TPS
/
ORIENT
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4,986 Commits 3 Branches 0 Tags 78 MiB
Commit Graph

1189 Commits

Author SHA1 Message Date
Samuel Georges b1fa45ee3a Combine common CSRF logic to a trait 2019-11-02 15:15:18 +11:00
Samuel Georges 49d68f0671 Cookies are no longer serialized 
Based on update to library 09e859a13e we no longer serialize cookies, so the decrypter no longer needs to apply a serialization layer
 2019-11-02 14:52:00 +11:00
Luke Towers 959b85f56c Add cms.enableXsrfCookies config value (default true) to configure whether or not the XSRF cookie is automatically sent or if CSRF tokens are solely relied on. 
Related: https://github.com/octobercms/october/pull/4701#issuecomment-547773385 & https://github.com/laravel/framework/pull/24726
 2019-10-30 08:08:54 -06:00
Luke Towers 457466c5af Fix typehint 2019-10-29 16:33:49 -06:00
Luke Towers eb4648972f Ensure that the XSRF cookie can always be added to the response, no matter the source of the response 2019-10-28 13:33:07 -06:00
Luke Towers 096ccf875d Implement suggestions from @bennothommo 2019-10-28 12:58:07 -06:00
Samuel Georges f542ca8e90 Implement XSRF checking for AJAX handlers 
Refs #4699
Refs #4701
 2019-10-24 20:19:20 +11:00
Alwin Drenth b2dcd3c9fd Update Dutch (NL_nl) translation (#4676) 
Credit to @adrenth
 2019-10-09 13:08:31 +03:00
gaabora 773f266373 Allow for URL parameter to be zero (#4657) 
The `empty()` check previously disallowed string zeroes from being used.

Credit to @gaabora.
 2019-10-08 09:04:52 +08:00
Luke Towers d31006ae1a Return 403 response on CSRF fail instead of silently failing 
Also moved backend::lang.page.invalid_token.label to system::lang.page.invalid_token.label. Fixes
 2019-10-06 23:21:08 -06:00
Samuel Georges c23d671f91 New templates must have a unique widget alias 2019-09-30 20:17:02 +10:00
罗光盛 c19ccb4f60 Update zh-cn backend translations (#4635) 
Credit to @everyx.
 2019-09-26 12:38:22 +08:00
Vojta Svoboda bafd057f8c Optimize theme recognition (#3220) 
Credit to @vojtasvoboda. Will avoid asking the database for the currently active theme if there is only one theme present and its code matches the code set in cms.activeTheme
 2019-09-25 12:26:54 -06:00
Samuell 33d149fe1a Replace caching of Theme config with generic YAML caching (#4526) 
Credit to @Samuell1. Fixes issues related to complexity of the existing approach / cache invalidation by just using the caching built in to YAML::parseFile().
 2019-09-25 11:36:35 -06:00
Dan Harrin 7b8fecaa51 Replace use of parseJSON with JSON.parse (#4517) 
Credit to @DanHarrin
 2019-09-14 06:25:18 -06:00
Samuel Georges 3212fc5b35
Merge pull request #4503 from ghost/role-form 
Add role-form to all forms
 2019-09-10 17:55:40 +10:00
Ben Thomson 0240c21af6 Fail CSRF token checks if the session expires. (#4598) 
Fixes #4595. Credit to @bennothommo
 2019-09-04 21:33:10 -06:00
Ben Thomson 5723cd4b2a
Match save method signature in Theme Export/Import 2019-09-05 10:58:22 +08:00
Ayumi Hamasaki 6942e38615 Remove the IE5 - IE7 Holly Hack support (#4594) 
Credit to @ayumihamsaki
 2019-09-04 09:32:29 -06:00
Dan Harrin 9521dd795c Minor Formatting Corrections in Usage Comments (#4541) 
Credit to @DanHarrin
 2019-08-15 09:14:54 -06:00
Dan Harrin 188c565d69 Hide active theme's Delete button (#4528) 
Credit to @DanHarrin.
 2019-08-15 11:42:25 +08:00
Dan Harrin 4434808549 Remove theme data on theme deletion (#4529) 
Credit to @DanHarrin. Fixes #1292.
 2019-08-15 11:41:03 +08:00
Dan Harrin 967fd02d8c Fix minor spelling errors and inconsistencies (#4543) 
Credit to @DanHarrin.
 2019-08-15 11:39:26 +08:00
Dan Harrin 67c9decb20 Standardise use of [] vs array() (#4548) 
Credit to @DanHarrin
 2019-08-14 20:46:36 -06:00
RickAcb 0383af6282 Update __isset function to comply with the same checks as __get (#4514) 
Credit to @RickAcb.
 2019-08-04 19:56:15 +08:00
Ayumi Hamasaki 432dd5d91a Add role-form to all forms 2019-07-31 15:46:20 +01:00
Luke Towers 99777f5977 Fix issue with AJAX framework load order on the frontend. 
Partially reverts f4e50ddd1a in response to https://github.com/octobercms/october/pull/4285#issuecomment-513566437. Functionality can be re-added at a later date under an optional parameter added to the {% framework %} tag. Replaces https://github.com/octobercms/october/pull/4469
 2019-07-29 16:30:14 -06:00
Anurat Chapanond 02ba765a9e Added Thai translation (#4472) 
Credit to @anurat.
 2019-07-26 14:52:52 -06:00
Samuell df81ea182b Remove alert to prevent showing same popup twice (#4470) 
Credit to @Samuell1
 2019-07-24 12:33:18 -06:00
Luke Towers 1587c7f49c Warn developers to not be silly. Fixes #4466. 2019-07-23 11:17:56 -06:00
Samuell 36c69a063b Add support for tab icons in theme customization (#4464) 
Fixes #4131. Credit to @Samuell1
 2019-07-21 23:45:30 -06:00
Ben Thomson a59d3b83eb Code quality clean up (#4449) 
Credit to @bennothommo
 2019-07-18 08:50:37 -06:00
Ayumi Hamasaki ae5f1a4282 Clean up output of Twig dump() function (#4460) 
Credit to @ayumihamsaki. Fixes #4446.
 2019-07-17 22:54:24 -06:00
Kallef Alexandre 94a71ff3da Improved Brazilian Portuguese translations (#4450) 
Credit to @prhost
 2019-07-13 16:42:43 -06:00
Long Wen 2613141870 Update zh-cn/lang.php file (#4447) 
Credit to @wenlong-date.
 2019-07-11 17:21:24 +03:00
Luke Towers e0e951dfcd
Disable searching and sorting on any_template 
Fixes #4441. Make the new template and old template columns visible and sort by them instead if you need to sort by that column.
 2019-07-09 08:38:30 -06:00
Luke Towers 6f583b3920
Disable theme config cache when debug mode enabled 2019-07-08 16:25:25 -06:00
Long Wen 07a852ed8a Fix selection issue for similar-named CMS objects (#4433) 
CMS objects with the same name as another object (eg. "test.htm" for a page and "test.htm" for a partial) were unable to be selected (selecting the partial selected the page).

Credit to @wenlong-date.
 2019-07-05 16:47:30 +08:00
Ayumi Hamasaki f4e50ddd1a Add new Performance API's to October CMS (#4285) 
PR adds a new Priority Hints API, Preload API and async to the October CMS AJAX injected code and a new Priority Hints API to the loaded assets in the head section.

Credit to @ayumihamsaki. Related #4277, #4030
 2019-06-17 01:17:34 +03:00
Luke Towers 46c867e4b5 Improve API docs 
Resolves #4214
 2019-06-12 00:33:30 -06:00
Ben Thomson a777c44cb4
Remove typehints for database template methods. 
Instead check the CmsObject class inheritence in the methods. Fixes #4376
 2019-06-09 23:33:38 +08:00
Sebastiaan Kloos f921af4199 Fix menus not being displayed with database templates (#4362) 
Credit to @SebastiaanKloos.
 2019-06-06 21:05:38 +08:00
Samuel Georges e7ec0be0c1
Merge pull request #3908 from octobercms/wip/halcyon-db-datasource 
Database layer for the CMS objects
 2019-06-01 14:28:34 +10:00
Samuel Georges 8c398e7ad5 cms_theme_contents -> cms_theme_templates 2019-06-01 12:45:29 +10:00
Samuel Georges 17cea816d8 enableDatabaseLayer -> databaseTemplates 2019-06-01 12:40:17 +10:00
HOOP Mediaclinic 5055c830e9 Finnish language update (#4177) 
* Finnish language update
* Fixed missing ] and added 'scopes'
* Tabs to spaces, removed comma
* Translation file fixes
Removed tabs, fixed indentation
 2019-05-03 18:51:44 +03:00
Samuell 0fdd3c32cb Properly isolate theme's config cache (#4284) 
Fixes support for switching between themes. Credit to @Samuell1 and @w20k
 2019-04-21 18:16:29 -06:00
Luke Towers 7c7ff31cd6 Return 404 when attempting to access /error directly in production 
Replaces #2212
 2019-04-19 15:29:00 -06:00
Samuell a69455d409 Cache the theme config (#4270) 
Fixes #4265. Credit to @Samuell1
 2019-04-19 10:59:27 -06:00
Ben Thomson 7b2a772525 Finish theme:sync command (#4276) 
Credit to @bennothommo
 2019-04-19 09:07:48 -06:00