Commit Graph

3730 Commits

Author SHA1 Message Date
Robbie Averill
c3e5ab2258
Merge pull request #65 from silverstripe-security/pulls/4.2/ss-2018-009
[SS-2018-009] Allow forced redirects to HTTPS for responses with basic authentication
2018-05-28 18:57:38 +12:00
Robbie Averill
ea16e28aa7 Merge branch '4.1' into 4 2018-05-28 18:33:56 +12:00
Robbie Averill
6d98a912c9 Merge branch 'heads/4.1.1' into 4.1 2018-05-28 18:26:20 +12:00
Robbie Averill
722202fef4 Merge remote-tracking branch 'origin/4.0.4' into 4.1.1
# Conflicts:
  #	src/Control/Director.php
2018-05-24 15:41:11 +12:00
Robbie Averill
e7e32d13a3
FIX Add namespace and encryptor to tests that expect blowfish to be available 2018-05-24 11:24:56 +12:00
Damian Mooyman
865ebb3398 ENHANCEMENT Improve upgrading experience. (#8025)
* ENHANCEMENT Improve upgrading experience.
Show errors and back button if errors encountered during install
BUG Fix hard-coded 'mysite' folder
Fixes #8024

* Patch behat tests to work with new  buttons
2018-05-21 22:08:34 +12:00
Aaron Carlino
f847f186b1 [ss-2018-013] Remove password text from session data on failed submission 2018-05-14 17:14:38 +12:00
Robbie Averill
5887201dd5
Merge pull request #64 from silverstripe-security/pulls/4.0/ss-2018-010
[SS-2018-010] Fix regression of SS-2017-002
2018-05-14 17:12:45 +12:00
Robbie Averill
beec0c0d47 [SS-2018-010] Fix regression of SS-2017-002 2018-05-14 17:12:07 +12:00
Robbie Averill
1e6790bfb6
Merge pull request #62 from silverstripe-security/pulls/4.0/ss-2018-001
[ss-2018-001] Restrict non-admins from being assigned to admin groups
2018-05-14 17:11:03 +12:00
Damian Mooyman
e409d6f673 [ss-2018-001] Restrict non-admins from being assigned to admin groups 2018-05-14 17:10:22 +12:00
Robbie Averill
39b62e5fbb
Merge pull request #61 from silverstripe-security/pulls/4.0/ss-2018-008
[ss-2018-008] Validate against malformed urls
2018-05-14 17:07:09 +12:00
Damian Mooyman
9053014a7e [ss-2018-008] Validate against malformed urls 2018-05-14 17:06:47 +12:00
Robbie Averill
6f50728b18
Merge pull request #59 from silverstripe-security/pulls/4.0/ss-2018-006
[ss-2018-006] Prevent code execution in template value resolution
2018-05-14 17:06:04 +12:00
Damian Mooyman
2e13ae746f [ss-2018-006] Prevent code execution in template value resolution 2018-05-14 17:05:31 +12:00
Damian Mooyman
d935140a95 [ss-2018-005] Prevent unauthenticated isDev / isTest being allowed 2018-05-14 17:03:39 +12:00
Robbie Averill
30e2d9c4df [SS-2018-009] Allow forced redirects to HTTPS for responses with basic authentication 2018-04-24 14:44:29 +12:00
Damian Mooyman
9a12fac218
BUG Prevent password validator min score producing false negatives
Replaces #7995
2018-04-18 10:35:31 +12:00
Damian Mooyman
87c7a53511
Merge remote-tracking branch 'origin/4.1' into 4
# Conflicts:
#	.travis.yml
2018-04-13 09:56:58 +12:00
Damian Mooyman
5a8c5601a9
Merge remote-tracking branch 'origin/4.0' into 4.1
# Conflicts:
#	.travis.yml
#	composer.json
2018-04-13 09:55:23 +12:00
Damian Mooyman
c54b07a952
API Update to use new chromedriver + behat-extension + facebook/webdriver 2018-04-12 14:19:14 +12:00
Robbie Averill
af2c3886b9 Merge branch '4.1' into 4 2018-04-10 16:27:00 +12:00
Will Rossiter
09cc75a656 MINOR Add visiblity to SelectionGroup test functions 2018-04-05 10:33:27 +12:00
Will Rossiter
2512761587 Fix invalid markup in SelectionGroup selected values 2018-04-05 10:16:25 +12:00
Ingo Schommer
983a724ea5
Merge pull request #7399 from dhensby/pulls/4/reduce-dependence-on-session-for-reading-mode
Reduce dependence on session state for accessing draft stages
2018-03-23 16:19:26 +13:00
Damian Mooyman
df9e0e40d3 Deprecate useDraftStage 2018-03-22 17:23:50 +13:00
Damian Mooyman
257ff69e32 API Implement many_many through polymorphic (from only) (#7928)
* API Support many_many through polymorphic relations (from side only)
Fixes #7911
Fixes #3136

* Add extra docs and allow optional arguments

* ENHANCEMENT Enable quiet to be turned off

* BUG Fix issue with manymanythroughlist duplication
2018-03-22 10:26:25 +13:00
Damian Mooyman
8b9c292509
Merge remote-tracking branch 'origin/4.1' into 4 2018-03-13 14:26:39 +13:00
Damian Mooyman
625f7b4eee
Merge remote-tracking branch 'origin/4.0' into 4.1 2018-03-13 14:26:18 +13:00
Damian Mooyman
3a1c813b28
API Add getContentCSS() / setContentCSS() to allow per-config customisation of content_css
Fixes #7873
2018-03-05 16:10:44 +13:00
Roman Schmid
40c2e299a0 Fix "mb_stripos(): Empty delimiter" warning when no search-keywords are given for DBText::ContextSummary.
Add unit-test to cover that case.
2018-03-01 11:39:30 +01:00
Daniel Hensby
9006daf20b
Cleaning up PR and adding tests 2018-02-28 13:31:56 +00:00
Aaron Carlino
0863bac29a Update getVariables to return a copy of globals rather than including the reference in an array merge 2018-02-27 09:52:36 +13:00
Daniel Hensby
722f2d178a
Merge branch '4.1' into 4 2018-02-26 10:57:52 +00:00
Daniel Hensby
856e89998b
Merge branch '4.0' into 4.1 2018-02-26 10:56:45 +00:00
Damian Mooyman
b27102f810
BUG Fix incorrect assets created when ASSETS_PATH !== BASE_PATH . '/assets' 2018-02-26 13:12:08 +13:00
Aaron Carlino
d91648dd6e Update getVariables to return a copy of globals rather than including the reference in an array merge 2018-02-23 16:25:41 +13:00
Daniel Hensby
ced2ba1f64 API Move CSV writing/reading to league/csv library 2018-02-22 09:22:37 +13:00
Daniel Hensby
dace2f179d
Merge branch '4.1' into 4 2018-02-21 13:58:45 +00:00
Daniel Hensby
c04ff8c55a
Merge branch '4.0' into 4.1 2018-02-21 13:40:30 +00:00
Damian Mooyman
0e26c06644
BUG Fix behaviour towards versioned but unstagable records 2018-02-20 12:20:18 +13:00
Damian Mooyman
12e701c8ed
Merge remote-tracking branch 'origin/4.1' into 4 2018-02-15 09:28:14 +13:00
Damian Mooyman
34233c0470
Update reference to TestAssetStore 2018-02-14 16:24:12 +13:00
Damian Mooyman
0b7cf80331
BUG Fix incorrect convert slashes argument 2018-02-13 16:33:35 +13:00
Daniel Hensby
16d3498a56
Merge branch '4.1' into 4 2018-02-12 10:26:07 +00:00
Daniel Hensby
7ec5fa2c8d
Merge branch '4.0' into 4.1 2018-02-09 15:19:15 +00:00
Daniel Hensby
e298fcc345
Merge branch '3.6' into 4.0 2018-02-09 14:32:58 +00:00
Daniel Hensby
48a8a82326
Merge branch '3.5' into 3.6 2018-02-09 13:20:38 +00:00
Chris Joe
95308e1af6
Merge pull request #7849 from open-sausages/pulls/4.0/fix-debug-string-class-cli
BUG Fix issue with CLIDebugView failing on class name of existing class
2018-02-09 15:41:18 +13:00
Daniel Hensby
d3278d5470 FIX Add Nested DB transaction support (#7848)
* TEST Prove nested transactions break

* Add nested transaction support
2018-02-09 10:28:32 +13:00