Commit Graph

73 Commits

Author SHA1 Message Date
Steve Boyd
db665a8dd8 Merge branch '5.2' into 5 2024-07-17 12:02:37 +12:00
Guy Sartorelli
b8d20dc9d5 [CVE-2024-32981] Disallow data:text/html in data attributes 2024-07-17 11:04:27 +12:00
Maxime Rainville
dbc0288038
MNT ALter order of expected attribute on image test (#11286) 2024-07-01 10:36:37 +12:00
github-actions
8886a3a93d Merge branch '5.2' into 5 2024-05-22 22:41:40 +00:00
Sabina Talipova
f0aaba5504
FIX HTMLEditorField is not able to show html or xml code examples (#11243) 2024-05-22 09:39:36 +12:00
Guy Sartorelli
a4adad60e9
FIX Don't skip sanitisation when no valid elements are defined 2024-04-18 14:28:02 +12:00
Guy Sartorelli
584968e80c
MNT Update tests to use a dataprovider
Also explicitly test both valid_elements and extended_valid_elements
2024-04-18 14:27:25 +12:00
Bernie Hamlin
99e965b5d7
FIX Use field editorconfig when sanitising content 2024-04-18 14:16:53 +12:00
Guy Sartorelli
e68af4de40
Merge branch '4' into 5.1 2024-03-20 12:15:22 +13:00
Guy Sartorelli
6ede0316bf
Revert "Use field editorconfig when sanitising content" (#11180)
This reverts commit e5eb98cc34.
2024-03-20 12:02:54 +13:00
Guy Sartorelli
c493485281
MNT Remove unexpected coupling with admin for test (#11136) 2024-02-13 17:35:03 +13:00
Sabina Talipova
afd53d1d6a FIX HTMLEditorField::setRows with Elemental 2024-01-25 12:07:10 +13:00
github-actions
0ac8499ea3 Merge branch '4' into 5.1 2023-11-02 20:08:54 +00:00
Sabina Talipova
f393adf1fc MNT Fix incorrect expected value in HTMLEditorFieldTest 2023-11-03 08:48:43 +13:00
github-actions
5125be5a30 Merge branch '4' into 5.1 2023-11-01 20:14:46 +00:00
Sabina Talipova
50aaf9a9d5 MNT Table header closed tag position 2023-11-02 08:51:21 +13:00
github-actions
9a497f54d7 Merge branch '4' into 5.1 2023-10-28 14:23:50 +00:00
Bernie Hamlin
e5eb98cc34 Use field editorconfig when sanitising content 2023-10-25 12:08:46 +13:00
Guy Sartorelli
15e4cbeb7a
Merge branch '4' into 5.0 2023-08-10 11:46:33 +12:00
Sabina Talipova
037168a4fe FIX Multi HTML entities in shortcodes 2023-08-08 13:08:19 +12:00
Guy Sartorelli
b784e243de
Merge pull request #10538 from xini/feature-5-trailing-slash-config-and-redirect
SS5: add trailing slash config and redirect
2023-01-20 15:24:45 +13:00
Florian Thoma
fbcf7dc3e7
API Normalise trailing slashes for all paths
NOTE: There will be additional related PRs required for at least
silverstripe/cms and silverstripe/admin.

Co-authored-by: Guy Sartorelli <guy.sartorelli@silverstripe.com>
2023-01-20 10:31:14 +13:00
Maxime Rainville
b6b0bcea9f Merge branch '4' into 5 2023-01-18 22:16:45 +13:00
Guy Sartorelli
b14de847a5
API Make the public directory mandatory (#10617) 2022-12-14 16:08:47 +13:00
Steve Boyd
fe13856769 [CVE-2022-37429] Sanitise XSS 2022-11-21 13:06:40 +13:00
Guy Sartorelli
ef8a02dfdc
FIX Update config to support tinymce6 2022-09-30 10:40:52 +13:00
Steve Boyd
2b5420ee7d [CVE-2022-37430] Sanitise mixed case javascript 2022-08-23 15:36:48 +12:00
Steve Boyd
98b985fb91 Merge branch '4.10' into 4.11 2022-06-28 17:41:49 +12:00
Guy Sartorelli
d2c58f3bbc [CVE-2022-28803] Block XSS in links and iframes. 2022-06-28 17:01:53 +12:00
Steve Boyd
511b3bb060 ENH PHP 8.1 compatibility 2022-04-14 13:12:59 +12:00
Steve Boyd
cd076542f4
API Upgrade SapphireTest to work with phpunit 9 (#10028) 2021-10-27 15:39:47 +13:00
Steve Boyd
22f809840a MNT Update unit test to expect loading attribute 2021-07-06 17:27:54 +12:00
Daniel Hensby
237b2d5f74
Convert array delcarations to short array syntax 2020-04-20 18:58:09 +01:00
Garion Herman
ea2a2b4786 FIX Adjust HTMLEditorField tests to support alt attr changes in assets
The default behaviour of the alt attribute has changed from using the
filename to applying an empty value.
2019-11-14 12:04:37 +13:00
Maxime Rainville
e59625fe5a
NEW Add ability to define image size preset for the TinyMCE editor. (#9276)
* NEW Add ability to define image size preset for the TinyMCE editor.
* DOC Explain how to define image size pre-sets
2019-10-22 11:50:28 +13:00
Dylan Wagstaff
047ac060c4
Merge pull request #9265 from emteknetnz/feature/noopener
Add noopener attribute to links with a target
2019-10-03 14:42:50 +13:00
Steve Boyd
887f198b07 Add rel attribute to link elements with a target attribute 2019-10-03 14:03:12 +13:00
Saophalkun Ponlu
6a8c6703d1 Remove use_gzip from HTMLEditorField since it's been removed by TinyMCE codebase (#7261)
* Remove `use_gzip` from HTMLEditorField

* DOCS Mention remove use_gzip in changelog
2019-06-21 09:27:48 +12:00
Robbie Averill
64c2938c96 Merge branch '4.3' into 4 2018-11-06 11:05:22 +01:00
Luke Edwards
8866e7674a BUG: Fix duplicate plugins on HTML editor fields (#8559)
* BUG: Fix duplicate plugins on HTML editor fields

* Add new test
2018-11-02 12:26:53 +13:00
Robbie Averill
b02a6fa02d FIX Replace usage of Convert JSON methods with json_encode 2018-10-28 21:15:29 +00:00
Damian Mooyman
df9e0e40d3 Deprecate useDraftStage 2018-03-22 17:23:50 +13:00
Damian Mooyman
3a1c813b28
API Add getContentCSS() / setContentCSS() to allow per-config customisation of content_css
Fixes #7873
2018-03-05 16:10:44 +13:00
Damian Mooyman
34233c0470
Update reference to TestAssetStore 2018-02-14 16:24:12 +13:00
Damian Mooyman
a3c52f901a
Merge remote-tracking branch 'origin/4.0' into 4
# Conflicts:
#	src/Core/TempFolder.php
#	src/ORM/DataObject.php
#	src/View/ThemeResourceLoader.php
#	src/includes/constants.php
#	tests/php/Control/SimpleResourceURLGeneratorTest.php
#	tests/php/Forms/HTMLEditor/HTMLEditorFieldTest.php
#	tests/php/View/RequirementsTest.php
2018-01-22 14:57:05 +13:00
Daniel Hensby
db610aaf3b
Fixing string concat CS issues 2018-01-16 18:39:30 +00:00
Damian Mooyman
8d077203d4 API Implement support for public/ webroot folder (#7741)
* API Implement support for public/ webroot folder

* Bugfixes and refactor based on feedback
2018-01-12 16:25:02 +13:00
Damian Mooyman
69295a6e22
BUG Ensure that all tinymce_lang mappings are valid 2017-12-01 15:00:39 +13:00
Damian Mooyman
d9e7a92b3c
BUG Fix regressions in asset resize behaviour change 2017-11-22 14:36:24 +13:00
Damian Mooyman
6a55dcfc16
Fix references to resource paths / urls 2017-10-10 16:51:47 +13:00