silverstripe-framework/security at a6bd22ab2f3b11a054d20be13306a19089510989 - silverstripe-framework - Gitea

tonyair/silverstripe-framework

mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00

History

Daniel Hensby a6bd22ab2f

[SS-2016-006] FIX dont disable XSS for login forms

2016-04-20 23:57:59 +01:00

..

Authenticator.php

API Enable re-authentication within the CMS if a user session is lost

2014-10-14 15:19:48 +13:00

BasicAuth.php

Check both $_SERVER['HTTP_AUTHORIZATION'] and $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] for HTTP Basic authentication headers

2015-03-17 14:15:54 +13:00

ChangePasswordForm.php

BUG Fix potential XSS injection

2015-07-01 17:41:32 +12:00

CMSMemberLoginForm.php

API Enable re-authentication within the CMS if a user session is lost

2014-10-14 15:19:48 +13:00

CMSSecurity.php

API Allow CMS re-authentication to be completely disabled if necessary

2014-11-21 17:43:53 +13:00

Group.php

Documented magic properties of DataObject

2014-01-26 00:11:32 -05:00

GroupCsvBulkLoader.php

Method visibility according to coding conventions

2012-09-20 10:46:59 +02:00

LoginAttempt.php

Documented magic properties of DataObject

2014-01-26 00:11:32 -05:00

LoginForm.php

[SS-2016-006] FIX dont disable XSS for login forms

2016-04-20 23:57:59 +01:00

Member.php

FIX session_regenerate_id uses config system

2016-01-05 22:31:58 +00:00

MemberAuthenticator.php

BUG Fix BasicAuth not resetting failed login counts on authentication

2014-10-24 14:19:12 +13:00

MemberCsvBulkLoader.php

Method visibility according to coding conventions

2012-09-20 10:46:59 +02:00

MemberLoginForm.php

BUG Fix malformed urls redirecting to external sites

2015-05-28 10:12:18 +12:00

MemberPassword.php

Documented magic properties of DataObject

2014-01-26 00:11:32 -05:00

PasswordEncryptor.php

API Marked statics private, use Config API instead (#8317 )

2013-03-24 17:20:53 +01:00

PasswordValidator.php

FIX PasswordValidator->characterStrength() Documentation

2013-10-15 12:44:50 +02:00

Permission.php

FIX Members with no ID inherit logged in user permission

2016-01-05 08:16:18 +00:00

PermissionCheckboxSetField.php

Making TreeMultiSelectField consistent with parent class

2015-02-13 11:12:30 +13:00

PermissionFailureException.php

Updating @package and @subpackage doc tags

2013-11-29 17:49:30 +13:00

PermissionProvider.php

FIX Remove instances of lines longer than 120c

2012-09-30 17:18:13 +13:00

PermissionRole.php

Documented magic properties of DataObject

2014-01-26 00:11:32 -05:00

PermissionRoleCode.php

Documented magic properties of DataObject

2014-01-26 00:11:32 -05:00

RandomGenerator.php

API Hash autologin tokens before storing in the database.

2012-11-09 11:29:42 +01:00

Security.php

[ss-2015-020]: Prevent possible Privilege escalation

2015-09-10 13:01:24 +12:00

SecurityToken.php

API Hash autologin tokens before storing in the database.

2012-11-09 11:29:42 +01:00