silverstripe-framework/docs/en/changelogs/rc/3.1.3-rc1.md
2014-02-19 15:40:16 +13:00

1.6 KiB

3.1.3-rc1

Overview

  • Security: Require ADMIN for ?flush=1&isDev=1 (SS-2014-001)
  • Security: XSS in third party library (SWFUpload) (SS-2014-002)
  • Security: SiteTree.ExtraMeta allows JavaScript for malicious CMS authors (SS-2014-003)
  • Better loading performance when using multiple UploadField instances
  • Option for force_js_to_bottom on Requirements class (ignoring inline <script> tags)
  • Added ListDecorator->filterByCallback() for more sophisticated filtering
  • New DataList filters: LessThanOrEqualFilter and GreaterThanOrEqualFilter
  • "Cancel" button on "Add Page" form
  • Better code hinting on magic properties (for IDE autocompletion)
  • Increased Behat test coverage (editing HTML content, managing page permissions)
  • Support for PHPUnit 3.8

Upgrading

SiteTree.ExtraMeta allows JavaScript for malicious CMS authors

If you have previously used the SiteTree.ExtraMeta field for <head> markup other than its intended use case (<meta> and <link>), please consult SS-2014-003.

Changelog