Commit Graph

21725 Commits

Author SHA1 Message Date
Robbie Averill
d3b19069b3
Apply suggestions from code review
Add double quotes around object title
2020-04-02 12:51:13 -07:00
Dan Hensby
d1075f29b8
Remove empty parameter as per feedback 2020-04-02 12:11:35 +01:00
Dan Hensby
9e0ed0a50a
Fix spaces around concatenation operator 2020-04-02 12:09:22 +01:00
Dan Hensby
bb03d314ff
Include phpcs as a dev dependency 2020-04-02 12:06:40 +01:00
mattclegg
24bc80ed35
[DOCS] Better debug text for errors generated by GridFieldDetailForm_ItemRequest 2020-03-31 12:09:16 +05:45
mattclegg
ba3deb9b72
[DOCS] Example should be valid YAML 2020-03-27 20:31:25 +05:45
Maxime Rainville
5fd16cd7e1 Add 4.5.1 changelog 2020-02-17 17:47:23 +13:00
Maxime Rainville
d95e911f1d Update translations 2020-02-17 02:29:18 +00:00
Maxime Rainville
7ce2abf74d Merge remote-tracking branch 'origin/4.4' into 4.5 2020-02-17 14:43:38 +13:00
Maxime Rainville
a9598eec3f Added 4.4.5 changelog 2020-02-17 14:02:57 +13:00
Maxime Rainville
0a9866c087 Update translations 2020-02-17 14:01:02 +13:00
Maxime Rainville
acd7d94167 Merge branch '4.4' into 4.5 2020-02-17 13:07:26 +13:00
Maxime Rainville
49fda52b12
Merge pull request #94 from silverstripe-security/fix/cve-2019-19325
CVE-2019-1935
2020-02-17 12:54:40 +13:00
Serge Latyntcev
ad1b00ec7d [CVE-2019-19325] XSS through non-scalar FormField attributes
Silverstripe Forms allow malicious HTML or JavaScript to be inserted
through non-scalar FormField attributes, which allows performing XSS (Cross-Site Scripting)
on some forms built with user input (Request data). This can lead to phishing attempts
to obtain a user's credentials or other sensitive user input.
There is no known attack vector for extracting user-session information or credentials automatically,
it required a user to fall for the phishing attempt.
XSS can also be used to modify the presentation of content in malicious ways.
2020-02-17 09:58:29 +13:00
Steve Boyd
9d5c3ef20e Merge branch '4.4' into 4.5 2020-02-11 16:45:15 +13:00
Steve Boyd
8dcaed25f4
Merge pull request #9386 from silverstripe-terraformers/feature/orm-column
ORM bugfix and enhancement
2020-02-11 15:56:03 +13:00
Mojmir Fendek
285e6caafa PR fixes 2020-02-11 10:43:01 +13:00
Mojmir Fendek
448147c2f1 PR fixes 2020-02-10 09:17:34 +13:00
Mojmir Fendek
660f80d284 PR fixes 2020-02-07 13:49:19 +13:00
Robbie Averill
fe496a29ec
Merge pull request #9397 from mikenuguid/bugfix/update-orm-scaffoldformfield
FIX Update ORM DBField types to use Injector in scaffoldFormField()
2020-02-04 22:38:34 +13:00
mnuguid
ca36a47bb1 FIX Update ORM DBField types to use Injector in scaffoldFormField()
- This is usable in cases where a DBField is needed to be overloaded through the Injector.
2020-02-04 21:43:47 +13:00
Bryn Whyman
27517c55e7
Merge pull request #9396 from muskie9/patch-11
DOCS correct changelog link in README
2020-02-03 15:48:52 +13:00
Nic
dd537f0cc9
DOCS correct changelog link in README 2020-02-02 20:20:38 -06:00
Mojmir Fendek
99786dda22 ORM Column now supports related table lookup 2020-01-28 15:46:30 +13:00
Mojmir Fendek
9c38c5f625 CMS action related extension points (#9340)
* CMS action related extension points

* Refactor to use fewer extension points

* Remove explicit return type

Co-authored-by: Aaron Carlino <unclecheese@leftandmain.com>
2020-01-27 15:09:15 +13:00
Robbie Averill
53fcd47dfc Merge branch '4.4' into 4.5 2020-01-16 19:59:42 -08:00
Robbie Averill
26e3b6f4e3 Merge branch '4.3' into 4.4 2020-01-16 19:59:24 -08:00
Robbie Averill
7c1a0571f7
Merge pull request #9367 from martinduparc/patch-2
array_key_exists() on objects is deprecated in PHP 7.4
2020-01-14 09:39:49 -08:00
Robbie Averill
38d7bd700d
Merge pull request #9373 from manja/4.5
Fixed issue with merging existing entities in text collector
2020-01-14 09:27:35 -08:00
Robbie Averill
bdc723ff69
Merge pull request #9361 from kinglozzer/configure-database-glob
Minor performance improvement in DatabaseAdapterRegistry::autoconfigure()
2020-01-14 09:25:07 -08:00
Martin D
ec6a353543 array_key_exists() on objects is deprecated
Ref: https://wiki.php.net/rfc/deprecations_php_7_4#array_key_exists_with_objects
2020-01-14 09:22:49 -08:00
Nemanja Karadzic
18f0829053 Fixed issue with merging existing entities in text collector 2020-01-14 14:20:40 +01:00
Loz Calver
a42249b6fc Minor performance improvement in DatabaseAdapterRegistry::autoconfigure() 2019-12-19 14:39:46 +00:00
Serge Latyntcev
08eaed4190 Added 4.5.0 changelog 2019-12-19 11:24:04 +13:00
Serge Latyntcev
e1a1459df3 Added 4.5.0-rc2 changelog 2019-12-19 11:23:31 +13:00
Andre Kiste
6650d81324 BUG Fix extra blank Group being created when creating a new Group (#9325)
* Fix extra blank Group being created when creating a new Group

* Update tests to reflect expected behavior

* Improved tests
2019-11-27 09:32:33 +13:00
Stevie Mayhew
92acc764f7
Merge pull request #9327 from kinglozzer/9259-session-restart
FIX: Session::restart() didn't correctly restart session (fixes #9259)
2019-11-21 11:52:36 +13:00
Loz Calver
453945da14 FIX: Session::restart() didn't correctly restart session (fixes #9259) 2019-11-20 14:21:30 +00:00
Serge Latyntcev
91e4aa90f1 Merge branch '4.4' into 4.5 2019-11-20 11:09:23 +13:00
Serge Latyntcev
8219491705 Merge branch '4.3' into 4.4 2019-11-20 11:08:35 +13:00
Serge Latyntcev
84d0d75e96 Added 4.5.0-rc1 changelog 2019-11-18 17:18:05 +13:00
Garion Herman
4f117e1850
Merge pull request #9318 from open-sausages/pulls/4.5/travis-tweak
Updating targeted recipes on travis build
2019-11-15 10:56:22 +13:00
Maxime Rainville
d91ee25f68 Updating targeted recipes 2019-11-15 10:22:46 +13:00
Serge Latyntsev
eef1e2b6a2
Merge pull request #9315 from creative-commoners/pulls/4/fix-alt-text-in-tests
FIX Adjust HTMLEditorField tests to support alt attr changes in assets
2019-11-15 08:24:22 +13:00
Robbie Averill
bd658ca745
Merge pull request #9305 from tractorcow/pulls/4.3/action-title
BUG FormAction title property cannot be set if useButtonTag is false
2019-11-14 09:06:46 -08:00
Serge Latyntcev
efc9bec5e6 Added 4.5.0-alpha1 changelog 2019-11-14 14:39:41 +13:00
Serge Latyntcev
18074cb891 Remove obsolete branch-alias 2019-11-14 01:24:36 +00:00
Garion Herman
ea2a2b4786 FIX Adjust HTMLEditorField tests to support alt attr changes in assets
The default behaviour of the alt attribute has changed from using the
filename to applying an empty value.
2019-11-14 12:04:37 +13:00
Serge Latyntcev
559f660e0e Merge branch '4.4' into 4 2019-11-13 15:40:34 +13:00
Robbie Averill
c0a716f86c
Merge pull request #9313 from DorsetDigital/patch-5
Doc:  Remove reference to themes
2019-11-09 09:28:41 -08:00