dd53206a82
Service Workers Invalid security token and Clear Site Data HTTP Header ( #4088 )
...
If a website has a Service Worker installed it would load and register before a User tries to login to the backend causing a "Invalid security token" message. This PR unregisters any installed Service Worker when a User opens the backend Signin webpage.
I have also added the NEW Security Headers to add Protection to October's Cache and Cookies. This includes two new Middleware that first clears any bad cached data before a User tries to login and the second Middleware will clear all the sensitive User Data when a User signs out of the Backend.
For more info on the new Security Header 'Clear Site Data' you can see the spec found here: https://www.w3.org/TR/clear-site-data/
Fixes #4076 , fixes #3707 .
2019-03-01 16:22:18 -06:00
57f358b638
Use 1px for 'min-size' layout rows to fix Firefox spacing issue ( #4171 )
...
Fixes #4114 . Credit to @bennothommo
2019-02-28 13:08:43 -06:00
a89f1f1c3a
Add Closure use declaration ( #4170 )
2019-02-28 14:54:00 +02:00
8ea36eac9c
Return 500 on exception during asset combining ( #4142 )
...
Credit to @alekseyp
2019-02-27 14:33:48 -06:00
57a074364e
Allow controller middleware in backend controllers ( #4106 )
...
Credit to @bennothommo Related: https://github.com/octobercms/october/pull/4088
2019-02-27 14:27:41 -06:00
7f3fb06945
Support custom 500 page when debug mode disabled and CMS module not present
2019-02-26 14:26:56 -06:00
8f5ff1be5a
Support groups field being removed
2019-02-25 13:21:33 -06:00
5dfb5ca988
Added backend.layout.extendHead event
2019-02-25 12:56:55 -06:00
d1c71af4da
Improve Arabic translation ( #4163 )
...
Credit to @mabehiry
2019-02-25 09:26:21 -06:00
6e798079ca
Defer plugin installs from october:install until October is installed ( #4156 )
...
Fixes #4155 . Credit to @filipac.
2019-02-22 16:40:47 -06:00
44cc080769
Added plugin:list, plugin:disable, & plugin:enable artisan commands ( #4127 )
...
Credit to @LucasZdv. Documented by https://github.com/octobercms/docs/pull/356
2019-02-22 12:50:01 -06:00
ecb2b3fe9e
Improve French translations ( #4157 )
...
Credit to @BenjaminMINK
2019-02-22 09:29:43 -06:00
b39eb03336
Defaulted the main menu counter to sum it's side menu counters
2019-02-21 11:55:43 -06:00
d6f8cc179d
Support abort(404) in the backend module
2019-02-21 10:44:58 -06:00
8a60d3c19a
Fire backend.list.extendRecords event during export useList ( #4148 )
...
Provides an opportunity to modify and / or return the $results collection object before the controller exports it. Credit to @fansaien
2019-02-19 17:14:32 -06:00
9581b23d1e
Allow multiline changelog messages, preserve correct order of updates ( #4083 )
...
Credit to @GinoPane
2019-02-19 11:11:43 -06:00
cb981eb82d
Add popup-allow-focus for the second range input ( #4140 )
...
When list filters are in a modal, you cannot select the second field because it does not have popup-allow-focus class. Credit to @filipac
2019-02-15 13:29:18 -06:00
ca33b97692
Reimplemented infinite loading bar with transforms instead of widths ( #4124 )
...
Fixes #4118 . Credit to @Josniii
2019-02-15 13:22:39 -06:00
bbf398133e
Fix issues with AJAX handlers on dashboard widgets. Replaces #4132
2019-02-13 15:05:18 -06:00
a97a17c4c3
Recompiled assets
2019-02-13 14:55:44 -06:00
ac5bc866ff
Prevent password from being HTML encoded in the invite email
2019-02-13 14:55:29 -06:00
c55cc622ff
Added new Inline (no icons) navigation mode to the branding options
2019-02-13 14:55:03 -06:00
cb87802080
Added support for counter and counterLabel to main menu.
...
Refs: #16 , Refs: 7bcec1bd99#4061
2019-02-13 14:54:13 -06:00
1fc8dc6fd4
Added ability to require permissions use ReportWidgets
2019-02-11 16:02:30 -06:00
bb0a23f54c
fixes enable Defaults on repeater ( #4129 )
...
Credit to @panakour
2019-02-11 09:54:55 -06:00
10d97d515f
Use singular byte for '1 byte' filesize ( #4130 )
...
Credit to @bennothommo
2019-02-11 09:48:15 -06:00
7077a1cef3
Improved Turkish translation ( #4121 )
...
Credit to @mahony0
2019-02-07 09:18:42 -06:00
680c729f90
Set the datetime value with time 00:00:00 when using the date mode ( #4111 )
...
Credit to @fansaien
2019-02-06 10:23:50 -06:00
6dbe9be615
Improve the Hungarian translation ( #4112 )
...
Credit to @gergo75
2019-02-05 16:27:32 -06:00
4f3997c6de
Make the filesize display in file upload widget more consistent ( #4110 )
...
Credit to @bennothommo. Fixes #4085 .
2019-02-04 12:54:07 -06:00
970d5622c0
Allow datatables to work within a repeater ( #4102 )
...
Fixes #4063 . Credit to @bennothommo.
2019-02-04 12:50:40 -06:00
78e68ed632
Support nested jsonable values in List columns, refs: #2990 , #2995 , #3088 ,
2019-02-01 15:11:57 -06:00
16ca521cd0
Fix setting default values for repeater in update context ( #4098 )
...
Credit to @CptMeatball
2019-01-31 13:50:21 -06:00
331c8f4383
Change filter.js to fire requests on the control element ( #4094 )
...
Changed filter.js to fire its internal AJAX requests on the control's element instead of the closest form element. Previous behavior would fire the requests on a non-existant form element (as filter widgets are typically not located within a form element) and it looks like that was copy-paste oversight from the inspector javascript that the filter was originally based on. Credit to @fansaien
2019-01-30 14:09:34 -06:00
3118660d83
Improve support for dropdowns with placeholders ( #4060 )
...
Fixes #4053 . Credit to @GinoPane
2019-01-27 16:13:02 -06:00
174f37b604
Fixed repeater add group popover in a popup context ( #4058 )
...
Credit to @VoroninWD.
2019-01-27 11:52:46 -06:00
c0e01c0f0d
Add support for `data-request-url` in the data attributes AJAX API ( #4012 )
...
Credit to @Rike-cz. Documented in https://github.com/octobercms/docs/pull/353
2019-01-25 10:29:49 -06:00
880d614bc5
Fixes bugs with 'collapsed' saved to cookies ( #4080 )
...
Credit to @w20k. Fixes #4047
2019-01-23 01:30:53 -06:00
d5eca59dc6
Remove application root relative to domain root from $mediaFinder->storagePath ( #4055 )
...
This gets added later through the use of Url::to(). Credit to @adsa95. Fixes #4065 , fixes #4039
2019-01-23 01:25:16 -06:00
a539a36b30
Override the Paginators defaultSimpleView ( #3652 )
...
Credit to @dzava. Fixes #3355 .
2019-01-21 23:49:25 -06:00
ec2a0d5fb0
Tabs and tabels scrolling fix ( #4069 )
...
Fixes #4037 . Credit to @w20k
2019-01-21 23:35:27 -06:00
1caaac9704
Added favicon management to back-end customisation ( #4045 )
...
Credit to @Farrow. Also accessible with `brand.faviconPath` configuration item.
2019-01-21 23:25:56 -06:00
920eb15af5
Added support for using the record finder without a model relationship
...
Added useRelation and modelClass config options
2019-01-18 18:16:16 -06:00
8c9be817cc
Added support for min, max, and step for the number field type
2019-01-18 18:14:25 -06:00
67ee2229a5
Added manual deleted_at checks ( #4051 )
...
Fixes #4046
It is possible that the user model gets fetched using the SoftDelete
trait before the relevant migrations were applied during an update.
To fix this edge case the user model is always fetched using the
withTrashed scope and the deleted_at check is done manually afterwards.
@see https://github.com/octobercms/october/issues/3999
2019-01-18 14:42:25 -06:00
7232e7a29d
Escape output to prevent XSS injection ( #4074 )
...
Credit to @nathan-van-der-werf
2019-01-18 10:26:56 -06:00
a4f4a71fc3
Fix reset search button issues ( #4068 )
...
Fixes #4067
2019-01-17 13:33:59 -06:00
3ff77120c6
Improved disabled support for balloon-selector and fileupload fields
2019-01-16 13:32:31 -06:00
f53caf9a75
Formatting improvement
2019-01-16 12:29:28 -06:00
cc84c7cf7a
Revert back to output() and outputThumb() methods
...
Adds a default false flag to enable the new behaviour of returning responses instead.
2019-01-16 12:27:07 -06:00
Ayumi Hamasaki
Ben Thomson
alekseyp
Luke Towers
Mohamed Ali Behiry
Filip Iulian Pacurar
LucasZdv
BenjaminMINK
fansaien
Siarhei Karavai
Jonas Søndergaard
Panagiotis Koursaris
Ben Thomson
Mahmut Namli
Szabó Gergő
Antonie Hogewoning
Alexander Voronin
Rike-cz
Denis Denisov
Adam Sandström
dzava
Farrow
Tobias Kündig
Nathan van der Werf
vosco88