tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity
21,722 Commits 31 Branches 527 Tags 162 MiB
bb03d314ff
Commit Graph

213 Commits

Author SHA1 Message Date
Maxime Rainville
acd7d94167 Merge branch '4.4' into 4.5 2020-02-17 13:07:26 +13:00
Serge Latyntcev
ad1b00ec7d [CVE-2019-19325] XSS through non-scalar FormField attributes 
Silverstripe Forms allow malicious HTML or JavaScript to be inserted
through non-scalar FormField attributes, which allows performing XSS (Cross-Site Scripting)
on some forms built with user input (Request data). This can lead to phishing attempts
to obtain a user's credentials or other sensitive user input.
There is no known attack vector for extracting user-session information or credentials automatically,
it required a user to fall for the phishing attempt.
XSS can also be used to modify the presentation of content in malicious ways.
 2020-02-17 09:58:29 +13:00
Serge Latyntcev
91e4aa90f1 Merge branch '4.4' into 4.5 2019-11-20 11:09:23 +13:00
Serge Latyntcev
8219491705 Merge branch '4.3' into 4.4 2019-11-20 11:08:35 +13:00
Garion Herman
ea2a2b4786 FIX Adjust HTMLEditorField tests to support alt attr changes in assets 
The default behaviour of the alt attribute has changed from using the
filename to applying an empty value.
 2019-11-14 12:04:37 +13:00
Damian Mooyman
e76601e5c8
BUG FormAction title property cannot be set if useButtonTag is false 2019-10-29 17:21:45 +13:00
Garion Herman
17f4cc6e30
Merge pull request #9281 from creative-commoners/pulls/4/textfield-tip-ui 
NEW: Add support for Tip UI in TextField
 2019-10-23 16:50:43 +13:00
Garion Herman
bed3f2b3c6 NEW Add type declarations to Tip API, add TippableFieldInterface 2019-10-23 10:46:22 +13:00
Garion Herman
195417b061 NEW Extract Tip from TextField, add test coverage 2019-10-22 17:04:58 +13:00
Maxime Rainville
e59625fe5a
NEW Add ability to define image size preset for the TinyMCE editor. (#9276) 
* NEW Add ability to define image size preset for the TinyMCE editor.
* DOC Explain how to define image size pre-sets
 2019-10-22 11:50:28 +13:00
Dylan Wagstaff
047ac060c4
Merge pull request #9265 from emteknetnz/feature/noopener 
Add noopener attribute to links with a target
 2019-10-03 14:42:50 +13:00
Steve Boyd
887f198b07 Add rel attribute to link elements with a target attribute 2019-10-03 14:03:12 +13:00
Aaron Carlino
b3093b7a1a BUGFIX: Allow state to be shared across nested GridFields 2019-08-07 23:09:51 +12:00
Saophalkun Ponlu
6a8c6703d1 Remove use_gzip from HTMLEditorField since it's been removed by TinyMCE codebase (#7261) 
* Remove `use_gzip` from HTMLEditorField

* DOCS Mention remove use_gzip in changelog
 2019-06-21 09:27:48 +12:00
Sam Minnée
654156d46d FIX: Fix bug when confirmed password is changed but not the password. (#9012) 
In this case the confirmed password field is not reflected. It’s 
unclear how often this situation would arise outside of test scenarios,
but may come up if $form->loadDataFrom() is called more than once.

Fixes #2496 (it’s a minor issue but I think this is why Dan flagged it
as a regression). Originally introduced as part of Dan’s initial fix
at 2a6f1f1949.
 2019-06-10 15:48:29 +12:00
Guy Marriott
f97ca26e76
Merge pull request #9014 from sminnee/fix-4142 
FIX: List default items in the readonly view of ListboxField
 2019-05-27 20:13:20 +12:00
Sam Minnee
7407096e99 FIX: List default items in the readonly view of ListboxField 
Adds tests for non-readonly default items too.

Fixes #4142
 2019-05-27 17:47:09 +12:00
Sam Minnee
2c71daacfe MINOR: Add tests for GroupedDropdownField empty strings 
These bugs were never present in SS4 as the relevant code had a
substantial rewrite at the same time they were introduced in SS3.
In SS3, test C still fails.

Fixes #4705
Fixes #4987
Fixes #4793
 2019-05-27 17:46:03 +12:00
Guy Marriott
cc1fdf603b
Resolve incorrect empty string assertion in tests 2019-04-17 13:29:54 +12:00
Robbie Averill
d8cd085190 Merge branch '4.3' into 4 2019-01-24 17:14:09 +02:00
Robbie Averill
e087e564e1 Fix tests not loading fixtures and loading themes in CWP recipe kitchen sink 2019-01-24 16:45:38 +02:00
Robbie Averill
7c96feef37 Merge branch '4.3' into 4 2019-01-08 12:27:48 +01:00
Robbie Averill
394dd4765c NEW Scaffolded field labels now only have an uppercased first word 2019-01-07 17:52:28 +01:00
Maxime Rainville
7d1aa44786
Merge pull request #8654 from creative-commoners/pulls/4.3/password-complexity-test-fixes 
Update tests to pass in CWP kitchen sink context
 2018-12-13 16:50:25 +13:00
Robbie Averill
5d7c5ffb07 Merge branch '4.3' into 4 2018-12-06 09:40:40 +00:00
Robbie Averill
08866f89d9 Merge branch '4.2' into 4.3 2018-12-06 09:40:05 +00:00
Robbie Averill
96bd17d469 Merge branch '4.1' into 4.2 2018-12-06 09:38:45 +00:00
Robbie Averill
3f532466d1 Merge branch '4.0' into 4.1 2018-12-06 09:37:52 +00:00
Robbie Averill
1ac36611a6 Update tests to pass in CWP kitchen sink context 2018-12-02 23:04:34 +00:00
Serge Latyntcev
4ee63eb4e7 TreeMultiselectFieldTest / make scrutinizer happy 2018-11-29 12:13:56 +13:00
Serge Latyntcev
38f8217f01 TreeMultiselectFieldTest / setUp is protected in PHPUnit5 2018-11-29 09:55:28 +13:00
Robbie Averill
1f1c344272 Merge branch '4.3' into 4 
# Conflicts:
 #	tests/php/Forms/ConfirmedPasswordFieldTest.php
 2018-11-26 12:15:17 +01:00
Serge Latyntcev
f526c794fc Minor / Refactor php tests for TreeMultiselectField 2018-11-23 16:03:44 +13:00
Serge Latyntcev
9ce6d91b76 FIX / TreeMultiselectField::objectForKey handles list of IDs correctly 2018-11-22 12:11:18 +13:00
Maxime Rainville
d74af1c17e FIX Explicity mark nodes when searching nodes in TreeDropdownField #8621 2018-11-21 11:43:21 +13:00
Serge Latyntcev
80885fc231 ADD php test TreeMultiselectField::testEmptyChoiceReadonly 2018-11-20 16:45:23 +13:00
Robbie Averill
7d1d6d0f7b FIX Ensure that tests setting passwords have stubbed configuration 2018-11-14 11:54:17 +02:00
Guy Marriott
b2dd22fb50
Merge pull request #8506 from creative-commoners/pulls/4.3/all-the-unit-tests 
NEW Adding a stack more unit tests for logging and some form fields
 2018-11-11 10:31:24 +13:00
Robbie Averill
bab84f31dc Remove underscores from variable test class names 2018-11-10 14:55:11 +02:00
Robbie Averill
eba92d77df Rename CheckboxFieldReadonlyTest for future PSR-2 compatibility 2018-11-10 10:04:17 +02:00
Loz Calver
bbb208e1dd
Merge pull request #8499 from sminnee/fix-1489 
FIX: CheckboxSetField can now save into DBMultiEnum
 2018-11-09 10:40:55 +01:00
Robbie Averill
64c2938c96 Merge branch '4.3' into 4 2018-11-06 11:05:22 +01:00
Sam Minnee
76255c9fb5 FIX: CheckboxSetField can now save into DBMultiEnum 
Fixes https://github.com/silverstripe/silverstripe-framework/issues/1489
 2018-11-05 17:40:28 +13:00
Luke Edwards
8866e7674a BUG: Fix duplicate plugins on HTML editor fields (#8559) 
* BUG: Fix duplicate plugins on HTML editor fields

* Add new test
 2018-11-02 12:26:53 +13:00
Robbie Averill
b02a6fa02d FIX Replace usage of Convert JSON methods with json_encode 2018-10-28 21:15:29 +00:00
Robbie Averill
bea4101e21 Add tests for DisabledTransformation, PrintableTransformation and PrintableTransformation_TabSet 2018-10-20 20:06:02 +02:00
Robbie Averill
449b2cf291 Add tests for DefaultFormFactory 2018-10-20 19:47:11 +02:00
Robbie Averill
fd50ce6295 Add more edge case tests for disabled DateFields and DatetimeField 2018-10-20 18:29:07 +02:00
Robbie Averill
97209bc919 Add edge case unit tests for DateField 2018-10-20 18:15:42 +02:00
Robbie Averill
0e2847e289 Add tests for DatalessField 2018-10-20 17:59:55 +02:00