	javascript/HtmlEditorField.js
#	model/Image.php
#	model/connect/MySQLDatabase.php
#	model/fieldtypes/Enum.php
#	model/versioning/Versioned.php
#	scss/GridField.scss
 2016-02-25 14:51:59 +13:00
Damian Mooyman
5f2d3f31d7 Merge remote-tracking branch 'origin/3.2' into 3.3 
# Conflicts:
#	dev/DevelopmentAdmin.php
#	docs/en/02_Developer_Guides/08_Performance/02_HTTP_Cache_Headers.md
#	lang/cs.yml
#	lang/lt.yml
 2016-02-24 17:29:06 +13:00
Damian Mooyman
ff5ed6efeb Merge remote-tracking branch 'origin/3.2.2' into 3.2 2016-02-24 17:03:43 +13:00
Damian Mooyman
06d5050321 Merge remote-tracking branch 'origin/3.1.17' into 3.1 2016-02-24 16:54:18 +13:00
Ingo Schommer
37059eb6b3 [ss-2016-003] Hostname, IP and Protocol Spoofing through HTTP Headers 2016-02-24 11:47:16 +13:00
Ingo Schommer
faa94d51d5 [ss-2016-003] Hostname, IP and Protocol Spoofing through HTTP Headers 2016-02-24 11:33:54 +13:00
Ingo Schommer
893e49703d [ss-2016-003] Hostname, IP and Protocol Spoofing through HTTP Headers 2016-02-18 17:28:54 +13:00
David Alexander
903379bde2 DOCS 3.2 : fixing api: links now that api: tag parser working 
fixed a couple of external links

fixed a docs link
 2016-02-17 18:02:38 -07:00
David Alexander
febbd35b51 DOCS 3.1 : fixing api: links 
missed one
 2016-02-17 03:00:22 -07:00
Damian Mooyman
e6b877df27 Merge remote-tracking branch 'origin/3' 
# Conflicts:
#	control/Director.php
#	control/HTTP.php
#	core/startup/ParameterConfirmationToken.php
#	docs/en/00_Getting_Started/01_Installation/05_Common_Problems.md
#	docs/en/00_Getting_Started/04_Directory_Structure.md
#	docs/en/00_Getting_Started/05_Coding_Conventions.md
#	docs/en/01_Tutorials/01_Building_A_Basic_Site.md
#	docs/en/01_Tutorials/02_Extending_A_Basic_Site.md
#	docs/en/01_Tutorials/03_Forms.md
#	docs/en/01_Tutorials/04_Site_Search.md
#	docs/en/01_Tutorials/05_Dataobject_Relationship_Management.md
#	docs/en/02_Developer_Guides/12_Search/01_Searchcontext.md
#	docs/en/02_Developer_Guides/13_i18n/index.md
#	docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/06_Javascript_Development.md
#	docs/en/03_Upgrading/index.md
#	docs/en/changelogs/index.md
#	docs/en/howto/customize-cms-menu.md
#	docs/en/howto/navigation-menu.md
#	docs/en/index.md
#	docs/en/installation/index.md
#	docs/en/installation/windows-manual-iis-6.md
#	docs/en/misc/contributing/code.md
#	docs/en/misc/contributing/issues.md
#	docs/en/misc/module-release-process.md
#	docs/en/reference/dataobject.md
#	docs/en/reference/execution-pipeline.md
#	docs/en/reference/grid-field.md
#	docs/en/reference/modeladmin.md
#	docs/en/reference/rssfeed.md
#	docs/en/reference/templates.md
#	docs/en/topics/commandline.md
#	docs/en/topics/debugging.md
#	docs/en/topics/email.md
#	docs/en/topics/forms.md
#	docs/en/topics/index.md
#	docs/en/topics/module-development.md
#	docs/en/topics/modules.md
#	docs/en/topics/page-type-templates.md
#	docs/en/topics/page-types.md
#	docs/en/topics/search.md
#	docs/en/topics/testing/index.md
#	docs/en/topics/testing/testing-guide-troubleshooting.md
#	docs/en/topics/theme-development.md
#	docs/en/tutorials/1-building-a-basic-site.md
#	docs/en/tutorials/2-extending-a-basic-site.md
#	docs/en/tutorials/3-forms.md
#	docs/en/tutorials/4-site-search.md
#	docs/en/tutorials/5-dataobject-relationship-management.md
#	docs/en/tutorials/building-a-basic-site.md
#	docs/en/tutorials/dataobject-relationship-management.md
#	docs/en/tutorials/extending-a-basic-site.md
#	docs/en/tutorials/forms.md
#	docs/en/tutorials/index.md
#	docs/en/tutorials/site-search.md
#	main.php
#	model/SQLQuery.php
#	security/ChangePasswordForm.php
#	security/MemberLoginForm.php
#	tests/control/ControllerTest.php
#	tests/core/startup/ParameterConfirmationTokenTest.php
#	tests/model/SQLQueryTest.php
#	tests/security/SecurityTest.php
#	tests/view/SSViewerTest.php
#	view/SSTemplateParser.php
#	view/SSTemplateParser.php.inc
#	view/SSViewer.php
 2016-01-20 13:16:27 +13:00
Damian Mooyman
5d240feaec Merge remote-tracking branch 'origin/3.2' into 3.3 2016-01-19 15:08:24 +13:00
Damian Mooyman
46cbe809ac Merge remote-tracking branch 'origin/3.1' into 3.2 
# Conflicts:
#	docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
#	docs/en/02_Developer_Guides/14_Files/01_Image.md
#	docs/en/02_Developer_Guides/15_Customising_the_Admin_Interface/How_Tos/Customise_CMS_Menu.md
#	docs/en/03_Upgrading/index.md
#	docs/en/05_Contributing/01_Code.md
#	forms/TreeMultiselectField.php
#	security/Permission.php
 2016-01-19 14:00:19 +13:00
David Alexander
5c99e33eb2 DOCS 3.1 - fixes broken internal links 2016-01-14 23:59:53 +13:00
Damian Mooyman
037467beae API Asset Access Control implementation 2016-01-13 18:18:22 +13:00
Damian Mooyman
3e7eecf978 API Remove SQLQuery 2015-10-23 16:26:04 +13:00
Stevie Mayhew
1b57e0ca5b FEATURE: implement getter and setter usage for response 2015-08-29 10:24:06 +12:00
Damian Mooyman
4d37e21bc6 Cleanup 3.2 changelog for release 2015-06-15 16:19:08 +12:00
Damian Mooyman
8331171f2c Merge remote-tracking branch 'origin/3.1' into 3 
Conflicts:
	.scrutinizer.yml
	admin/javascript/LeftAndMain.Panel.js
	core/startup/ParameterConfirmationToken.php
	dev/Debug.php
	dev/FixtureBlueprint.php
	docs/en/00_Getting_Started/05_Coding_Conventions.md
	docs/en/00_Getting_Started/index.md
	docs/en/02_Developer_Guides/01_Templates/01_Syntax.md
	filesystem/File.php
	filesystem/Folder.php
	forms/FieldList.php
	forms/LabelField.php
	forms/MoneyField.php
	forms/TextField.php
	forms/TreeDropdownField.php
	forms/Validator.php
	forms/gridfield/GridField.php
	forms/gridfield/GridFieldExportButton.php
	lang/de.yml
	lang/fi.yml
	model/DataObject.php
	model/SQLQuery.php
	parsers/ShortcodeParser.php
	security/ChangePasswordForm.php
	security/Security.php
	tests/control/DirectorTest.php
	tests/core/startup/ParameterConfirmationTokenTest.php
	tests/dev/FixtureBlueprintTest.php
	tests/forms/FieldListTest.php
	tests/forms/MoneyFieldTest.php
	tests/model/SQLQueryTest.php
	tests/security/SecurityTest.php
 2015-06-02 19:13:38 +12:00
Damian Mooyman
0319f7855b FIX Incorrect env setting in 3.1.13 2015-06-02 12:27:08 +12:00
Marcus Nyeholt
9c8fa51321 FIX Allow users to specify allowed hosts 
Allow users to explicitly state which Hosts are allowed to be requested via
this application instance to avoid Host: header forgery attacks.
 2015-05-28 15:58:39 +10:00
Damian Mooyman
75137dbab2 Ensure only trusted proxy servers have control over certain HTTP headers 2015-05-28 10:12:46 +12:00
Damian Mooyman
319b96b48b Merge remote-tracking branch 'origin/3.1' into 3 
Conflicts:
	docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
	docs/en/05_Contributing/01_Code.md
	forms/TreeDropdownField.php
	model/DataObject.php
	security/Member.php
	tests/model/DataObjectTest.php
 2015-03-11 11:40:06 +13:00
Fred Condo
82ed86f6cd DOCS: correct broken links 
- Correct internal links between documentation pages
- Delete defunct links to documentation removed during documentation reorganization
- Restore testing glossary
- Verify by crawling site locally
 2015-02-27 16:09:15 -08:00