New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Various CSRF fixes #4176
Merged
Merged
Various CSRF fixes #4176
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
KorvinSzanto
added a commit
to KorvinSzanto/concrete5
that referenced
this pull request
Aug 12, 2016
aembler
pushed a commit
that referenced
this pull request
Aug 15, 2016
* Apply CSRF fixes from #4176 to develop * Don't call parent view * Add CSRF to job scheduling * Add CSRF token to job reset
KorvinSzanto
added a commit
that referenced
this pull request
Dec 12, 2016
commit 716421e Merge: 4f4f154 92baa55 Author: Korvin Szanto <korvinszanto@gmail.com> Date: Mon Dec 12 09:28:53 2016 -0800 Merge tag '8.0.2' Tagging 8.0.2 commit 4f4f154 Author: Korvin Szanto <korvinszanto@gmail.com> Date: Mon Dec 12 09:26:25 2016 -0800 Revert "Move everything out of web" This reverts commit 24be565. commit 24be565 Author: Korvin Szanto <korvinszanto@gmail.com> Date: Mon Dec 12 09:01:56 2016 -0800 Move everything out of web commit a2bf40c Merge: 1ddbb4b f6e2426 Author: Korvin Szanto <korvinszanto@gmail.com> Date: Mon Dec 12 09:01:23 2016 -0800 Merge tag '5.7.5.12' Tagging 5.7.5.12 commit 1ddbb4b Merge: 71c1e4a 745f3ae Author: Korvin Szanto <korvinszanto@gmail.com> Date: Mon Dec 12 09:01:02 2016 -0800 Merge tag '5.7.5.11' Tagging version 5.7.5.11 commit f6e2426 Author: Andrew Embler <andrew@concrete5.org> Date: Fri Dec 9 14:25:00 2016 -0800 upping version number commit 3313379 Author: Korvin Szanto <Korvinszanto@gmail.com> Date: Thu Dec 8 11:26:37 2016 -0800 Remove PHP 5.4+ array syntax commit 0792beb Author: Korvin Szanto <Korvinszanto@gmail.com> Date: Thu Dec 8 11:21:09 2016 -0800 Add a test that ensures all /src files parse commit 745f3ae Author: Andrew Embler <andrew@concrete5.org> Date: Wed Dec 7 14:13:21 2016 -0800 upping version number commit fa95977 Author: Andrew Embler <andrew@concrete5.org> Date: Wed Dec 7 14:05:41 2016 -0800 updating build commit 9a89f1f Author: Andrew Embler <andrew@concrete5.org> Date: Wed Dec 7 09:32:00 2016 -0800 Backporting page controller tweaks commit e3b0e8b Author: Andrew Embler <andrew@concrete5.org> Date: Tue Dec 6 07:17:34 2016 -0800 Revert "Fix #4658 for v5.7" This reverts commit 000d07a. commit d16f74f Merge: 111b82f 21bc3c4 Author: Andrew Embler <andrew@concrete5.org> Date: Tue Dec 6 07:17:00 2016 -0800 Merge branch '5.7.x' of github.com:concrete5/concrete5 into 5.7.x commit 21bc3c4 Merge: 9ccb8fe b0c4326 Author: Andrew Embler <andrew@concrete5.org> Date: Tue Dec 6 06:18:16 2016 -0800 Merge pull request #4766 from mlocati/fix-get-class-with-invalid-syntax-for-php5.3 [5.7] Fix get class with invalid syntax for php 5.3 commit b0c4326 Author: Michele Locati <michele@locati.it> Date: Tue Dec 6 15:05:29 2016 +0100 Avoid the ::class construct We're still on PHP 5.3 for the 5.7 series commit 9ccb8fe Author: Andrew Embler <andrew@concrete5.org> Date: Thu Dec 1 13:03:27 2016 -0800 updates to changelog and download commit c81db01 Author: Andrew Embler <andrew@concrete5.org> Date: Thu Dec 1 12:43:17 2016 -0800 upping version number commit 51b273f Author: Andrew Embler <andrew@concrete5.org> Date: Thu Dec 1 12:28:01 2016 -0800 adding in info object for updates commit 56f0193 Author: Korvin Szanto <korvinszanto@gmail.com> Date: Thu Dec 1 12:19:42 2016 -0800 Define cParentID and appease test gods commit dc20116 Author: Korvin Szanto <korvinszanto@gmail.com> Date: Thu Dec 1 11:22:51 2016 -0800 Generate secure random strings from the identifier service commit 71c1e4a Author: Andrew Embler <andrew@concrete5.org> Date: Thu Dec 1 13:03:27 2016 -0800 updates to changelog and download commit 2cbabd4 Author: Andrew Embler <andrew@concrete5.org> Date: Thu Dec 1 12:43:17 2016 -0800 upping version number commit 7f03b8d Merge: 7fb7aa2 111b82f Author: Andrew Embler <andrew@concrete5.org> Date: Thu Dec 1 12:28:27 2016 -0800 Merge branch '5.7.x' into release/5.7.5.10 commit 111b82f Author: Andrew Embler <andrew@concrete5.org> Date: Thu Dec 1 12:28:01 2016 -0800 adding in info object for updates commit 7fb7aa2 Author: Korvin Szanto <korvinszanto@gmail.com> Date: Thu Dec 1 12:19:42 2016 -0800 Define cParentID and appease test gods commit dc5cd61 Author: Korvin Szanto <korvinszanto@gmail.com> Date: Thu Dec 1 11:22:51 2016 -0800 Generate secure random strings from the identifier service commit aa3a42f Merge: 779e090 1cf77c7 Author: Andrew Embler <andrew@concrete5.org> Date: Thu Nov 17 06:52:12 2016 -0800 Merge pull request #4669 from Remo/patch-10 [5.7] disable caching of share block commit 779e090 Merge: 60205cf 000d07a Author: Andrew Embler <andrew@concrete5.org> Date: Wed Nov 16 10:33:36 2016 -0800 Merge pull request #4659 from mlocati/5.7.x-fix-4658 [V5.7] Fix #4658 commit 1cf77c7 Author: Remo Laubacher <remo.laubacher@gmail.com> Date: Wed Nov 16 09:53:01 2016 +0100 disable caching of share block commit 000d07a Author: Michele Locati <michele@locati.it> Date: Tue Nov 15 21:15:42 2016 +0100 Fix #4658 for v5.7 commit 60205cf Merge: a1371a4 8fc031f Author: Andrew Embler <andrew@concrete5.org> Date: Mon Nov 14 13:07:34 2016 -0800 Merge pull request #4648 from concrete5-Germany/5.7.x-share-this-fix BugFix #4182 commit a1371a4 Merge: c128b11 0f224c2 Author: Andrew Embler <andrew@concrete5.org> Date: Mon Nov 14 09:33:07 2016 -0800 Merge pull request #4642 from mlocati/patch-1 [5.7] Return true/false from Mail\Service::sendMail commit 8fc031f Author: Hamed <darragihamed@gmail.com> Date: Mon Nov 14 18:25:19 2016 +0100 PSR-2 Fix commit af1bd94 Author: Hamed <darragihamed@gmail.com> Date: Mon Nov 14 18:10:56 2016 +0100 Fix uses and clean code commit 727ab09 Author: Hamed <darragihamed@gmail.com> Date: Mon Nov 14 17:55:54 2016 +0100 Format Code commit 7651834 Author: Hamed <darragihamed@gmail.com> Date: Mon Nov 14 10:56:13 2016 +0100 BugFix #4182 commit 0f224c2 Author: Michele Locati <michele@locati.it> Date: Sat Nov 12 19:21:46 2016 +0100 Return true/false from Mail\Service::sendMail commit c128b11 Merge: cfd6b5d 9cc3e59 Author: Andrew Embler <andrew@concrete5.org> Date: Tue Nov 8 11:24:00 2016 -0800 Merge pull request #4618 from mainio/fix/share-this-page-issue-7.0 Fix #4616 for 7.x commit 9cc3e59 Author: Antti Hukkanen <antti.hukkanen@mainiotech.fi> Date: Tue Nov 8 17:37:49 2016 +0200 Fix #4616 for 7.x commit cfd6b5d Merge: 5e59aa1 6e0eb7e Author: Andrew Embler <andrew@concrete5.org> Date: Fri Nov 4 15:18:07 2016 -0700 Merge pull request #4584 from mainio/5.7.x [5.7] Fix installation and CONCRETE5_ENV commit 5e59aa1 Merge: c9f8b03 6b0c8ac Author: Andrew Embler <andrew@concrete5.org> Date: Fri Nov 4 15:10:22 2016 -0700 Merge pull request #4573 from Remo/patch-8 [5.7] use original value in select value translations commit 6e0eb7e Author: Antti Hukkanen <antti.hukkanen@mainiotech.fi> Date: Wed Nov 2 18:01:21 2016 +0200 Fix #4583 for 5.7 commit 6b0c8ac Author: Remo Laubacher <remo.laubacher@gmail.com> Date: Fri Oct 28 20:28:03 2016 +0200 use original value in select value translations commit c9f8b03 Merge: f019b1c 6631085 Author: Andrew Embler <andrew@concrete5.org> Date: Thu Oct 20 09:31:30 2016 -0700 Merge pull request #4541 from Remo/patch-5 [5.7] don't try to create thumbnails of a directory commit 6631085 Author: Remo Laubacher <remo.laubacher@gmail.com> Date: Thu Oct 20 15:29:26 2016 +0200 remove unnecessary file_exists commit e9f7c19 Author: Remo Laubacher <remo.laubacher@gmail.com> Date: Thu Oct 20 14:45:31 2016 +0200 don't create thumbnails of a directory commit f019b1c Merge: 3c25dc2 7c95774 Author: Andrew Embler <andrew@concrete5.org> Date: Wed Oct 19 15:39:00 2016 -0700 Merge pull request #4531 from olsgreen/fix-stack-block-styles [5.7] Fix block styles in stacks. commit 3c25dc2 Merge: 13ea4a6 5dd8e83 Author: Andrew Embler <andrew@concrete5.org> Date: Wed Oct 19 15:24:45 2016 -0700 Merge pull request #4525 from olsgreen/add-edit-mode-class [v5.7] Added 'ccm-edit-mode' class to HTML tag. commit 7c95774 Author: Oliver Green <green2go@gmail.com> Date: Tue Oct 18 13:22:32 2016 +0100 Fix block styles in stacks. commit 5dd8e83 Author: Oliver Green <green2go@gmail.com> Date: Tue Oct 18 11:42:04 2016 +0100 Added 'ccm-edit-mode' class to HTML tag. commit 13ea4a6 Merge: 708ed9f 12d1b0b Author: Andrew Embler <andrew@concrete5.org> Date: Mon Oct 17 11:23:19 2016 -0700 Merge pull request #4522 from olsgreen/check-in-out-bug [5.7] Fix check in out bug see #4521 commit 12d1b0b Author: Oliver Green <green2go@gmail.com> Date: Mon Oct 17 17:21:31 2016 +0100 Fix erroneous force checkins. commit 708ed9f Merge: b4beb96 df95ccd Author: Andrew Embler <andrew@concrete5.org> Date: Sun Oct 16 20:53:00 2016 -0700 Merge pull request #4498 from olsgreen/fix-custom-style-set-theme-id-57 [5.7] Corrected page custom style property / variable name. commit df95ccd Author: Oliver Green <green2go@gmail.com> Date: Tue Oct 11 22:58:30 2016 +0100 Corrected page custom style property / variable name. commit b4beb96 Merge: 48d2fa6 14bf2f5 Author: Andrew Embler <andrew@concrete5.org> Date: Tue Oct 4 15:11:36 2016 -0700 Merge pull request #4443 from mlocati/patch-2 [5.7] Mitigate problems about loading translation files commit 14bf2f5 Author: Michele Locati <michele@locati.it> Date: Fri Sep 30 17:15:56 2016 +0200 Mitigate problems about loading translation files commit 48d2fa6 Author: Michele Locati <michele@locati.it> Date: Wed Sep 28 22:06:57 2016 +0200 Fallback to viewPkgHandle if file not found for themePkgHandle (#4402) Backport of #4382 commit d05b780 Author: Michele Locati <michele@locati.it> Date: Thu Sep 22 20:02:07 2016 +0200 [5.7] Add configuration option to fallback to previous locale (#4388) * Add configuration option to fallback to previous locale If the new configuration option 'concrete.multilingual.use_previous_locale' is set to true, let's reuse the previously used locale. * Ensure current locale selected in switch_language commit b423b7f Author: Andrew Embler <andrew@concrete5.org> Date: Mon Aug 29 07:58:15 2016 -0700 Bug fix for approve page workflow tweak commit 3cfe41c Author: Andrew Embler <andrew@concrete5.org> Date: Wed Aug 24 06:34:56 2016 -0700 backporting a double workflow bug fix commit 8a9e493 Author: Korvin Szanto <Korvinszanto@gmail.com> Date: Fri Aug 12 13:51:52 2016 -0700 Various CSRF fixes (#4176) * Fix CSRF in mobile theme * Fix CSRF in attribute types * Add CSRF protection to conversation points page * Add CSRF to legacy permission file tool * Add CSRF token to job uninstall * Add CSRF tokens to jobs scheduling * Add CSRF to system seo bulk page * Add CSRF tokens to accessibility page * Add CSRF to job reset commit 60f1c53 Author: jaromirdalecky <jaromir.dalecky@gmail.com> Date: Thu Aug 11 03:35:32 2016 +1000 Fix missing permission key (#4159) commit 1bbaf52 Author: Andrew Embler <andrew@concrete5.org> Date: Fri Jul 29 07:19:27 2016 -0700 Multilingual fixes commit f23ba78 Author: Andrew Embler <andrew@concrete5.org> Date: Wed Jul 27 12:17:12 2016 -0700 version update commit 64d0317 Author: Andrew Embler <andrew@concrete5.org> Date: Wed Jul 27 12:08:42 2016 -0700 Making multilingual drafts work commit 9f15285 Author: Andrew Embler <andrew@concrete5.org> Date: Wed Jul 27 10:56:06 2016 -0700 breadcrumb on page type composer publish target commit 9fc398b Author: Andrew Embler <andrew@concrete5.org> Date: Wed Jul 27 10:40:00 2016 -0700 Fixing history entry bug commit a35f9f6 Author: Andrew Embler <andrew@concrete5.org> Date: Mon Jul 25 21:12:52 2016 -0700 adding to changelog
KorvinSzanto
added a commit
that referenced
this pull request
Dec 12, 2016
commit 2f1cc03 [formerly 18788a2489074a312c1c52aec543d7b977881059] [formerly 716421e] Merge: 4f4f154 92baa55 Author: Korvin Szanto <korvinszanto@gmail.com> Date: Mon Dec 12 09:28:53 2016 -0800 Merge tag '8.0.2' Tagging 8.0.2 commit c7c03f2 [formerly 58170ff65d1972b1e0ba235714d76bdfa4cd281b] [formerly 4f4f154] Author: Korvin Szanto <korvinszanto@gmail.com> Date: Mon Dec 12 09:26:25 2016 -0800 Revert "Move everything out of web" This reverts commit a451ca6 [formerly 57aa6a9ac83bb73119c17f65d59eed64b50a2356] [formerly 24be565]. commit a451ca6 [formerly 57aa6a9ac83bb73119c17f65d59eed64b50a2356] [formerly 24be565] Author: Korvin Szanto <korvinszanto@gmail.com> Date: Mon Dec 12 09:01:56 2016 -0800 Move everything out of web commit 7e55775 [formerly 275fad14a623d804ce19b9e63a34b049614fb24e] [formerly a2bf40c] Merge: 1ddbb4b f6e2426 Author: Korvin Szanto <korvinszanto@gmail.com> Date: Mon Dec 12 09:01:23 2016 -0800 Merge tag '5.7.5.12' Tagging 5.7.5.12 commit 73069e6 [formerly 5ffc5db72cb87821233bd2876e950b61db95d4bf] [formerly 1ddbb4b] Merge: 71c1e4a 745f3ae Author: Korvin Szanto <korvinszanto@gmail.com> Date: Mon Dec 12 09:01:02 2016 -0800 Merge tag '5.7.5.11' Tagging version 5.7.5.11 commit c97b69f [formerly 0682c5b46f87bd6f3d0a5f994036227147204620] [formerly f6e2426] Author: Andrew Embler <andrew@concrete5.org> Date: Fri Dec 9 14:25:00 2016 -0800 upping version number commit e34f3c9 [formerly 5038fd08d8ad0e359c12667653f8fb6cd38f38ff] [formerly 3313379] Author: Korvin Szanto <Korvinszanto@gmail.com> Date: Thu Dec 8 11:26:37 2016 -0800 Remove PHP 5.4+ array syntax commit 63a27ca [formerly 0df92273484d72c9fd5c379e3a2bb4cc9a193bcf] [formerly 0792beb] Author: Korvin Szanto <Korvinszanto@gmail.com> Date: Thu Dec 8 11:21:09 2016 -0800 Add a test that ensures all /src files parse commit dce9409 [formerly 29a5ea0eda39d3a31c323a056220dafe03bd6ef5] [formerly 745f3ae] Author: Andrew Embler <andrew@concrete5.org> Date: Wed Dec 7 14:13:21 2016 -0800 upping version number commit 17e9dc6 [formerly bcfa3d68ea0510b108da5a0831075c25053f244c] [formerly fa95977] Author: Andrew Embler <andrew@concrete5.org> Date: Wed Dec 7 14:05:41 2016 -0800 updating build commit 79a99c5 [formerly fd2c4d65ff0eb5bf27404a8f39ad3b0fdc8f8f7a] [formerly 9a89f1f] Author: Andrew Embler <andrew@concrete5.org> Date: Wed Dec 7 09:32:00 2016 -0800 Backporting page controller tweaks commit 35498f0 [formerly ff3f18b27d9b701a600ad7d85b18c96918dcecc5] [formerly e3b0e8b] Author: Andrew Embler <andrew@concrete5.org> Date: Tue Dec 6 07:17:34 2016 -0800 Revert "Fix #4658 for v5.7" This reverts commit 095b7d2 [formerly 466e585034b31d334067021650bba65ab0828933] [formerly 000d07a]. commit 1b3c701 [formerly b5bf7880c1d83ced64cd73c621a6a5d2ca8112d0] [formerly d16f74f] Merge: 111b82f 21bc3c4 Author: Andrew Embler <andrew@concrete5.org> Date: Tue Dec 6 07:17:00 2016 -0800 Merge branch '5.7.x' of github.com:concrete5/concrete5 into 5.7.x commit ce39062 [formerly 5dfa71315e8676e95961ede06d4adc1dbb56d9c0] [formerly 21bc3c4] Merge: 9ccb8fe b0c4326 Author: Andrew Embler <andrew@concrete5.org> Date: Tue Dec 6 06:18:16 2016 -0800 Merge pull request #4766 from mlocati/fix-get-class-with-invalid-syntax-for-php5.3 [5.7] Fix get class with invalid syntax for php 5.3 commit 2f5aeb2 [formerly 329257fe3bbd9c78b42c448c9d9548fd1c8971d4] [formerly b0c4326] Author: Michele Locati <michele@locati.it> Date: Tue Dec 6 15:05:29 2016 +0100 Avoid the ::class construct We're still on PHP 5.3 for the 5.7 series commit 43cef97 [formerly 577f5f4fb589e21c51db2fe6e9f4955e473734b2] [formerly 9ccb8fe] Author: Andrew Embler <andrew@concrete5.org> Date: Thu Dec 1 13:03:27 2016 -0800 updates to changelog and download commit ba9ee1c [formerly 8b21b95a90f57bbdcaae6b8aa1b3905d19474470] [formerly c81db01] Author: Andrew Embler <andrew@concrete5.org> Date: Thu Dec 1 12:43:17 2016 -0800 upping version number commit 419c81e [formerly 7a06e94cb57876571c887abc360f0ab9309df546] [formerly 51b273f] Author: Andrew Embler <andrew@concrete5.org> Date: Thu Dec 1 12:28:01 2016 -0800 adding in info object for updates commit fa302e8 [formerly fe0d2225e855cea14295ddc5ea80ee84195fa97f] [formerly 56f0193] Author: Korvin Szanto <korvinszanto@gmail.com> Date: Thu Dec 1 12:19:42 2016 -0800 Define cParentID and appease test gods commit f87bbb4 [formerly e7b3cc9c0efa48c17ed9ad7742f2dbcee6a3ac38] [formerly dc20116] Author: Korvin Szanto <korvinszanto@gmail.com> Date: Thu Dec 1 11:22:51 2016 -0800 Generate secure random strings from the identifier service commit 8857d99 [formerly 3bbc24ad97aab00fca06a1d4fc9bd21ea1e79d97] [formerly 71c1e4a] Author: Andrew Embler <andrew@concrete5.org> Date: Thu Dec 1 13:03:27 2016 -0800 updates to changelog and download commit 3de3958 [formerly ebbb925cbb2da9b69d8a59d9485d4855a4ad78cc] [formerly 2cbabd4] Author: Andrew Embler <andrew@concrete5.org> Date: Thu Dec 1 12:43:17 2016 -0800 upping version number commit 3cb3506 [formerly bbdb0c3e7f82969d625ba8e77c570dc1185fa813] [formerly 7f03b8d] Merge: 7fb7aa2 111b82f Author: Andrew Embler <andrew@concrete5.org> Date: Thu Dec 1 12:28:27 2016 -0800 Merge branch '5.7.x' into release/5.7.5.10 commit b3eff1a [formerly 6602b44e083bf97733d52ae053f9adb5c78fdd0b] [formerly 111b82f] Author: Andrew Embler <andrew@concrete5.org> Date: Thu Dec 1 12:28:01 2016 -0800 adding in info object for updates commit 9ce95f8 [formerly 714fd411bd94cc73268fb533cc34c44254b9aeee] [formerly 7fb7aa2] Author: Korvin Szanto <korvinszanto@gmail.com> Date: Thu Dec 1 12:19:42 2016 -0800 Define cParentID and appease test gods commit b318b8e [formerly 5a78c155360aff77f0b0976ca4e7d68d7493a145] [formerly dc5cd61] Author: Korvin Szanto <korvinszanto@gmail.com> Date: Thu Dec 1 11:22:51 2016 -0800 Generate secure random strings from the identifier service commit 0ae731c [formerly 13d1e193e02d6ccbbc7d661315b96952888385ad] [formerly aa3a42f] Merge: 779e090 1cf77c7 Author: Andrew Embler <andrew@concrete5.org> Date: Thu Nov 17 06:52:12 2016 -0800 Merge pull request #4669 from Remo/patch-10 [5.7] disable caching of share block commit 7635225 [formerly 1fdba0a6e01b7812a775a94f83d12de348b8dd86] [formerly 779e090] Merge: 60205cf 000d07a Author: Andrew Embler <andrew@concrete5.org> Date: Wed Nov 16 10:33:36 2016 -0800 Merge pull request #4659 from mlocati/5.7.x-fix-4658 [V5.7] Fix #4658 commit 77dd04c [formerly 8ebb123e314e323f3bd95aabb5e9d0df5bd26399] [formerly 1cf77c7] Author: Remo Laubacher <remo.laubacher@gmail.com> Date: Wed Nov 16 09:53:01 2016 +0100 disable caching of share block commit 095b7d2 [formerly 466e585034b31d334067021650bba65ab0828933] [formerly 000d07a] Author: Michele Locati <michele@locati.it> Date: Tue Nov 15 21:15:42 2016 +0100 Fix #4658 for v5.7 commit 5017c22 [formerly eba71a9783911d45b51e3b3fd993d7b33e29a650] [formerly 60205cf] Merge: a1371a4 8fc031f Author: Andrew Embler <andrew@concrete5.org> Date: Mon Nov 14 13:07:34 2016 -0800 Merge pull request #4648 from concrete5-Germany/5.7.x-share-this-fix BugFix #4182 commit bf35fab [formerly 0350477a140df1d77107a09e6d05acf84bf3a6f9] [formerly a1371a4] Merge: c128b11 0f224c2 Author: Andrew Embler <andrew@concrete5.org> Date: Mon Nov 14 09:33:07 2016 -0800 Merge pull request #4642 from mlocati/patch-1 [5.7] Return true/false from Mail\Service::sendMail commit 93d6423 [formerly 0f2654b391b0fc25b49b8f5db969a145e927506b] [formerly 8fc031f] Author: Hamed <darragihamed@gmail.com> Date: Mon Nov 14 18:25:19 2016 +0100 PSR-2 Fix commit 4cf221c [formerly 68ec025682847c9494677cf2c555da036ed4cc4a] [formerly af1bd94] Author: Hamed <darragihamed@gmail.com> Date: Mon Nov 14 18:10:56 2016 +0100 Fix uses and clean code commit 9de4712 [formerly 39eedd62e27ccc9bba9bd69d0863cb146d35a15a] [formerly 727ab09] Author: Hamed <darragihamed@gmail.com> Date: Mon Nov 14 17:55:54 2016 +0100 Format Code commit 0706a47 [formerly d2424ee744bcc9024f0e93b3e42c47b597e58b4a] [formerly 7651834] Author: Hamed <darragihamed@gmail.com> Date: Mon Nov 14 10:56:13 2016 +0100 BugFix #4182 commit 7a8ea3d [formerly 8b40ddc1aec9f1a4a86d9ea5c4077b18fb125188] [formerly 0f224c2] Author: Michele Locati <michele@locati.it> Date: Sat Nov 12 19:21:46 2016 +0100 Return true/false from Mail\Service::sendMail commit aa57422 [formerly 910d45e399a9cc7adbe65ad55fcd604c98ad1abf] [formerly c128b11] Merge: cfd6b5d 9cc3e59 Author: Andrew Embler <andrew@concrete5.org> Date: Tue Nov 8 11:24:00 2016 -0800 Merge pull request #4618 from mainio/fix/share-this-page-issue-7.0 Fix #4616 for 7.x commit 4cd554c [formerly 4f3578dc9cd30e53aedb0333a39bae3c8840b70d] [formerly 9cc3e59] Author: Antti Hukkanen <antti.hukkanen@mainiotech.fi> Date: Tue Nov 8 17:37:49 2016 +0200 Fix #4616 for 7.x commit de43fba [formerly ebf7aa73b3c90cd8c6b7a282bf616093c145e805] [formerly cfd6b5d] Merge: 5e59aa1 6e0eb7e Author: Andrew Embler <andrew@concrete5.org> Date: Fri Nov 4 15:18:07 2016 -0700 Merge pull request #4584 from mainio/5.7.x [5.7] Fix installation and CONCRETE5_ENV commit f229686 [formerly 9c63944575c08bf0c56be7b29da015c6157660c1] [formerly 5e59aa1] Merge: c9f8b03 6b0c8ac Author: Andrew Embler <andrew@concrete5.org> Date: Fri Nov 4 15:10:22 2016 -0700 Merge pull request #4573 from Remo/patch-8 [5.7] use original value in select value translations commit ddae1ef [formerly 7447347a9c0e1f1c97686899a47232797e929b99] [formerly 6e0eb7e] Author: Antti Hukkanen <antti.hukkanen@mainiotech.fi> Date: Wed Nov 2 18:01:21 2016 +0200 Fix #4583 for 5.7 commit a79861f [formerly 196032fdaad123c2ade74ee50bdb99d39204eacc] [formerly 6b0c8ac] Author: Remo Laubacher <remo.laubacher@gmail.com> Date: Fri Oct 28 20:28:03 2016 +0200 use original value in select value translations commit 9b64bc3 [formerly ac6d9976dd27d559b0aa24b95348c0e91a6f6bdb] [formerly c9f8b03] Merge: f019b1c 6631085 Author: Andrew Embler <andrew@concrete5.org> Date: Thu Oct 20 09:31:30 2016 -0700 Merge pull request #4541 from Remo/patch-5 [5.7] don't try to create thumbnails of a directory commit 3dce9f1 [formerly e1a6d5f4fceb48adf2e71efe8844d542ace9b25b] [formerly 6631085] Author: Remo Laubacher <remo.laubacher@gmail.com> Date: Thu Oct 20 15:29:26 2016 +0200 remove unnecessary file_exists commit 7b50224 [formerly faa83143bed30843760e07426149ac9f6bc55d45] [formerly e9f7c19] Author: Remo Laubacher <remo.laubacher@gmail.com> Date: Thu Oct 20 14:45:31 2016 +0200 don't create thumbnails of a directory commit 90d7e30 [formerly fe7ef7edb2c70c170285c893943a4d7a82298010] [formerly f019b1c] Merge: 3c25dc2 7c95774 Author: Andrew Embler <andrew@concrete5.org> Date: Wed Oct 19 15:39:00 2016 -0700 Merge pull request #4531 from olsgreen/fix-stack-block-styles [5.7] Fix block styles in stacks. commit abe5530 [formerly 3c580793bc7eeb538af2a8a4d50829b7e450594f] [formerly 3c25dc2] Merge: 13ea4a6 5dd8e83 Author: Andrew Embler <andrew@concrete5.org> Date: Wed Oct 19 15:24:45 2016 -0700 Merge pull request #4525 from olsgreen/add-edit-mode-class [v5.7] Added 'ccm-edit-mode' class to HTML tag. commit 40a5153 [formerly bd1707fe38f45124d85c4a5baec166a9b02a4bd0] [formerly 7c95774] Author: Oliver Green <green2go@gmail.com> Date: Tue Oct 18 13:22:32 2016 +0100 Fix block styles in stacks. commit d5a0acb [formerly 7f5281a75e7e7b3dd10a47823d84a8535115ca04] [formerly 5dd8e83] Author: Oliver Green <green2go@gmail.com> Date: Tue Oct 18 11:42:04 2016 +0100 Added 'ccm-edit-mode' class to HTML tag. commit b46759a [formerly 4ae15c2a8857efe53842616e38e4e960a9f14239] [formerly 13ea4a6] Merge: 708ed9f 12d1b0b Author: Andrew Embler <andrew@concrete5.org> Date: Mon Oct 17 11:23:19 2016 -0700 Merge pull request #4522 from olsgreen/check-in-out-bug [5.7] Fix check in out bug see #4521 commit d647129 [formerly c6f5510eb264e9f0f2d53dc41b5e84a70a7cc7a3] [formerly 12d1b0b] Author: Oliver Green <green2go@gmail.com> Date: Mon Oct 17 17:21:31 2016 +0100 Fix erroneous force checkins. commit 27dbff0 [formerly 22074c4cac1932c6fed65e986e79d133f4520385] [formerly 708ed9f] Merge: b4beb96 df95ccd Author: Andrew Embler <andrew@concrete5.org> Date: Sun Oct 16 20:53:00 2016 -0700 Merge pull request #4498 from olsgreen/fix-custom-style-set-theme-id-57 [5.7] Corrected page custom style property / variable name. commit a79b96c [formerly 19ecce0e40b744f9b4e38337bfc1e574f25d0202] [formerly df95ccd] Author: Oliver Green <green2go@gmail.com> Date: Tue Oct 11 22:58:30 2016 +0100 Corrected page custom style property / variable name. commit 77416e6 [formerly 5ae79c776ffff2fda09abcbc205834e5296eb4e3] [formerly b4beb96] Merge: 48d2fa6 14bf2f5 Author: Andrew Embler <andrew@concrete5.org> Date: Tue Oct 4 15:11:36 2016 -0700 Merge pull request #4443 from mlocati/patch-2 [5.7] Mitigate problems about loading translation files commit 9de8634 [formerly ddbe8b03004710c82e67022efc8dc7f23a38069f] [formerly 14bf2f5] Author: Michele Locati <michele@locati.it> Date: Fri Sep 30 17:15:56 2016 +0200 Mitigate problems about loading translation files commit efc9b4b [formerly 9c298f30a2330ec87bfa79be066771e7175334d5] [formerly 48d2fa6] Author: Michele Locati <michele@locati.it> Date: Wed Sep 28 22:06:57 2016 +0200 Fallback to viewPkgHandle if file not found for themePkgHandle (#4402) Backport of #4382 commit bb59697 [formerly 66ef4b6409276fa3d6b10781edac5318bb4e3ca8] [formerly d05b780] Author: Michele Locati <michele@locati.it> Date: Thu Sep 22 20:02:07 2016 +0200 [5.7] Add configuration option to fallback to previous locale (#4388) * Add configuration option to fallback to previous locale If the new configuration option 'concrete.multilingual.use_previous_locale' is set to true, let's reuse the previously used locale. * Ensure current locale selected in switch_language commit bb246bf [formerly 9292bb77785c91cb24215f500449c1723d1edcdb] [formerly b423b7f] Author: Andrew Embler <andrew@concrete5.org> Date: Mon Aug 29 07:58:15 2016 -0700 Bug fix for approve page workflow tweak commit dcda0c6 [formerly bc04e991e14e7a01f6c5e53c87161bea95ce8ca5] [formerly 3cfe41c] Author: Andrew Embler <andrew@concrete5.org> Date: Wed Aug 24 06:34:56 2016 -0700 backporting a double workflow bug fix commit 8dc5354 [formerly 117da7fba1d47d1463aba2978427371ee192b543] [formerly 8a9e493] Author: Korvin Szanto <Korvinszanto@gmail.com> Date: Fri Aug 12 13:51:52 2016 -0700 Various CSRF fixes (#4176) * Fix CSRF in mobile theme * Fix CSRF in attribute types * Add CSRF protection to conversation points page * Add CSRF to legacy permission file tool * Add CSRF token to job uninstall * Add CSRF tokens to jobs scheduling * Add CSRF to system seo bulk page * Add CSRF tokens to accessibility page * Add CSRF to job reset commit 80a8ea5 [formerly 2145510f7564d1de2b33e368e7f051149a70f938] [formerly 60f1c53] Author: jaromirdalecky <jaromir.dalecky@gmail.com> Date: Thu Aug 11 03:35:32 2016 +1000 Fix missing permission key (#4159) commit 53cfe20 [formerly 31b2c746aa7c1ae7c640a35db6e9a967db097ed6] [formerly 1bbaf52] Author: Andrew Embler <andrew@concrete5.org> Date: Fri Jul 29 07:19:27 2016 -0700 Multilingual fixes commit 6a49bad [formerly e4919fff43d9fa19e784b6b4e0433c62fc1cdf25] [formerly f23ba78] Author: Andrew Embler <andrew@concrete5.org> Date: Wed Jul 27 12:17:12 2016 -0700 version update commit 853736c [formerly 37056af350a8e38bffc4e9e22affc5ea427660dd] [formerly 64d0317] Author: Andrew Embler <andrew@concrete5.org> Date: Wed Jul 27 12:08:42 2016 -0700 Making multilingual drafts work commit 0e748bc [formerly 9041350b945949bc7038f2363a4f74176ce5eb4f] [formerly 9f15285] Author: Andrew Embler <andrew@concrete5.org> Date: Wed Jul 27 10:56:06 2016 -0700 breadcrumb on page type composer publish target commit e120881 [formerly 9d71b3780a9e75d30ee775c1d7aef0876a62c7b7] [formerly 9fc398b] Author: Andrew Embler <andrew@concrete5.org> Date: Wed Jul 27 10:40:00 2016 -0700 Fixing history entry bug commit 219af5f [formerly 68aaf716e070dd903ef871c2bc5eb2e309ba0c88] [formerly a35f9f6] Author: Andrew Embler <andrew@concrete5.org> Date: Mon Jul 25 21:12:52 2016 -0700 adding to changelog Former-commit-id: 938f77d Former-commit-id: 7f192dece8f78403617faadbee520e1e8594b101
a3020
pushed a commit
to a3020/concrete5
that referenced
this pull request
Dec 12, 2016
* Fix CSRF in mobile theme * Fix CSRF in attribute types * Add CSRF protection to conversation points page * Add CSRF to legacy permission file tool * Add CSRF token to job uninstall * Add CSRF tokens to jobs scheduling * Add CSRF to system seo bulk page * Add CSRF tokens to accessibility page * Add CSRF to job reset Former-commit-id: 8a9e493 Former-commit-id: 117da7fba1d47d1463aba2978427371ee192b543
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
A bunch of separate CSRF additions. I'll work on opening a PR for v8 too.