mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
1.6 KiB
1.6 KiB
3.0.10-rc1
Overview
- General: Rewrote usages of error suppression operator
- Security: BUG Fix issue with versioned dataobjects being cached between stages
- Security: BUG Fix encoding of JS redirection script
- Security: FIX Prevent SQLi when no URL filters are applied
- Security: FIX Do now allow arbitary class creation in CMS
Upgrading
- If relying on partial caching of content between logged in users, be aware that the cache is now automatically
segmented based on both the current member ID, and the versioned reading mode. If this is not an appropriate
method (such as if the same content is served to logged in users within partial caching) then it is necessary
to adjust the config value of
SSViewer::global_keyto something more or less sensitive.