tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity
12,586 Commits 31 Branches 527 Tags 162 MiB
ccb791995e
Commit Graph

25 Commits

Author SHA1 Message Date
Ingo Schommer
1930add745 Note about SiteTree.ExtraMeta in security docs 2014-02-18 16:07:50 +13:00
sanjay
a0abeab6d5 Update secrity.md 
The following line is repeated in the section "Don't allow access to .yml files "

See [Apache](/installation/webserver) and [Nginx](/installation/nginx) installation documentation for details 
specific to your web server
 2013-11-29 14:45:53 +05:30
Devlin
5ea314d012 FIX PasswordValidator->characterStrength() Documentation 2013-10-15 12:44:50 +02:00
Ingo Schommer
9872a52a8d SecurityToken docs 2013-09-05 12:54:31 +02:00
Ingo Schommer
d4a1e6d294 BUG Prevent clickjacking in CMS and Security controllers (fixes #2215) 2013-07-14 22:44:09 +02:00
Ingo Schommer
b58e2dbe3a Member.lock_out_delay_mins configurable, password security docs 2013-07-11 09:47:28 +02:00
Hamish Friedlander
7b7982969b Add some docs about admin-side HTML sanitisation 2013-07-10 16:44:51 +12:00
Hamish Friedlander
dacb2aa638 FIX HtmlEditorField not re-checking sanitisation server side 2013-07-04 08:53:23 +12:00
Ingo Schommer
14c59be85e API Form::setStrictFormMethodCheck() and strict argument to setFormMethod() 
Thanks to @sminnee for getting this started
 2013-05-08 10:25:13 +02:00
Ingo Schommer
3334eafcb1 API Marked statics private, use Config API instead (#8317) 
See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details.
 2013-03-24 17:20:53 +01:00
Ingo Schommer
99ca0471f7 Merge remote-tracking branch 'origin/2.4' into 3.0 
Conflicts:
	control/RequestHandler.php
	core/control/ContentController.php
	dev/CsvBulkLoader.php
	docs/en/changelogs/index.md
	docs/en/reference/execution-pipeline.md
	docs/en/topics/commandline.md
	docs/en/topics/controller.md
	docs/en/topics/form-validation.md
	docs/en/topics/forms.md
	docs/en/topics/security.md
	model/MySQLDatabase.php
	security/Security.php
	tests/control/ControllerTest.php
	tests/control/RequestHandlingTest.php
 2013-03-19 13:56:04 +01:00
Ingo Schommer
d51e0bc2ec Improved docs on $allowed_actions 
Added section to "Controllers" and "Form" topics,
added $allowed_actions definitions to all controller examples
 2013-02-17 23:30:40 +01:00
Ingo Schommer
3e27d27f7a Improved docs on $allowed_actions 
Added section to "Controllers" and "Form" topics,
added $allowed_actions definitions to all controller examples
 2013-02-17 23:16:25 +01:00
Hamish Friedlander
acfc0be471 Document that yaml files shouldnt be served directly 2013-01-29 14:11:52 +13:00
Ingo Schommer
868d3697fd Fixed usage of DataList etc in docs (fixes #7518) 2012-06-27 16:09:31 +02:00
Ingo Schommer
3a11c690ed MINOR Updated security documentation (phpdoc and markdown) around new DataList and SQLQuery APIs, additional automatic escaping on some stricter inputs like column names 2012-05-16 11:59:22 +02:00
Ingo Schommer
40d73127ae MINOR Using late static binding instead of Object::create() calls 2012-04-04 17:10:31 +02:00
Philipp Krenn
a67c6ce936 ENHANCEMENT Added section on security ratings, moved security process description from 'contributing' to 'release process' section 2012-02-01 11:10:10 +01:00
Ingo Schommer
04a10a4265 MINOR Updated coding conventions to require the 'public' keyword for class methods and variables 2012-01-30 23:13:42 +01:00
Ingo Schommer
73cca09960 BUGFIX Consistently using Convert::raw2sql() instead of DB::getConn()->addslashes() or PHP's deprecated addslashes() for database escaping 2011-09-15 14:43:34 +02:00
Ingo Schommer
c776a1cd67 BUGFIX Consistently using Convert::raw2sql() instead of DB::getConn()->addslashes() or PHP's deprecated addslashes() for database escaping 2011-09-15 14:24:46 +02:00
Michael Andrewartha
f3ac57394d Small text changes, added api links, cont. updating images for tutorials, fixed tutorials from member feedback 2011-03-21 11:53:06 +13:00
Michael Andrewartha
626980acb5 Small text changes, added api links, cont. updating images for tutorials, fixed tutorials from member feedback 2011-03-09 10:05:51 +13:00
Ingo Schommer
8bd01d62c4 ENHANCEMENT Added sapphire/docs (migrated from https://github.com/chillu/silverstripe-doc-restructuring) 2011-02-07 19:55:13 +13:00
Ingo Schommer
b1c36ce0a4 ENHANCEMENT Added sapphire/docs (migrated from https://github.com/chillu/silverstripe-doc-restructuring) 2011-02-07 19:48:44 +13:00