tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-28 23:49:26 +02:00
Code Issues Projects Releases Wiki Activity
21,938 Commits 29 Branches 516 Tags 147 MiB
f3a6922d5d
Commit Graph

3238 Commits

Author SHA1 Message Date
Serge Latyntcev
ad1b00ec7d [CVE-2019-19325] XSS through non-scalar FormField attributes 
Silverstripe Forms allow malicious HTML or JavaScript to be inserted
through non-scalar FormField attributes, which allows performing XSS (Cross-Site Scripting)
on some forms built with user input (Request data). This can lead to phishing attempts
to obtain a user's credentials or other sensitive user input.
There is no known attack vector for extracting user-session information or credentials automatically,
it required a user to fall for the phishing attempt.
XSS can also be used to modify the presentation of content in malicious ways.
 2020-02-17 09:58:29 +13:00
Guy Marriott
c31de772ab
Merge pull request #8838 from creative-commoners/pulls/4/slash-means-root 
Use '/' as an alternative designation for root in routing
 2020-02-14 11:29:32 -08:00
Garion Herman
29943f9049
API TestSession request methods now use the correct HTTP method (#8987) 
* API TestSession request methods now use the correct HTTP method

* DOCS Update requests section in Functional Testing to reflect API change
 2020-02-14 16:01:06 +13:00
Ingo Schommer
bf5a46901c
DOCS Web worker concurrency caveats (#9223) 2020-02-14 15:23:20 +13:00
Garion Herman
be71f34cac DOCS Add documentation covering Root URL Handler behaviour 2020-02-14 14:41:10 +13:00
Garion Herman
a2beabd430 DOCS Add note to update minimum core requirements in minor releases 2020-02-11 14:19:03 +13:00
Guy Marriott
73990ac189
Merge pull request #9399 from creative-commoners/broken-link 
DOCS fix a broken link
 2020-02-06 16:07:40 -08:00
brynwhyman
b60def66dd DOCS fix a broken link 2020-02-07 12:49:17 +13:00
Dylan Wagstaff
3a99a57d41
Merge pull request #9385 from mooror/patch-1 
Updated the "Template Syntax" Documentation
 2020-02-04 11:03:22 +13:00
Steve Boyd
566b81f326
Merge pull request #9392 from creative-commoners/pulls/4/document-tweak-releases 
DOC Add documentation for tweak releases
 2020-02-03 15:33:36 +13:00
Garion Herman
4ce63e4460 DOC Tweak wording on detach-tagged-base explanation [ci skip] 2020-02-03 15:20:47 +13:00
Garion Herman
efb1ebdd1a DOC Add documentation for tweak releases 2020-02-03 14:53:40 +13:00
Ingo Schommer
daf32f2327 DOCS Removed Damian as core committer :( 2020-01-31 12:20:01 +13:00
Benjamin Blake
7c32a848aa
Updated the "Template Syntax" Documentation 
Added a notice to the "Variables" section of the "Template Syntax" documentation to warn developers about common template variable gotchas
 2020-01-27 15:18:40 -07:00
Valentino Pesce
24c28e4457
Docs: Fix link to Middleware not found 
Fix link to Middleware not found in page Rate Limiting
 2020-01-25 19:21:15 +01:00
Robbie Averill
a98a2d9c7f
Merge pull request #9379 from tiller1010/patch-1 
Update to link
 2020-01-24 12:41:44 -08:00
Loz Calver
87ad14dad3
Merge pull request #9371 from Greg808/patch-1 
added addExtraClass
 2020-01-24 09:20:16 +00:00
Tyler Trout
4a1c91f91d
Update to link 
Clicking "ReactJS in SilverStripe" on https://docs.silverstripe.org/en/4/developer_guides/customising_the_admin_interface/cms_layout/ directs to 404.
 2020-01-20 09:47:43 -05:00
Valentino Pesce
0c5fda2003
Docs: Fix route that doesn't exist 2020-01-19 19:03:35 +01:00
Aaron Carlino
681ed4f78a DOC: Fix unterminated injector callout block 2020-01-17 10:47:16 +13:00
Greg808
67725fe271
added addExtraClass 
I am not quiet sure if this is needed but if you want to only add the custom action to the GridField action menu than you need to add the extra classes otherwise it would add it to the action menu and to the gridfield.
 2020-01-13 13:05:39 +01:00
Michael Andrewartha
bc5aa53ed9
Adding SS_ENVIRONMENT_TYPE to documentation 
Before running a dev/build the first time, you need to specify dev as your environment type. The variable wasn't mentioned as part of the list so I've added it. Let me know if it's not clear about the difference between the states, or it should be better documented here somehow.
 2020-01-13 22:59:06 +13:00
Benjamin Blake
7ca70d353b
Updated "Extensions and DataExtensions" Docs 
Updated the new notice to make it use more imperative language (credit @NightJar)
 2020-01-12 15:22:00 -07:00
Benjamin Blake
61af8b00ab
Updated "Extensions and DataExtensions" docs 
Corrected a typo and add more information to hopefully clarify the text.
 2020-01-12 14:56:55 -07:00
Benjamin Blake
74f7606080
Updated "Extensions and DataExtensions" Docs 
Added a notice to the "Owner" section that will remind developers of the limitations of the owner system when it comes to private and protected properties and methods
 2020-01-12 14:47:28 -07:00
Garion Herman
6229d014e0
Merge pull request #9363 from conny-nyman/docs/search_filters 
DOC Updated search filter modifiers documentation
 2020-01-13 08:49:12 +13:00
Conny Nyman
2bd5f8cbcf DOC Updated search filter modifiers documentation to mention that they only work on data lists 2020-01-11 11:09:24 +02:00
Ingo Schommer
c61881a4c0
DOCS Clearer create module instructions (#9365) 
* DOCS Clearer create module instructions

Incl. link to skeleton

* Update docs/en/02_Developer_Guides/05_Extending/00_Modules.md

Co-Authored-By: Garion Herman <garion@silverstripe.com>

Co-authored-by: Garion Herman <garion@silverstripe.com>
 2020-01-08 10:41:28 +13:00
Maxime Rainville
5a082e74b6
Merge pull request #9349 from open-sausages/pulls/4/doc-new-release-life-cyle 
Update the documentation to reflect our new release lifecyle
 2020-01-08 09:14:44 +13:00
Maxime Rainville
34ce2609f4
Adjusting the stated beta period 
Co-Authored-By: Bryn Whyman <bryn.whyman@silverstripe.com>
 2020-01-07 10:14:32 +13:00
Maxime Rainville
d9f48e76bc
Some minor sentence rewording 
Co-Authored-By: Bryn Whyman <bryn.whyman@silverstripe.com>
 2020-01-07 10:08:32 +13:00
Valentino Pesce
c8c1c86d70
FIX: module link "recaptcha" not found 2019-12-23 15:38:27 +01:00
Garion Herman
81497776f3 DOC Tweak names and link in 4.5.0 changelog 2019-12-20 09:53:30 +13:00
Andrew Aitken-Fincham
910f5efbf2 fix markdown tables for url variables documentation 2019-12-19 10:54:45 +00:00
Serge Latyntcev
eaf6bca706 Merge branch '4.5' into 4 2019-12-19 11:26:38 +13:00
Serge Latyntcev
08eaed4190 Added 4.5.0 changelog 2019-12-19 11:24:04 +13:00
Serge Latyntcev
e1a1459df3 Added 4.5.0-rc2 changelog 2019-12-19 11:23:31 +13:00
Maxime Rainville
3f15957b5f DOC New release lifecycle 2019-12-18 17:05:11 +13:00
Robbie Averill
9fb4c75393
Merge pull request #9299 from open-sausages/pulls/4/rfc-8996 
DOC RFC-8996 clarify public APIs
 2019-12-13 18:02:55 -08:00
Matt Peel
1633ddea9c
Fix PHP versions in upgrade guide 
Make versions less generic, and add note about following PHP's supported versions guide
 2019-12-10 12:17:55 +13:00
Serge Latyntcev
c5cd54e5d8 DOC RFC-8996 clarify public APIs 2019-12-09 08:57:16 +13:00
Tristan
aad33e36d7
Change from "Team" to Team::class 
To be consistent with the rest of the doc
 2019-11-28 11:34:41 +13:00
Nicolaas
d1fc27d03a
MINOR: clearer distinction between class names and actual names 2019-11-26 15:57:45 +13:00
Stevie Mayhew
8e27a4f978
Merge pull request #9334 from open-sausages/pulls/4/doc-gridfield-protected-method 
DOC Explain how to use the new protected getGridField and getGridFieldConfig methods on ModelAdmin
 2019-11-26 07:45:55 +13:00
Loz Calver
f4713d95f6
Merge pull request #9333 from creative-commoners/pulls/4/canonicalurlmiddleware-docs 
DOCS Add note about applying forceSSL to non-live environments
 2019-11-25 11:37:30 +00:00
Maxime Rainville
b21c69d814 DOC Explain how to use the new protected getGridField and getGridFieldConfig methods on ModelAdmin 2019-11-25 12:41:24 +13:00
Garion Herman
bf38997b6e DOCS Add note about applying forceSSL to non-live environments 2019-11-25 12:14:26 +13:00
Serge Latyntcev
7f7111f6f3 Doc add RC changelogs 2019-11-20 17:14:54 +13:00
Serge Latyntcev
f67e15b8ee Merge branch '4.5' into 4 2019-11-20 11:12:49 +13:00
Aaron Carlino
e520a2b990 Fix broken callout tags 2019-11-19 13:53:43 +13:00
Ingo Schommer
cca6d8e1be DOCS Remove archive download references (#9250) 
See https://github.com/silverstripe/silverstripe-framework/issues/9232.

Also simplifies composer instructions a bit:
- Removes composer update --no-dev references, that's a bit of an edge case that people can just discover on getcomposer.org if they need it
- Changed example from the unused and oudated silverstripe/forum to silverstripe/blog
- Updated example versions to 4.x
- Remove "updating composer" section, it now tells you if its out of date
- Remove ss-auto-git-ignore module reference. The module hasn't been updated in ages, and it's much less necessary now that all relevant modules are on composer
- Add .env example config to getting started docs, I didn't realise it was stripped from the default --prefer-dist composer install
 2019-11-18 20:02:00 +13:00
Aaron Carlino
6888901468
NEW: Update docs to be compliant with Gatsby site (#9314) 
* First cut

* Temporarily disable composer.json for netlify build

* POC

* New recursive directory query, various refinements

* Fix flexbox

* new styled components plugin

* Apply frontmatter delimiters

* Mobile styles, animation

* Search

* Redesign, clean up

* Nuke the cache, try again

* fix file casing

* Remove production env file

* ID headers

* Move app to new repo

* Add frontmatter universally

* Hide children changelogs

* Add how to title

* New callout tags

* Revert inline code block change

* Replace note callouts

* Fix icons

* Repalce images

* Fix icon

* Fix image links

* Use proper SQL icon
 2019-11-18 17:58:33 +13:00
Serge Latyntcev
84d0d75e96 Added 4.5.0-rc1 changelog 2019-11-18 17:18:05 +13:00
Robbie Averill
022abd8d8d
Merge pull request #9303 from sachajudd/docs/impact-ratings 
DOCS Update SilverStripe Contributing Code GitHub labels
 2019-11-14 09:07:10 -08:00
DorsetDigital
999d277311
Change example domains 
The current examples use an actual, real-world domain.   Have changed to the 'example.com' domain, reserved by IANA for this kind of purpose.
 2019-11-14 08:35:08 +00:00
Serge Latyntcev
efc9bec5e6 Added 4.5.0-alpha1 changelog 2019-11-14 14:39:41 +13:00
DorsetDigital
7e361b6127
Doc: Remove old reference to theme 
Update siteconfig doc to remove reference to setting the current theme.
 2019-11-09 10:28:05 +00:00
Mojmir Fendek
e2bea6b41f API Add withConfig method (#9011) 
* With config functionality added.
* Update docs/en/02_Developer_Guides/04_Configuration/00_Configuration.md
 2019-10-31 16:12:04 +13:00
Serge Latyntcev
2d4cbf8fef DOC Describe our current branch naming conventions 2019-10-30 15:31:36 +13:00
Sacha Judd
11621b66dc DOCS Update SilverStripe Contributing Code GitHub labels 
[ci skip]
 2019-10-30 10:48:16 +13:00
Sam Minnée
e6ea109127
Merge pull request #9298 from ScopeyNZ/pulls/4/update-method-visibility-docs 
DOCS Update contribution guidelines around method visibility
 2019-10-23 11:52:20 +13:00
Serge Latyntsev
bd2ccf70fa
Merge pull request #9282 from open-sausages/pulls/4/docs/clarify-basic-auth 
DOCS Clarify BasicAuth limitations
 2019-10-22 14:01:51 +13:00
Maxime Rainville
e59625fe5a
NEW Add ability to define image size preset for the TinyMCE editor. (#9276) 
* NEW Add ability to define image size preset for the TinyMCE editor.
* DOC Explain how to define image size pre-sets
 2019-10-22 11:50:28 +13:00
Guy Marriott
6458697663
DOCS Update contribution guidelines around method visibility 
This is in response to the RFC discussion in #8996
 2019-10-21 11:00:16 -07:00
jeremy
7900d2aeb1
Update docs/en/02_Developer_Guides/06_Testing/00_Unit_Testing.md 
Better worded

Co-Authored-By: Robbie Averill <robbie@averill.co.nz>
 2019-10-18 11:23:44 +11:00
jeremy
1197b94415
Update Test documentation about database behaviours 
This update is based on what I have experienced and this conversation on Slack https://silverstripe-users.slack.com/archives/C6PLF83H9/p1571281365001600
 2019-10-18 10:38:23 +11:00
Ingo Schommer
36ceaa00dd DOCS Update demo links 
Promote the new landing page: https://www.silverstripe.org/try

[ci-skip]
 2019-10-11 13:48:29 +13:00
Ingo Schommer
8dcda91538 DOCS Clarify BasicAuth limitations 2019-10-10 10:41:39 +13:00
Guy Marriott
3a1904d1bb DOCS Update contact information for translations docs 2019-10-04 09:44:39 -07:00
Serge Latyntcev
7dfc35d204 DOC Fix the required NodeJS version for CMS custamisation 2019-10-01 14:27:23 +13:00
Loz Calver
daf995da63
Fix syntax error in DataList docs 2019-09-30 09:36:12 +01:00
Serge Latyntcev
a706e37ec3 DOC Fix Contribution guide broken links 2019-09-30 13:36:19 +13:00
Serge Latyntsev
80b282b605 DOC Forget about google groups 2019-09-26 14:39:38 +12:00
Maxime Rainville
d7f5ed3e65 DOC Substituce old apache syntax for Require 2019-09-25 16:59:48 +12:00
Robbie Averill
d95fe203b8
Merge pull request #9263 from creative-commoners/pulls/4/js-api-docs-semver-warning 
DOC Add warning about Semver status of modern JS / GraphQL tooling
 2019-09-24 18:17:29 -07:00
Aaron Carlino
b0a17f5df1 Update changelog 2019-09-25 11:23:57 +12:00
Garion Herman
637a891b8c DOC Include link to semver.org in modern JS / GQL warning 2019-09-25 11:22:04 +12:00
Garion Herman
3db0fa46b5 DOC Add warning about Semver status of modern JS / GraphQL tooling 2019-09-25 10:26:06 +12:00
Serge Latyntcev
88fde6e7c3 Merge branch '4.4' into 4 2019-09-24 17:29:06 +12:00
Serge Latyntcev
50a1aa4c4d Merge branch '4.3' into 4.4 2019-09-24 17:28:31 +12:00
Aaron Carlino
b002ef1171 Merge branch '4.4' into 4 2019-09-24 17:26:50 +12:00
Serge Latyntcev
26a4fb38ba Added 4.3.6 changelog 2019-09-24 17:20:48 +12:00
Aaron Carlino
79a89e751d Added 4.4.4 changelog 2019-09-24 17:05:26 +12:00
Aaron Carlino
c1047fac32 DOCS: Add docs for versioned files migration 2019-09-24 16:04:22 +12:00
Aaron Carlino
28057e3a71 DOCS: Add FileShortcodeProvider change to changelog 2019-09-24 16:03:48 +12:00
Aaron Carlino
1f92b21a04 DOCS: Add FileShortcodeProvider change to changelog 2019-09-24 16:03:48 +12:00
Aaron Carlino
8ee5e621fd DOCS: Add docs for versioned files migration 2019-09-24 16:00:51 +12:00
Aaron Carlino
99ab3c6421 DOCS: Add FileShortcodeProvider change to changelog 2019-09-24 16:00:51 +12:00
Serge Latyntcev
f185dfb2c5 DOC Clarify that Security release is a SilverStripe Core release 2019-09-18 11:19:55 +12:00
Christopher Darling
c8f274de80
DOCS fix DataList::exclude() code example 2019-09-15 20:34:18 +01:00
Robbie Averill
b8e81983b9 DOCS Update PSR-12 compliance in GridField_ActionProvider docs code examples 
[ci skip]
 2019-09-13 18:09:10 -07:00
Robbie Averill
ed47f43133
Merge pull request #9169 from jakxnz/patch-1 
Update 04_Create_a_GridField_ActionProvider.md
 2019-09-13 18:05:51 -07:00
Ingo Schommer
229df95fe9 DOCS Warning about protected file serving in 4.x 2019-09-13 18:01:44 -07:00
Serge Latyntsev
233e0e7aa0 ENH PasswordExpirationMiddleware implementation (#9207) 2019-09-12 14:34:06 +12:00
Aaron Carlino
da6582f593 NEW: Remove web installer, move to separate package (#9231) 
* Remove installer

* Remove exposed install files

* Replace Dev/Install classes still in use

* Update changelog

* FIX make the grid field actions consistent to what they look like on pages

Resolves https://github.com/silverstripe/silverstripe-admin/issues/904

* Docs changes
 2019-09-11 13:10:25 +12:00
Andre Kiste
75cd9dc944
Merge pull request #9202 from open-sausages/pulls/4/document-ss32-variant-migration 
DOC Explain how to mgirate SS3.2 variants
 2019-09-11 11:47:28 +12:00
Matt Peel
7083f016c1
Update secure coding standards 
As of SS4.0.0 and the introduction of TrustedProxyMiddleware, the default now if no trusted proxies are defined is that nothing is a trusted proxy, whereas in SS3 a missing declaration was treated as everything being allowed.
 2019-09-10 12:55:24 +12:00
Andre Kiste
23719af2a1
Apply suggestions from code review 
Typos
 2019-09-09 13:36:53 +12:00
Maxime Rainville
c165561580
Fix typos 
Co-Authored-By: Robbie Averill <robbie@averill.co.nz>
 2019-09-09 09:06:40 +12:00
Robbie Averill
66ca1c925f
Merge pull request #9217 from silverstripe/doc-node10 
Update recommended node version in contrib docs
 2019-09-06 11:54:41 -07:00