Sam Minnee
ccc86306b6
NEW: Add TrustedProxyMiddleware
...
API: SS_TRUSTED_PROXY_HOST_HEADER replace with middleware config
API: SS_TRUSTED_PROXY_PROTOCOL_HEADER replace with middleware config
API: SS_TRUSTED_PROXY_IP_HEADER replace with middleware config
API: Front-End-Https = “on” header no longer supported
This middleware replaces the TRUSTED_PROXY setting and shifts its
configuration out of the env vars and bootstrap and into the Director
flow.
2017-06-27 13:32:39 +12:00
Sam Minnee
c4d038f20d
NEW: Add HTTPRequest::getScheme()/setScheme()
...
NEW: Add HTTPRequest::setIP()
API: Rely on HTTPRequestBuilder to set scheme and IP
These changes tidy up HTTPRequest making it a container for information
and removing special logic from it.
This makes it less feature-rich: it doesn’t contain trusted-proxy logic.
This will be able to provided by a middleware.
The new getScheme() method is designed to be closish to PSR-7’s
getUri()->getScheme() equivalent.
There are no more direct $_SERVER references in HTTPRequest.
2017-06-27 13:32:39 +12:00
Sam Minnee
4d89daac78
NEW: Register Injector::inst()->get(HTTPRequest)
...
HTTPRequest is provided as a service so that global references for
session, hostname, etc can be facilitated. It’s a bit of a hack and
should be avoided but we’re unlikely to scrub it completely from the
Silverstripe 4 code.
2017-06-27 13:32:39 +12:00
Sam Minnee
10866c0809
API: Replace Director::direct() with Director::handleRequest().
...
There was no longer any code in direct() and so I opted to expose the
handleRequest() method instead.
2017-06-27 13:32:39 +12:00
Sam Minnee
72a7655e95
NEW: Moved allowed-hosts checking to a middleware.
2017-06-27 13:32:39 +12:00
Sam Minnee
db080c0603
NEW: Move session activation to SessionMiddleware.
2017-06-27 13:32:39 +12:00
Sam Minnee
254204a3a6
NEW: Replace AuthenticationRequestFilter with AuthenticationMiddleware
2017-06-27 13:32:39 +12:00
Sam Minnee
e855622890
NEW: Replace FlushRequestFilter with FlushMiddleware
2017-06-27 13:32:39 +12:00
Sam Minnee
95a266c6b9
FIX: Add tests for middleware
2017-06-27 13:32:39 +12:00
Sam Minnee
c482cd673e
DOC: Documentation and upgrade notes for director middleware
2017-06-27 13:32:39 +12:00
Sam Minnee
b30f410ea0
API: Deprecate RequestFilter.
...
NEW: Allow application of HTTPMiddleware to Director.
Director can now use the same HTTPMiddleware objects as the app object.
They can be applied either globally or pre-rule.
2017-06-27 13:32:39 +12:00
Sam Minnee
26b9bf11ed
NEW: Allow “%$” prefix in Injector::get()
...
Injector::get() looks up services by name. In yaml config it can make
things clearer to prefix service names by %$, which is how they must
be prefixed when referencing nested services within service definitions.
This change means that any other system referencing services will
support an optional prefix without needing to specifically code support
in themselves.
2017-06-27 13:32:39 +12:00
Damian Mooyman
0ed1750106
Merge remote-tracking branch 'origin/3'
...
# Conflicts:
# .travis.yml
# .tx/config
# _config/database.yml
# admin/code/LeftAndMain.php
# admin/code/ModelAdmin.php
# admin/code/SecurityAdmin.php
# admin/javascript/jquery-changetracker/lib/jquery.changetracker.js
# admin/javascript/lang/cs.js
# admin/javascript/lang/de.js
# admin/javascript/lang/eo.js
# admin/javascript/lang/es.js
# admin/javascript/lang/fa_IR.js
# admin/javascript/lang/fi.js
# admin/javascript/lang/fr.js
# admin/javascript/lang/hr.js
# admin/javascript/lang/id.js
# admin/javascript/lang/id_ID.js
# admin/javascript/lang/it.js
# admin/javascript/lang/ja.js
# admin/javascript/lang/lt.js
# admin/javascript/lang/mi.js
# admin/javascript/lang/nb.js
# admin/javascript/lang/nl.js
# admin/javascript/lang/pl.js
# admin/javascript/lang/ro.js
# admin/javascript/lang/ru.js
# admin/javascript/lang/sk.js
# admin/javascript/lang/sl.js
# admin/javascript/lang/sl_SI.js
# admin/javascript/lang/sr.js
# admin/javascript/lang/sr@latin.js
# admin/javascript/lang/sr_RS.js
# admin/javascript/lang/sr_RS@latin.js
# admin/javascript/lang/src/cs.js
# admin/javascript/lang/src/de.js
# admin/javascript/lang/src/eo.js
# admin/javascript/lang/src/es.js
# admin/javascript/lang/src/fa_IR.js
# admin/javascript/lang/src/fi.js
# admin/javascript/lang/src/fr.js
# admin/javascript/lang/src/hr.js
# admin/javascript/lang/src/id.js
# admin/javascript/lang/src/id_ID.js
# admin/javascript/lang/src/it.js
# admin/javascript/lang/src/ja.js
# admin/javascript/lang/src/lt.js
# admin/javascript/lang/src/mi.js
# admin/javascript/lang/src/nb.js
# admin/javascript/lang/src/nl.js
# admin/javascript/lang/src/pl.js
# admin/javascript/lang/src/ro.js
# admin/javascript/lang/src/ru.js
# admin/javascript/lang/src/sk.js
# admin/javascript/lang/src/sl.js
# admin/javascript/lang/src/sl_SI.js
# admin/javascript/lang/src/sr.js
# admin/javascript/lang/src/sr@latin.js
# admin/javascript/lang/src/sr_RS.js
# admin/javascript/lang/src/sr_RS@latin.js
# admin/javascript/lang/src/sv.js
# admin/javascript/lang/src/zh.js
# admin/javascript/lang/sv.js
# admin/javascript/lang/zh.js
# admin/templates/Includes/ModelAdmin_Content.ss
# composer.json
# control/HTTPRequest.php
# core/Config.php
# core/Core.php
# core/Diff.php
# core/Object.php
# core/PaginatedList.php
# core/TempPath.php
# core/manifest/ConfigStaticManifest.php
# dev/Profiler.php
# docs/en/00_Getting_Started/00_Server_Requirements.md
# docs/en/00_Getting_Started/03_Environment_Management.md
# docs/en/02_Developer_Guides/01_Templates/03_Requirements.md
# docs/en/02_Developer_Guides/07_Debugging/03_Template_debugging.md
# docs/en/02_Developer_Guides/13_i18n/index.md
# filesystem/File.php
# filesystem/GD.php
# filesystem/ImagickBackend.php
# filesystem/Upload.php
# forms/DatetimeField.php
# forms/FormField.php
# forms/GroupedDropdownField.php
# forms/TabSet.php
# forms/gridfield/GridFieldFilterHeader.php
# javascript/lang/es.js
# javascript/lang/src/es.js
# lang/af.yml
# lang/ar.yml
# lang/az.yml
# lang/bg.yml
# lang/bs.yml
# lang/ca.yml
# lang/cs.yml
# lang/de.yml
# lang/en.yml
# lang/eo.yml
# lang/es.yml
# lang/es_AR.yml
# lang/es_MX.yml
# lang/et_EE.yml
# lang/fa_IR.yml
# lang/fi.yml
# lang/fo.yml
# lang/fr.yml
# lang/gl_ES.yml
# lang/he_IL.yml
# lang/hr.yml
# lang/hu.yml
# lang/id.yml
# lang/id_ID.yml
# lang/is.yml
# lang/it.yml
# lang/ja.yml
# lang/lt.yml
# lang/lv.yml
# lang/mi.yml
# lang/ms.yml
# lang/nb.yml
# lang/ne.yml
# lang/nl.yml
# lang/pl.yml
# lang/pt.yml
# lang/pt_BR.yml
# lang/ro.yml
# lang/ru.yml
# lang/si.yml
# lang/sk.yml
# lang/sl.yml
# lang/sl_SI.yml
# lang/sr.yml
# lang/sr@latin.yml
# lang/sr_RS.yml
# lang/sr_RS@latin.yml
# lang/sv.yml
# lang/th.yml
# lang/tr.yml
# lang/uk.yml
# lang/zh.yml
# lang/zh_CN.yml
# lang/zh_TW.yml
# model/DataDifferencer.php
# model/DataQuery.php
# model/Image.php
# model/ManyManyList.php
# model/connect/DBSchemaManager.php
# model/connect/PDOConnector.php
# model/fieldtypes/Bigint.php
# model/fieldtypes/DBFloat.php
# model/fieldtypes/DBInt.php
# model/fieldtypes/Double.php
# model/fieldtypes/ForeignKey.php
# model/fieldtypes/PrimaryKey.php
# parsers/HTML/HTMLBBCodeParser.php
# security/Member.php
# security/MemberAuthenticator.php
# security/RandomGenerator.php
# security/Security.php
# tests/control/CookieTest.php
# tests/control/HTTPRequestTest.php
# tests/core/CoreTest.php
# tests/filesystem/UploadTest.php
# tests/forms/FormFieldTest.php
# tests/forms/FormTest.php
# tests/forms/GroupedDropdownFieldTest.php
# tests/forms/HtmlEditorFieldToolbarTest.php
# tests/forms/RequirementsTest.php
# tests/model/DBFieldTest.php
# tests/model/DataObjectTest.php
# tests/model/ManyManyListTest.php
# tests/model/VersionableExtensionsTest.php
# tests/model/VersionedTest.php
# tests/parsers/ShortcodeParserTest.php
# tests/security/MemberAuthenticatorTest.php
# tests/security/MemberTest.php
# tests/security/SecurityTest.php
# tests/view/SSViewerTest.php
# thirdparty/simpletest/encoding.php
# thirdparty/simpletest/page.php
# thirdparty/simpletest/tag.php
# thirdparty/spyc/spyc.php
# thirdparty/tinymce-spellchecker/classes/SpellChecker.php
# thirdparty/tinymce-spellchecker/classes/utils/JSON.php
# thirdparty/tinymce-spellchecker/classes/utils/Logger.php
# thirdparty/tinymce/tiny_mce.js
# thirdparty/tinymce/tiny_mce_gzip.php
# thirdparty/tinymce/tiny_mce_src.js
# view/Requirements.php
# view/SSViewer.php
# view/ViewableData.php
2017-06-27 13:27:14 +12:00
Ingo Schommer
60a3c8754a
Simplify SecurityTest redirect assertion
...
It causes inexplicable failures in the installer test,
while it's passing running in framework standalone.
This might be related to the cms module being present (with framework tests executed).
Either way, testing that FunctionalTest can follow a redirect
and correctly display the "/" homepage isn't really the point of this test. It should limit its assertion to the presence of a redirect.
See https://travis-ci.org/silverstripe/silverstripe-installer/jobs/246703789
2017-06-27 09:23:37 +12:00
Damian Mooyman
17c8e913bc
Merge pull request #7053 from creative-commoners/pulls/4.0/restore-extension-constructor
...
NEW restored Extension::__construct()
2017-06-26 21:39:55 +12:00
Franco Springveldt
d3d426bdfc
NEW restored Extension::__construct()
2017-06-26 17:34:43 +12:00
Damian Mooyman
22f3d5cec0
Merge pull request #7058 from sminnee/fix-install-db
...
FIX: Allow DB::setConfig() in _config.php
2017-06-26 17:29:31 +12:00
Sam Minnee
3c35d25a64
FIX: Allow DB::setConfig() in _config.php
...
This wasn’t working because the database was being validated before
_config.php was loaed.
This is how the installer sets config so this is an important fix.
2017-06-26 14:04:20 +12:00
Loz Calver
f60dcba5e7
Merge pull request #7050 from dhensby/pulls/4/intervention-image
...
DOCS InterventionBackend updates
2017-06-23 12:03:23 +01:00
Daniel Hensby
fea36f2d7b
DOCS Update Image docs to reflect intervention/image changes
2017-06-23 11:18:21 +01:00
Daniel Hensby
b1d8c0308b
Remove asset cache that belongs in assets module
2017-06-23 10:45:41 +01:00
Ingo Schommer
fa568e333e
Fixed linting errors
2017-06-23 11:19:16 +12:00
Ingo Schommer
12c2edc1d5
Fix DeprecationTest
...
The $project use has changed in 3873e4ba00
.
The test isn't really reliant on $project anyway,
it just tests that any other module identifier
doesn't interfere with core notification settings.
2017-06-23 10:22:26 +12:00
Ingo Schommer
fb09e0b65f
Fix merge error
2017-06-23 09:27:46 +12:00
Ingo Schommer
e592bed3e5
Fixed merge error
2017-06-22 23:07:58 +12:00
Damian Mooyman
3873e4ba00
API Refactor bootstrap, request handling
...
See https://github.com/silverstripe/silverstripe-framework/pull/7037
and https://github.com/silverstripe/silverstripe-framework/issues/6681
Squashed commit of the following:
commit 8f65e56532
Author: Ingo Schommer <me@chillu.com>
Date: Thu Jun 22 22:25:50 2017 +1200
Fixed upgrade guide spelling
commit 76f95944fa
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 16:38:34 2017 +1200
BUG Fix non-test class manifest including sapphiretest / functionaltest
commit 9379834cb4
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 15:50:47 2017 +1200
BUG Fix nesting bug in Kernel
commit 188ce35d82
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 15:14:51 2017 +1200
BUG fix db bootstrapping issues
commit 7ed4660e7a
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 14:49:07 2017 +1200
BUG Fix issue in DetailedErrorFormatter
commit 738f50c497
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 11:49:19 2017 +1200
Upgrading notes on mysite/_config.php
commit 6279d28e5e
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 11:43:28 2017 +1200
Update developer documentation
commit 5c90d53a84
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 22 10:48:44 2017 +1200
Update installer to not use global databaseConfig
commit f9b2ba4755
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 21 21:04:39 2017 +1200
Fix behat issues
commit 5b59a912b6
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 21 17:07:11 2017 +1200
Move HTTPApplication to SilverStripe\Control namespace
commit e2c4a18f63
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 21 16:29:03 2017 +1200
More documentation
Fix up remaining tests
Refactor temp DB into TempDatabase class so it’s available outside of unit tests.
commit 5d235e64f3
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 21 12:13:15 2017 +1200
API HTTPRequestBuilder::createFromEnvironment() now cleans up live globals
BUG Fix issue with SSViewer
Fix Security / View tests
commit d88d4ed4e4
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 20 16:39:43 2017 +1200
API Refactor AppKernel into CoreKernel
commit f7946aec33
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 20 16:00:40 2017 +1200
Docs and minor cleanup
commit 12bd31f936
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 20 15:34:34 2017 +1200
API Remove OutputMiddleware
API Move environment / global / ini management into Environment class
API Move getTempFolder into TempFolder class
API Implement HTTPRequestBuilder / CLIRequestBuilder
BUG Restore SS_ALLOWED_HOSTS check in original location
API CoreKernel now requires $basePath to be passed in
API Refactor installer.php to use application to bootstrap
API move memstring conversion globals to Convert
BUG Fix error in CoreKernel nesting not un-nesting itself properly.
commit bba9791146
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 18:07:53 2017 +1200
API Create HTTPMiddleware and standardise middleware for request handling
commit 2a10c2397b
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 17:42:42 2017 +1200
Fixed ORM tests
commit d75a8d1d93
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 17:15:07 2017 +1200
FIx i18n tests
commit 06364af3c3
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 16:59:34 2017 +1200
Fix controller namespace
Move states to sub namespace
commit 2a278e2953
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 19 12:49:45 2017 +1200
Fix forms namespace
commit b65c21241b
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 15 18:56:48 2017 +1200
Update API usages
commit d1d4375c95
Author: Damian Mooyman <damian@silverstripe.com>
Date: Thu Jun 15 18:41:44 2017 +1200
API Refactor $flush into HTPPApplication
API Enforce health check in Controller::pushCurrent()
API Better global backup / restore
Updated Director::test() to use new API
commit b220534f06
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 22:05:57 2017 +1200
Move app nesting to a test state helper
commit 603704165c
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 21:46:04 2017 +1200
Restore kernel stack to fix multi-level nesting
commit 2f6336a15b
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 17:23:21 2017 +1200
API Implement kernel nesting
commit fc7188da7d
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 15:43:13 2017 +1200
Fix core tests
commit a0ae723514
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 15:23:52 2017 +1200
Fix manifest tests
commit ca03395251
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 15:00:00 2017 +1200
API Move extension management into test state
commit c66d433977
Author: Damian Mooyman <damian@silverstripe.com>
Date: Tue Jun 13 14:10:59 2017 +1200
API Refactor SapphireTest state management into SapphireTestState
API Remove Injector::unregisterAllObjects()
API Remove FakeController
commit f26ae75c6e
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 12 18:04:34 2017 +1200
Implement basic CLI application object
commit 001d559662
Author: Damian Mooyman <damian@silverstripe.com>
Date: Mon Jun 12 17:39:38 2017 +1200
Remove references to SapphireTest::is_running_test()
Upgrade various code
commit de079c041d
Author: Damian Mooyman <damian@silverstripe.com>
Date: Wed Jun 7 18:07:33 2017 +1200
API Implement APP object
API Refactor of Session
2017-06-22 22:50:45 +12:00
Daniel Hensby
4ad6bdbe7e
Merge pull request #7028 from kinglozzer/logout-token
...
WIP: Add CSRF token to logout action
2017-06-22 09:39:49 +01:00
Loz Calver
5d27dccd60
NEW: Add CSRF token to logout action
2017-06-21 15:42:13 +01:00
Loz Calver
4d73982263
Merge pull request #7038 from SpiritLevel/patch-1
...
Update 03_Environment_Management.md
2017-06-20 09:04:42 +01:00
David Alexander
3b812417ad
Update 03_Environment_Management.md
...
@dhensby I thought I saw a recent merge making PDO the default.
2017-06-20 10:12:55 +12:00
Damian Mooyman
306d801258
Merge pull request #6984 from dhensby/pulls/4/default-pdo
...
NEW DB Driver defaults to PDO
2017-06-18 21:27:32 +12:00
Chris Joe
8c91d48d3a
Merge pull request #7033 from open-sausages/pulls/4.0/remove-parse-indexspec
...
FIX Remove reference to removed method parseIndexSpec
2017-06-16 16:40:51 +12:00
Chris Joe
102eaed36c
Merge pull request #6722 from open-sausages/pulls/4.0/requirements-html-cleanup
...
Better HTML generation behaviour for Requirements_Backend
2017-06-16 13:52:06 +12:00
Damian Mooyman
dd4eb6ce44
Merge pull request #6960 from open-sausages/pulls/4.0/security-process-docs
...
Internal security process docs
2017-06-16 13:50:58 +12:00
Chris Joe
fa203d8c99
Merge pull request #7034 from open-sausages/pulls/4.0/fix-i18n-countries
...
BUG Removed reserved / removed / invalid country codes
2017-06-16 13:26:42 +12:00
Damian Mooyman
64e802f795
API Move createTag to HTML class
...
ENHANCEMENT Better HTML generation behaviour for Requirements_Backend
2017-06-16 12:22:05 +12:00
Damian Mooyman
54879402ce
BUG Removed reserved / removed / invalid country codes
...
Fixes #6996
2017-06-16 11:38:00 +12:00
Lukas
a990c99d6e
NEW: suffix subfolder in silverstripe-cache with php-version ( #6810 )
...
Note that this changes the default temp path value
* Was: /tmp/silverstripe-cache-Users-FOO-webroot-BAR-php7.1.5/USER
* Now: /tmp/silverstripe-cache-Users-FOO-webroot-BAR/USER-php7.1.5
2017-06-16 11:25:02 +12:00
Damian Mooyman
957d238caa
FIX Remove reference to removed method parseIndexSpec
...
Fixes #6968
2017-06-16 11:20:52 +12:00
Chris Joe
65e2347342
Merge pull request #6989 from open-sausages/pulls/4.0/cms-reauth-style
...
ENHANCEMENT Update style of CMSLogin form
2017-06-15 20:20:27 +12:00
Damian Mooyman
619942f426
Remove trash file
2017-06-15 18:33:47 +12:00
Damian Mooyman
0f90c5b63f
ENHANCEMENT Update style of CMSLogin form
2017-06-15 18:13:14 +12:00
Damian Mooyman
22e084f288
Merge pull request #7026 from Firesphere/move_default_admin
...
Move default admin
2017-06-15 18:12:51 +12:00
Damian Mooyman
024371c37e
API Change authentication ValidationResult handling to pass by-reference
2017-06-15 17:25:23 +12:00
Damian Mooyman
62d095305b
API Update DefaultAdmin services
...
API Improve validation of authentication process
2017-06-15 15:53:57 +12:00
Simon Erkelens
576eee72dc
Remove DefaultAdmin things from Security and Member into the MemberAuthenticator, unifying and removing duplicate code.
2017-06-15 14:20:29 +12:00
Daniel Hensby
273a087f5a
Merge branch '3.6' into 3
2017-06-14 14:29:15 +01:00
Daniel Hensby
c66a5ebcd2
Merge pull request #7019 from robbieaverill/patch-6
...
FIX Update help link from 3.5 to 3.6
2017-06-14 14:15:56 +01:00
Daniel Hensby
c6b790ccb5
Merge pull request #7020 from marczhermo/3.6.1
...
Bug: Complex (curly) syntax
2017-06-14 14:00:23 +01:00
Marcz Hermo
1073eca2fa
Bugfix: Complex (curly) syntax
2017-06-15 00:03:55 +12:00