silverstripe-framework

mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00

Author	SHA1	Message	Date
Steve Boyd	fe13856769	[CVE-2022-37429] Sanitise XSS	2022-11-21 13:06:40 +13:00
Guy Sartorelli	17f1c7ceed	Merge pull request #10585 from creative-commoners/pulls/4.11/cve-2022-37430 Sanitise mixed case javascript	2022-11-21 13:03:30 +13:00
Guy Sartorelli	e5b81109de	Merge pull request #10584 from creative-commoners/pulls/4.11/cve-2022-38462 Don't allow CRLF in header values	2022-11-21 13:02:25 +13:00
Guy Sartorelli	b17b29eea1	Merge pull request #10583 from creative-commoners/pulls/4.11/cve-2022-38724-embed-shortcode Restrict embed shortcode attributes	2022-11-21 13:01:23 +13:00
Daniel Hensby	bb5b093004	Merge pull request #10578 from MadeHQ/4.11 Prevent infinite loop when getting table name for ComponentID	2022-11-10 21:49:03 +00:00
Lee Bradley	78b661dcf6	Prevent infinite loop when getting table name for ComponentID If the field isn't in the first 2 classes then would just continue to loop Fix means it will continue going to parent classes Can be seen in the UsedOnTable in `admin` module if you have injected a new `Image` class that extends the built in one	2022-11-10 14:00:29 +00:00
Guy Sartorelli	e53380ce89	Merge pull request #10576 from creative-commoners/pulls/4.11/use-blowfish MNT Explicitly test with blowfish	2022-11-10 17:18:20 +13:00
Steve Boyd	49e637d244	MNT Explicitly test with blowfish	2022-11-10 11:36:56 +13:00
Michal Kleiner	27eb390d2b	Merge pull request #10560 from creative-commoners/pulls/4.11/default-admin-encryption	2022-10-27 14:48:52 +13:00
Steve Boyd	a3c1cb0ddf	ENH Set PasswordEncryption on default admin	2022-10-27 13:57:27 +13:00
Guy Sartorelli	168ca00555	[CVE-2022-38724] Restrict embed shortcode attributes	2022-10-26 09:31:12 +13:00
Michal Kleiner	0c207c3079	Merge pull request #10555 from creative-commoners/pulls/4.11/inject-objects	2022-10-19 21:07:48 +13:00
Steve Boyd	e3a6cad8a8	FIX Allow passing objects to InjectionCreator::create() Co-authored-by: Nate Devereux <nate@daveclark.co.nz>	2022-10-19 18:04:48 +13:00
Guy Sartorelli	0b80643210	Merge pull request #10522 from creative-commoners/pulls/4.11/backport-textcollector-fix Fix i18nTextCollector produces corrupt output / namespaces when runni…	2022-09-29 14:42:39 +13:00
Christian Bünte	e24fb3f86c	Fix i18nTextCollector produces corrupt output / namespaces when running under PHP8.0 (#10228 ) * FIX i18nTextCollector produces corrupt output / namespaces when running under PHP8.0	2022-09-29 13:40:40 +13:00
Guy Sartorelli	b36c987eef	Merge pull request #10519 from lekoala/patch-30 request may not have a session	2022-09-29 09:05:12 +13:00
Thomas Portelange	54892fa267	request may not have a session see https://github.com/silverstripe/silverstripe-framework/pull/10512	2022-09-28 10:44:13 +02:00
Michal Kleiner	b80309093c	Merge pull request #10516 from creative-commoners/pulls/4.11/override-named-extension	2022-09-27 23:43:52 +13:00
Guy Sartorelli	4a598ded51	FIX Allow removing named extensions in yaml config	2022-09-27 13:15:28 +13:00
Guy Sartorelli	7e9ced0824	Merge pull request #10470 from creative-commoners/pulls/4.11/case-insensitive-casting FIX Normalise casing before casting fields	2022-09-08 12:45:09 +12:00
Guy Sartorelli	d3c28579b7	[CVE-2022-38462] Don't allow CRLF in header values	2022-09-07 11:22:07 +12:00
Guy Sartorelli	6d885ab894	FIX Normalise casing before casting fields	2022-08-25 17:36:06 +12:00
Steve Boyd	2b5420ee7d	[CVE-2022-37430] Sanitise mixed case javascript	2022-08-23 15:36:48 +12:00
Guy Sartorelli	a7c8ce8d0c	Merge pull request #10432 from creative-commoners/pulls/4.11/remove-travis MNT Remove travis	2022-08-03 12:29:56 +12:00
Steve Boyd	befc202dec	MNT Remove travis	2022-08-03 12:07:37 +12:00
Steve Boyd	fc029b96ed	Merge branch '4.10' into 4.11	2022-08-02 18:24:24 +12:00
Guy Sartorelli	55b23d0c9f	Merge pull request #10429 from creative-commoners/pulls/4.10/standardise-modules MNT Standardise modules	2022-08-02 15:00:00 +12:00
Guy Sartorelli	051e74a289	Merge pull request #10430 from kinglozzer/backtrace FIX: Invalid argument warning in backtrace	2022-08-01 20:42:47 +12:00
Loz Calver	6b15bd6dd4	FIX: Invalid argument warning in backtrace	2022-08-01 09:08:52 +01:00
Steve Boyd	44b2058fbc	MNT Standardise modules	2022-08-01 10:05:19 +12:00
Steve Boyd	b24c289892	Merge branch '4.10' into 4.11	2022-07-28 14:05:07 +12:00
Guy Sartorelli	dcadb9acb1	Merge pull request #10426 from creative-commoners/pulls/4.10/mb3 MNT Update Utf8TestHelper for MySQL 8.0.30	2022-07-28 13:52:17 +12:00
Steve Boyd	bdf7d09144	MNT Update Utf8TestHelper for MySQL 8.0.30	2022-07-28 13:21:23 +12:00
Guy Sartorelli	0a58a443f3	Merge pull request #10422 from creative-commoners/pulls/4.11/revert-skiptest MNT No longer mark tests as skipped if running mysql 8	2022-07-26 15:58:11 +12:00
Steve Boyd	ce46e2da47	MNT No longer mark tests as skipped if running mysql 8	2022-07-26 13:54:10 +12:00
Guy Sartorelli	92d8180c69	Merge pull request #10420 from creative-commoners/pulls/4.11/ignore-test MNT Skip test if Page class missing	2022-07-25 17:06:48 +12:00
Steve Boyd	24daf3ae83	MNT Skip test if Page class missing	2022-07-25 16:35:28 +12:00
Steve Boyd	f6693d4ea5	Merge branch '4.10' into 4.11	2022-07-22 11:20:22 +12:00
Guy Sartorelli	5a91cfca8a	Merge pull request #10416 from creative-commoners/pulls/4.10/backport-ci MNT Add GitHub Actions CI	2022-07-22 11:18:17 +12:00
Steve Boyd	5eb8d3e25f	MNT Skip test in MySQL8	2022-07-22 11:16:32 +12:00
Steve Boyd	dd210e0f84	FIX Check if blank method passed (#10417 )	2022-07-21 15:49:48 +12:00
Steve Boyd	674e6d9b7b	MNT Update utf8 aliases for mysql 8 and mariadb 10.6	2022-07-21 15:19:16 +12:00
Steve Boyd	9db1cd056e	MNT Add GitHub Actions CI	2022-07-21 14:44:02 +12:00
Steve Boyd	c0e8a21acf	Merge branch '4.10' into 4.11	2022-07-08 17:13:03 +12:00
Guy Sartorelli	cc3ec577ed	MNT Remove scrutinizer config. (#10396 )	2022-07-08 16:44:50 +12:00
Guy Sartorelli	3cad03357a	Merge pull request #10384 from creative-commoners/pulls/4.11/remove-wrong-message FIX Unexpected message issue	2022-07-08 13:20:11 +12:00
Michal Kleiner	f2abba8e9e	Merge pull request #10387 from kinglozzer/10386-form-attributes FIX Add missing casting for Form::getAttributesHTML (fixes #10386)	2022-07-05 01:39:35 +12:00
Loz Calver	9b45342a06	FIX: Add missing casting for Form::getAttributesHTML (fixes #10386 )	2022-07-04 12:24:58 +01:00
Steve Boyd	55c3e24a50	Merge branch '4.10' into 4.11	2022-07-04 21:02:23 +12:00
Guy Sartorelli	8a314a90e7	Merge pull request #10385 from silverstripe/pulls/4.10/pdo FIX PDO in PHP 8	2022-07-04 18:24:10 +12:00

1 2 3 4 5 ...

23047 Commits