silverstripe-framework/docs/en/04_Changelogs/4.4.3.md
2019-09-24 16:03:48 +12:00

4.6 KiB

4.4.3

Embedding files with shortcodes (FileShortcodeProvider) no longer provides a session grant by default. This is because it has the potential to escalate file access to users who otherwise should not have viewing permissions for the file.

There is a minor performance trade-off for disabling these grants. If you have a page with a lot of images that are in a draft state or have custom viewing permissions, it adds an extra database query for each embedded image. With session grants enabled, the first permission check persists the grant into the session, meaning there is no need to query the database on every single file.

Unless you have a lot of shortcode images embedded with protected or draft status on a single page, this setting is best left to its default value of false.

To revert to the old behaviour:

SilverStripe\Assets\Shortcodes\FileShortcodeProvider:
  allow_session_grant: true

Change Log

Bugfixes

  • 2019-08-19 9796bba Ensure IE renders the CMS UI at full width consistently (Garion Herman)
  • 2019-08-18 0d18858 Keep CompareWarningComponent DOM placement consistent to fix… (#128) (Guy Marriott)
  • 2019-08-18 0bf673b Use 0% rather than auto as flex-basis to render correct widt… (#934) (Guy Marriott)
  • 2019-08-18 aa5b046 Keep CompareWarningComponent DOM placement consistent to fix IE 11 (Garion Herman)
  • 2019-08-18 4ec8b1b Use 0% rather than auto as flex-basis to render correct widths (Garion Herman)
  • 2019-08-15 8ba44433 pull up anchors that have been added for linking to (Dylan)
  • 2019-08-15 bae7e3268 Member::changePassword() no longer applies password validation rules to the hashed value (Robbie Averill)
  • 2019-08-15 f354e2018 Set minimum test scores and password length for Members while running fixtured DataObject tests (Robbie Averill)
  • 2019-08-14 9889015 Display breadcrumb element from left to right (#925) (Guy Marriott)
  • 2019-08-13 b239b8b re-enable ability to insert anchors (Dylan Wagstaff)
  • 2019-08-12 65f4ec5e IE 11 rendering issues in Page Editor UI (Garion Herman)
  • 2019-08-12 2fd980f IE 11 rendering issues in ModelAdmin UIs (Garion Herman)
  • 2019-08-09 a2e98dc Display breadcrumb element from left to right (Maxime Rainville)
  • 2019-08-09 3d989a6ea Use content generated by DataColumns component for print and csv export (Guy Marriott)
  • 2019-07-25 40cd66852 Fixed issue where multiple relationship sort order columns would be lost in favor of only the last relationship column in the sort order (UndefinedOffset)
  • 2019-06-05 bcc55e2 Update modal designs to match design pattern library (Guy Marriott)

Other changes

  • 2019-08-15 11a7d6ccb Rename test to be clearer about its intent (Robbie Averill)
  • 2019-07-29 c1ffc4edf Added unit tests for multiple relationship sorting (UndefinedOffset)