Skip to content

Latest commit

 

History

History
2053 lines (1902 loc) · 109 KB

CHANGELOG.md

File metadata and controls

2053 lines (1902 loc) · 109 KB

Changelog

This project adheres to Semantic Versioning.

4.9.42 (2023-07-25)

Fixed issues:

  • Validate unit select menus in widgets (ausi)

4.9.41 (2023-05-03)

Fixed issues:

  • Auto-generate and dump the APP_SECRET during the setup (fritzmg)

4.9.40 (2023-04-25)

Fixed issues:

  • Harden the file manager against directory traversal attacks (ausi)

4.9.39 (2023-02-16)

Fixed issues:

  • #5706 Do not add target="_blank" to the {{link}} insert tag for non-redirect pages (fritzmg)
  • #5742 Prevent division by zero in gallery element (aschempp)
  • #5775 Only check for registration opt-in tokens when purging registrations (fritzmg)
  • #5776 Disallow Composer plugin from php-http/discovery (fritzmg)
  • #5756 Fix "variable must be of type array, null given" (chberger)
  • #5723 Validate the given month or day in the calendar module (leofeyer)
  • #5732 Do not overwrite the default vertical button alignment (leofeyer)
  • #5730 Ignore empy layout selection (fritzmg)
  • #5721 Correctly describe our breadcrumbs with WAI-ARIA tags (Toflar)

4.9.38 (2023-01-13)

Fixed issues:

4.9.37 (2022-11-28)

Fixed issues:

4.9.36 (2022-11-15)

Fixed issues:

4.9.35 (2022-10-11)

Fixed issues:

  • #5343 Backport the TinyMCE accesskey fix (leofeyer)
  • #5352 Fix DC_Folder ID not being determined correctly due to special characters (fritzmg)
  • #5336 Fix a potential error when trying to log the deleted record (qzminski)
  • #5330 Add an exception for a missing administrator email address (fritzmg)
  • #5348 Correctly pick fallback root page with domain (aschempp)
  • #5342 Hide the form field name if a widget does not submit input (leofeyer)
  • #5338 Backport localconfig file check to Contao 4.9 (fritzmg)
  • #5331 Do not show errors twice in console (ausi)
  • #5329 Fix "MySQL data too long" error in search (ausi)
  • #5325 Fix a potential PHP 8 warning in the backend help wizard (qzminski)
  • #5323 Handle CSV fields in the registration and personal data modules (leofeyer)
  • #4776 Remove invalid duplicate CSV handling (aschempp)
  • #5250 Fix cache tagging for aliased content elements (fritzmg)
  • #5296 Do not use exponential notation for float values (ausi)
  • #5298 Use Webmozart\PathUtil\Path instead of Symfony\Component\Filesystem\Path (fritzmg)

4.9.34 (2022-09-15)

Fixed issues:

  • #5271 Fix the order of the palette combiner (ausi)
  • #5275 Fix the search field in Safari 16 (leofeyer)
  • #5276 Fix the opacity of draft elements (leofeyer)
  • #5270 Allow symlinked bundle paths in the template files listing (m-vo)
  • #5231 Do not use POST values directly for Reply-To and Cc (fritzmg)
  • #5226 Fix a CSS issue in the install tool database update screen (leofeyer)
  • #5208 Fix custom paste modes not working properly (qzminski)
  • #5225 Check the ID when sending comment notifications (leofeyer)
  • #5224 Use the correct label for the "confirm password" field (leofeyer)
  • #4930 Do not set HTTP header in Versions::addToTemplate (fritzmg)

4.9.33 (2022-08-17)

Fixed issues:

  • #5013 Do not insert fields that do not exist in the DB (aschempp)
  • #5164 Fix check for existing label in DcaLoader (ausi)
  • #5130 Only set login constants in master request (fritzmg)
  • #5155 Deprecate Calendar::addEvent() (ausi)
  • #5143 Do not run the DC constructor inside the picker widget (ausi)
  • #5132 Check for column options in AdjustSearchUrlLengthListener (fritzmg)
  • #5154 Allow empty key for subpalette suffix based on select (dennisbohn)
  • #5145 Fix typo in tl_comments (ausi)

4.9.32 (2022-08-12)

Fixed issues:

  • #5123 Remove the "draft" overlay (leofeyer)
  • #5121 Remove leftover code in the DataContainer class (fritzmg)
  • #4628 Automatically reduce tl_search.url length (fritzmg)
  • #4887 Update the Google Analytics tracking snippet (ameotoko)
  • #5072 Backport lazy services for CronJob repository (aschempp)
  • #5101 Check database version in migrate command (ausi)
  • #4777 Fix the missing cache tag invalidation in tree view (Toflar)
  • #5075 Do not include "index" in folderUrl (aschempp)
  • #4968 Set login constants in request listener (fritzmg)
  • #5032 Allow null for PaletteManipulator parent (fritzmg)
  • #5077 Fix indeterministic order for non-unique filters in DC_Table (Toflar)
  • #5010 Fix adjustTime in tl_calendar_events (fritzmg)
  • #5102 Make sure the framework is initialized when accessing config (aschempp)
  • #5058 Fix illegal string offsets in the translator (ausi)
  • #4964 Fix PHP 8 warning in ModuleRegistration (ameotoko)
  • #4975 Fix tl_member source translations for city and state (zoglo)
  • #4966 Use cache_suffix for TinyMCE (fritzmg)
  • #4366 Revise drafts only when navigating back (ausi)
  • #4895 Fix an error in page forward if the $_GET parameter is an array (qzminski)

4.9.31 (2022-07-05)

Fixed issues:

  • #4865 Correctly check ptable when moving records (aschempp)
  • #4864 Fix inconsistency when copying child records (aschempp)
  • #4906 Improve deprecation warning for DCA FQCN (aschempp)
  • #4894 Display an error message if the version cannot be restored (qzminski)
  • #4880 Adjust the video file type sorting in the media element (leofeyer)
  • #4867 Do not update the search index on redirects (Toflar)
  • #4879 Do not call kernel.terminate on fresh cache entries (Toflar)
  • #4858 Fix 0 to nbsp conversion in the listing module (bezin)
  • #4853 Determine the InnoDB index length only once per schema (ausi)
  • #4845 Fix the crawl logs view (leofeyer)
  • #4828 Correctly clear style sheets on 404 (aschempp)
  • #4832 Prevent unlimited recurrences in the event list (leofeyer)
  • #4574 Fix the impersonation message (cliffparnitzky)
  • #4819 Deprecate CURRENT_ID (ausi)
  • #4809 Add a migration for bad playerColor data (ausi)
  • #4814 Fix preview toolbar always showing error (fritzmg)
  • #4804 Fix SearchIndexSubscriber not respecting noindex hint (Toflar)
  • #4802 Ignore website roots with empty language in the meta wizard (fritzmg)

4.9.30 (2022-06-03)

Fixed issues:

  • #4766 Exclude the ModuleWizard checkbox from keyboard access (aschempp)
  • #4711 Correctly support legacy DC names in picker provider (aschempp)
  • #4718 Fix DBAFS when upload_path contains subfolders (fritzmg)
  • #4708 Increase the tl_comments_notify.url length (fritzmg)
  • #4727 Deprecate REQUEST_TOKEN (ausi)
  • #3742 Show error if preview settings could not be applied (fritzmg)
  • #4690 Handle cases when layoutId is not set on page model (bezin)
  • #4698 Fix broken filemanager for unsupported images (ausi)
  • #4686 Always delete indexed page for unsuccessful responses (fritzmg)
  • #4693 Reduce the row sizes of tl_module and tl_content (ausi)
  • #4680 Fix the non-JS navigation toggle on backend dashboard (aschempp)
  • #4670 Fix type warning in event list (fritzmg)
  • #4633 Undeprecate contao.csrf.token_manager (fritzmg)
  • #4647 Improve the news archive permission labels (Toflar)
  • #4638 Deprecate Frontend::getCronTimeout (fritzmg)
  • #4622 Always set a mock session when creating feeds (fritzmg)
  • #4621 Correctly handle rgxp natural text field attributes (aschempp)

4.9.29 (2022-05-05)

Fixed issues:

4.9.28 (2022-03-31)

Fixed issues:

  • #4427 Handle long page titles and URLs in the search table (leofeyer)
  • #4424 Also hover over the parent records in "paste" mode (leofeyer)
  • #4423 Decode the folder name when checking for circular references (leofeyer)
  • #4219 Make the contao:install:lock command idempotent (richardhj)
  • #4408 Improve insert tags speed (ausi)
  • #4252 Fix the trigger_error() calls (leofeyer)
  • #4402 Fixed nested http client options not supported (Toflar)
  • #4357 Fix srcToInsertTag() for URL encoded paths (fritzmg)
  • #4294 Rename the Controller::reset() method (aschempp)
  • #4331 Fix typos in the Environment class (fritzmg)
  • #4293 Revert 'Do not use the .tl_confirm CSS class in the front end' (leofeyer)
  • #4299 Fix invalid news content element ID (ausi)
  • #4263 Make the search accent insensitive (ausi)
  • #4256 Allow fragment reference with fake model instance (aschempp)
  • #4236 Also create a new version if a checkbox is auto-submitted (leofeyer)
  • #4373 Also clean textarea of caption for last metawizard (aschempp)
  • #4322 Use FQCN instead of aliased class name (bytehead)
  • #4266 Forward IO to Composer filesystem in ScriptHandler (aschempp)
  • #4285 Fix DCA extractor wrongly assuming every DCA is database driven (fritzmg)

4.9.27 (2022-03-09)

Fixed issues:

  • #4248 Correctly encode redirect URLs between 401 pages and login forms (leonexcc)
  • #4241 Do not use the .tl_confirm CSS class in the front end (leofeyer)
  • #4235 Add the |urlattr flag in the StringUtil::srcToInsertTag() method (leofeyer)
  • #4237 Handle 0 as widget attribute value (leofeyer)
  • #4233 Make config.sql optional in the DCA (leofeyer)
  • #4234 Create new versions after the onsubmit_callback in the registration module (leofeyer)
  • #4232 Limit the number of suggestions in the front end preview (leofeyer)
  • #4231 Remove the $Template property from the PageRegular class again (leofeyer)
  • #4229 Use the Contao short URL service for keyboard shortcuts (leofeyer)
  • #4150 Improve sorting in the system log (bennyborn)
  • #4091 Lazy call router when replacing old backend paths (aschempp)
  • #4199 Deprecate the ContaoFrameworkInterface service (aschempp)
  • #4212 Unset key in URL when switching edit mode (aschempp)
  • #4135 Do not configure the default clickjacking paths in the skeleton (fritzmg)
  • #4218 Do not process redirected URLs outside base domains (fritzmg)
  • #4225 Remove the wizard if a DCA field is not editable (aschempp)
  • #4227 Support "submitOnChange" in the PageTree and Picker widgets (aschempp)
  • #4226 Deprecate the Page*::generate() methods (aschempp)
  • #4210 Fix warning in ModuleArticle if page object is null (bezin)
  • #4204 Allow underscores in tag attributes (bytehead)
  • #4155 Allow <summary> and <details> tags by default (Toflar)
  • #4083 Unlock flatten option for imagine configuration (rabauss)
  • #4105 Fix trailing slashes in URL for Contao 4.9 (aschempp)

4.9.26 (2022-02-08)

Fixed issues:

  • #4045 Correctly strip all CSRF token occurrences (ausi)
  • #4075 Remove the Controller::$Template property (leofeyer)
  • #4072 Reduce memory consumption when warming up cache (Toflar)
  • #4067 Correctly handle null values in DCs (ausi)

4.9.25 (2022-02-03)

Fixed issues:

  • #3997 Fix several array to string conversions (leofeyer)
  • #4056 Fix merging cssID from ContentModule to FrontendModuleController (ameotoko)
  • #3857 Fix fragments in RSS feeds (fritzmg)
  • #3800 Fix routing with local domain and port (bezin)
  • #4009 Fix long content being cut off in the back end popup (qzminski)
  • #4031 Backport 'Replace phpunit/token-stream with nikic/php-parser' (m-vo)
  • #4020 Fix compatibility with Composer 2.2.5 (ausi)
  • #4013 Reload translations if the language changes (ausi)
  • #3984 Add the config.allow-plugins settings to the composer.json files (leofeyer)
  • #3971 Fix Input::post() for form data (fritzmg)
  • #3981 Reduce the scope of the authentication listener (fritzmg)
  • #3790 Add a debounce wrapper to the username autosuggester (ameotoko)
  • #3488 Add a configuration for allowed URL protocols (MarkejN)
  • #3910 Fix the ScriptHandlers for Composer 2.3 (fritzmg)
  • #3915 Do not generate URLs for insert tags that don’t need it (aschempp)
  • #3842 Simplify expression in Crawl\Escargot\Factory (m-vo)
  • #3966 Add compatibility with symfony/filesystem 5.4 (ausi)
  • #3939 Fix duplicating child records with dynamic ptable (dmolineus)
  • #3876 Correctly handle array values in DCs (aschempp)
  • #3882 Do not initialize the framework to get the Automator commands (aschempp)
  • #3877 Enforce final newline in HTML5 templates (aschempp)
  • #3836 Report HTTP exceptions as warnings for the crawler instead of errors (Toflar)
  • #3867 Serialize array value before saving (bytehead)
  • #3841 Remove an unused setup method (aschempp)

4.9.24 (2021-12-16)

Fixed issues:

4.9.23 (2021-12-02)

Fixed issues:

4.9.22 (2021-10-20)

Fixed issues:

4.9.21 (2021-10-05)

New features:

  • #3352 Also pass the template object in the "parseFrontendTemplate" hook (xprojects-de)

Fixed issues:

  • #3543 Fix the meta wizard language menu (leofeyer)
  • #3496 Handle edge cases in StringUtil::convertEncoding() (SeverinGloeckle)
  • #3534 Translate all languages in the file meta data (aschempp)
  • #3526 Improve the JwtManager (aschempp)
  • #3503 Correctly handle empty image size formats (aschempp)
  • #3521 Document another known limitation (leofeyer)
  • #3519 Do not encode option values (ausi)
  • #3517 Merge duplicate tags in HTML attributes config (ausi)
  • #3513 Allow HTML by default only for tinyMCE and ace|html (ausi)
  • #3512 Decode the subject when sending form submission via email (ausi)
  • #3508 Unset the noComments field if the comments bundle is not installed (leofeyer)
  • #3499 Load DataContainer before determining empty value (fritzmg)
  • #3497 Fix the option sorting in the back end drop-downs (leofeyer)
  • #3475 Allow WebP to PNG/JPG conversion (fritzmg)
  • #3480 Correctly handle empty values in the registration module (fritzmg)
  • #3481 Fix inconsistencies in the search field rendering (leofeyer)
  • #3464 Redirect if the back end is called via the front end preview entry point (leofeyer)
  • #3461 Do not reset the entire flash bag when resetting the message system (leofeyer)
  • #3416 Dispatch the PreviewUrlCreateEvent even with an empty ID (SeverinGloeckle)
  • #3467 Prevent image overflow for selected content elements (fritzmg)
  • #3457 Fix the picker for child tables without PID (ausi)
  • #3426 Migrate the newsletter module keys in version 4.0 (aschempp)
  • #3462 Add a label for "edit multiple" to the deep link confirmation screen (leofeyer)
  • #3460 Fix the position of the pagination menu in "edit multiple" mode (leofeyer)
  • #3459 Fix a broken if-condition in tl_files::excludeFolder() (leofeyer)
  • #3455 Handle flags in insertTagToSrc() (ausi)
  • #3454 Fix the event endTime adjustment (fritzmg)
  • #3444 Service priority 0 is not the same as not-set priority (aschempp)
  • #3441 Add canonical name to routes (aschempp)
  • #3329 Make sure X-Forwarded-Host is trusted if trusted hosts are configured (Toflar)
  • #3422 Handle % characters in the SERP preview (fritzmg)
  • #3407 Respect the decodeEntities flag with rgxp => url (rabauss)
  • #3412 Do not dynamically disable HttpCache but rely on env vars instead (Toflar)
  • #3423 Convert allowed attributes to lowercase (ausi)
  • #3417 Use PHP functions to modify query strings (leofeyer)
  • #3405 Harden the version 4.5.0 migration (fritzmg)
  • #3394 Show table name in model relation exception (SeverinGloeckle)
  • #3402 Fix the Adapter::__call() method signature (SeverinGloeckle)
  • #3390 Fix simple token parsing in HTML (ausi)
  • #3383 Fix the default quote style (leofeyer)
  • #3296 Fix a phpDoc comment in the Pagination class (zonky2)

4.9.20 (2021-08-24)

Fixed issues:

  • #3369 Fix using insert tags in the page title (ausi)
  • #3360 Use intl for text direction (fritzmg)
  • #3367 Handle insert tag flags in the picker (leofeyer)
  • #3310 Add the "dry-run" and "format=ndjson" options to the migrate command (ausi)
  • #3359 Fix the media element migration (ausi)
  • #3346 Fix versioning condition in DC_Folder edit action (ausi)
  • #3356 Make the metadata available in the download element (leofeyer)
  • #3341 Clarify contao.preview_script usage (fritzmg)
  • #3314 Add support for namespaced attributes (ausi)
  • #3303 Warn if the DB server is not running in strict mode (ausi)
  • #3321 Correctly explode foreign keys in the DCA (fritzmg)
  • #3323 Remove reference to other table from column classname in DC_Table (dennisbohn)
  • #3319 Correctly encode HTML comments, <script> and <style> tags (ausi)
  • #3315 Do not encode special characters if no tags are allowed (ausi)
  • #3311 Fix version creation for entries with dynamic ptable (fritzmg)
  • #3278 Check if stopwatch is started before stopping (bytehead)
  • #3283 Check if the indexer service exists when purging search tables (bytehead)

4.9.19 (2021-08-12)

Fixed issues:

  • #3293 Do not show the urlattr flag for rgxp url fields (ausi)
  • #3292 Improve compatibility with JSON in attributes (ausi)
  • #3291 Fix the "iflng" and "ifnlng" insert tags (ausi)
  • #3275 Fix missing tooltips for widget help text (ausi)

4.9.18 (2021-08-11)

Security fixes:

  • Prevent privilege escalation with the form generator (ausi)
  • Prevent PHP file inclusion via insert tags (ausi)
  • Prevent XSS via HTML attributes in the back end (ausi)

4.9.17 (2021-08-04)

New features:

  • #2940 Show the Contao layout in the Symfony profiler (aschempp)

Fixed issues:

  • #3256 Revert 'Lazy-load the rootFallbackLanguage property' (leofeyer)
  • #3214 Support request tokens in Symfony forms (ausi)
  • #3251 Harden literal insert tag replacement (m-vo)
  • #3245 Fix a func_get_arg() value error (ausi)
  • #3220 Correctly clean up left-over records in DCA mode 5 (aschempp)
  • #3218 Do not start the session in the login module (ausi)
  • #3197 Allow defining entities alongside DCA definitions (m-vo)
  • #3190 Consider the robots.txt content in the SearchIndexSubscriber (Toflar)
  • #3221 Remove the dev firewall (aschempp)
  • #3217 Allow robots setting for redirect pages (fritzmg)
  • #3210 Ensure the numberOfItems label does refer to items only (Toflar)
  • #3216 Add Google Conversion Linker cookie to deny list (ausi)
  • #3179 Backport support for namespaced DC drivers (fritzmg)
  • #3174 Correctly handle form fields in DC_Folder in "editAll" mode (leofeyer)
  • #3047 Update the YouTube options (leofeyer)
  • #3158 Undeprecate the "importUser" hook (bytehead)
  • #3125 Check if tstamp exists before hiding unsaved elements (aschempp)
  • #3077 Correctly render showColumns in the picker widget (aschempp)
  • #2958 Fix the tooltips in the JavaScript wizards (rabauss)
  • #3085 Do not disable search and cache in FAQ and newsletter readers (fritzmg)
  • #3083 Fix the indentation in the news_full template (fritzmg)
  • #3078 Purge log and undo tables via cron (Toflar)
  • #3067 Lazy-load the rootFallbackLanguage property (aschempp)

4.9.16 (2021-06-23)

Security fixes:

  • Prevent XSS in the system log (ausi)

Fixed issues:

  • #3112 Use "anon." as username if authentication fails (leofeyer)

4.9.15 (2021-06-08)

New features:

Fixed issues:

4.9.14 (2021-05-11)

Fixed issues:

  • #2996 Correctly strip the root path in the FilesModel and Dbafs classes (leofeyer)
  • #2930 Add template properties to fragment proxy (aschempp)
  • #2971 Do not render an empty custom navigation (patrickjDE)
  • #2946 Fix the page context when generating RSS feeds (fritzmg)
  • #2935 Fix the PageModel registry state (ausi)
  • #2977 Fix external news targets not opening in a new window (fritzmg)
  • #2989 Fix the favicon.ico route (fritzmg)
  • #2967 Use the date formats from the page context for insert tags (fritzmg)
  • #2894 Fix a normalize whitespace error in the DomCrawler (fritzmg)
  • #2811 Add width/height attributes to the picture source (ausi)
  • #2979 Fix a regression in the limit menu compilation (bezin)
  • #2973 Backport the autocomplete changes (leofeyer)
  • #2954 Do not start the session to check if a property exists (aschempp)
  • #2957 Show zero values in the list view and DCA filters (fritzmg)
  • #2878 Support "submitOnChange" in the FileTree widget (AlexejKossmann)
  • #2965 Reset the bundle loader on kernel shutdown (aschempp)
  • #2956 Show the values of unknown options (cliffparnitzky)
  • #2948 Fix array to string conversion in the picker (ausi)
  • #2945 Add the --migrations-only option to the migrate command (ausi)
  • #2942 Do not count to check if there is a language file (aschempp)
  • #2941 Remove the system log entry for 'no root page found' (fritzmg)
  • #2933 Compile the limit menu after all other filter panels (bezin)
  • #2906 Fix label callback for tree view in picker widget (rabauss)
  • #2926 Use CSS to add the main headline separators (leofeyer)
  • #2929 Fix compatibility with doctrine/dbal 2.13 (ausi)
  • #2914 Reset invalid important part values in the version 4.8.0 migration (ausi)
  • #2913 Fix the "runContextLength" migration when the previous migration has failed (fritzmg)

4.9.13 (2021-03-24)

Fixed issues:

  • #2905 Fix service tagging for url_callback + title_tag_callback (rabauss)
  • #2901 Respect _target_path on logout if set (bytehead)
  • #2884 Fix the version 4.8.0 migration (ausi)
  • #2899 Fix error when using return => Array for models (fritzmg)
  • #2893 Fix an "undefined index: filesize" error in the indexer (fritzmg)
  • #2883 Return a 404 status code if an image file does not exist (ausi)
  • #2887 Add the Cookiebot Cookie Consent cookie to the cookie deny list (MarkejN)
  • #2885 Remove a redundant strip cookie regex (leofeyer)
  • #2877 Fix the UNIX_TIMESTAMP function in MySQL 8 (leofeyer)
  • #2875 Fix two CSS issues in the back end (leofeyer)
  • #2876 Adjust the Google Analytics strip cookie regex (leofeyer)
  • #2762 Fix loading database.sql files in the DcaExtractor (m-vo)
  • #2780 Handle session being null in System::getReferer (m-vo)
  • #2864 Use the image template everywhere (fritzmg)
  • #2861 Fix table content element not showing zeros (fritzmg)
  • #2854 Respect the label field order in the picker (bezin)
  • #2837 Use eval.context in the picker if set (ausi)
  • #2836 Initialize the Contao framework in the Version480Update class (leofeyer)
  • #2838 Adjust the description of the YouTube "rel" option (leofeyer)
  • #2827 Fix generating error pages by name (aschempp)
  • #2829 Start the session to check for a user token (aschempp)
  • #2815 Do not tag contao.db.tl_module. in articles (m-vo)
  • #2831 Always sort root pages by language first (aschempp)
  • #2674 Handle image URLs with a {{file::*}} insert tag in the lightbox (fritzmg)
  • #2799 Include table views in the listing module drop-down menu (fritzmg)
  • #2689 Follow redirects in the failure method of the Request.Contao class (leofeyer)
  • #2735 Handle non-regex values in the search filter (ausi)
  • #2777 Ignore empty authorization headers in the MakeResponsePrivateListener (ausi)
  • #2800 Fix the json+ld schema extraction (Toflar)
  • #2819 Sort root page routes after other page routes (aschempp)
  • #2779 Allow 0 as default value for range sliders (fritzmg)

4.9.12 (2021-02-16)

Fixed issues:

  • #2754 Fix the line-height of the main headline (leofeyer)
  • #2755 Remove an unnecessary loadLanguageFile() call (leofeyer)
  • #1909 Correctly handle custom default templates of fragments (fritzmg)
  • #2721 Ignore custom templates in the back end (fritzmg)
  • #2717 Use the chained router to find root pages (aschempp)
  • #2747 Do not query for PIDs when building the breadcrumb of a File data container (ausi)
  • #2737 Use the internal page title for the search index (Toflar)
  • #2497 Re-use the tl_member.password field in ModuleCloseAccount (bennyborn)
  • #2688 Fix a BC break in the AbstractFragmentController (leofeyer)
  • #2683 Adjust the scheb/2fa-bundle integration (bytehead)
  • #2685 Use the request attribute to determine preview mode (aschempp)

4.9.11 (2021-01-21)

Fixed issues:

4.9.10 (2020-12-10)

Fixed issues:

4.9.9 (2020-10-20)

Fixed issues:

4.9.8 (2020-10-07)

Fixed issues:

  • #2403 Resolve private services in the ContaoCoreExtensionTest class (leofeyer)
  • #2399 Remove the last username from the session after use (ausi)
  • #2363 Reset the KEY_BLOCK_SIZE when migrating the MySQL engine and row format (aschempp)
  • #2388 Ignore the logout URL if no user is present (fritzmg)
  • #2376 Add a title tag callback to the SERP preview (leofeyer)
  • #2361 Prevent using page aliases that could be page IDs (leofeyer)
  • #2380 Fix the popup button padding (leofeyer)
  • #2373 Use $this->imageHref in the image.html5 template (leofeyer)
  • #2339 Optimize the check for inlined services (aschempp)
  • #2366 Harden non-normalized file extension comparisons in the LegacyResizer (m-vo)
  • #2369 Correctly check for numeric page IDs (aschempp)
  • #2351 Override the size variable for the ce_player template (fritzmg)
  • #2362 Correctly handle IDNA hostnames in the root page (leofeyer)
  • #2345 Support legacy console scripts in the initialize.php (aschempp)

4.9.7 (2020-09-25)

Fixed issues:

4.9.6 (2020-09-24)

Security fixes:

  • Prevent insert tag injection in forms (ausi)

New features:

Fixed issues:

  • #2313 Fix the resize options priority in the PictureFactory class (m-vo)
  • #2320 Do not prolong unconfirmed opt-in tokens (leofeyer)
  • #2300 Do not use the default player size (fritzmg)
  • #2290 Fix warnings and deprecations when running unit tests (ausi)
  • #2294 Stop using == '' with regard to PHP 8 (leofeyer)
  • #2252 Do not change the CSRF token cookie if the response is not successful (fritzmg)
  • #2281 Update dependecies for PHP 8.0 compatibility (ausi)
  • #2264 Do not try to index a page if the search indexer is disabled (aschempp)
  • #2260 Do not use floorToMinute() in the PageModel::loadDetails() method (leofeyer)
  • #2257 Only use floorToMinute() in DB queries (leofeyer)
  • #2249 Return early in the Search::indexPage() method if nothing has changed (leofeyer)
  • #2248 Fix a type error in the back end menu listener (leofeyer)
  • #2244 Do not log 503 exceptions (fritzmg)
  • #2221 Use a temporary status code to redirect to the language root (leofeyer)
  • #2220 Simplify the tl_content header fields (leofeyer)
  • #2219 Only update the comment notification URL in the front end (leofeyer)
  • #2206 Use the scope matcher if an element renders differently in BE and FE (leofeyer)
  • #2204 Only check the request token for master requests (fritzmg)
  • #2208 Always load DotEnv files if they exist (leofeyer)
  • #2200 Load the default labels in the loadDcaFiles() method (fritzmg)
  • #2182 Catch exceptions to prevent the resize images command from failing (ausi)
  • #2181 Add the assets URL to non-combined files (ausi)
  • #2155 Support captcha input wrapped in DIV (aschempp)
  • #2153 Use the class name as cache key in System::import() (leofeyer)
  • #2120 Support multiple fragments on the same controller (aschempp)
  • #2150 Fix the checkbox height on mobile devices (leofeyer)

4.9.5 (2020-08-10)

Fixed issues:

  • #2139 Also invalidate the ptable cache tags in the DC_Table class (leofeyer)
  • #2103 $this->ptable not available in the DataContainer class (leofeyer)
  • #2122 Remove the Contao-Merge-Cache-Control header in the master request (leofeyer)
  • #2121 Correctly show the default text form field template (leofeyer)
  • #2118 Make cookies secure if the request is secure (leofeyer)
  • #2115 Do not add empty CSS classes to the template (fritzmg)
  • #2097 Use HTTP status code 303 instead of 307 for redirects (leofeyer)
  • #2028 Allow new major versions of two third-party packages (leofeyer)
  • #2074 Fix the order of the CSRF and the private response listener (ausi)
  • #2091 Check if the username has been submitted in the registration module (leofeyer)
  • #2087 Show the picker menu even if there is only one tab (leofeyer)
  • #2088 Increase the z-index of the top menu overlay (leofeyer)
  • #2086 Also indicate default templates in the custom template menu (leofeyer)
  • #2089 Use the input event instead of the keyup event in the preview toolbar (m-vo)
  • #2083 Update the Matomo tracking code (leofeyer)
  • #2085 Fix the tl_user_group.stop help text (leofeyer)
  • #2081 Correctly generate the news/events preview URL in multi-domain mode (leofeyer)
  • #2077 Correctly show the front end preview bar for non-admin users (leofeyer)
  • #2078 Always render the "go to front end" link without preview fragment (leofeyer)
  • #2050 Harden the table options lookup in the Installer class (m-vo)
  • #2066 Correctly handle empty manager config files (aschempp)
  • #619 Fix a potential error if the URL has a percentage in it (qzminski, aschempp)
  • #2055 Change the JSON-LD type "RegularPage" to "Page" (ausi)
  • #2057 Set the singleSRC flag for the Youtube/Vimeo splash screen (m-vo)
  • #2056 Use expectExceptionMessage() for non-deprecations (ausi)
  • #1486 Fix a memory leak in the resize images command (ausi)
  • #2040 Remove redundant comments (Toflar)
  • #2039 Add the missing cache invalidations (Toflar)
  • #2032 Do not reorder existing DROP INDEX queries to the end (ausi)
  • #1982 Add debugging information to the MakeResponsePrivateListener (Toflar)
  • #2007 Require at least jQuery 3.5 (leofeyer)
  • #2005 Fix the textarea height (leofeyer)
  • #1991 Fix warning in SearchIndexSubscriberTest (fritzmg)
  • #1988 Update terminal42/service-annotation-bundle (aschempp)
  • #1978 Reset the preview toolbar styles (aschempp)
  • #1966 Do not run migration if tl_image_size table is missing (aschempp)
  • #1967 Allow ResourceFinder in autowiring (aschempp)
  • #1952 Add the missing ContentModel annotations (fritzmg)
  • #1950 Remove two left-over requirements (leofeyer)
  • #1943 Revert 'Remove symfony/monolog-bundle dependency from functional tests' (leofeyer)
  • #1942 Fix a wrong return value in the back end locale listener test (leofeyer)
  • #1932 Improve the error message for unsupported image formats (ausi)

4.9.4 (2020-07-09)

Fixed issues:

  • #1920 Fix the toggle visibility checks (leofeyer)
  • #1894 Revert the $rootDir changes in the ContaoModuleBundle class (leofeyer)
  • #1919 Revert the alphabetical sorting of the back end menu (leofeyer)
  • #1903 Load the security bundle after the framework bundle (baumannsven)
  • #1667 Add SCSS source maps in debug mode (denniserdmann)
  • #1914 Remove the symfony/monolog-bundle dependency from functional tests (bytehead)
  • #1908 Rename Piwik to Matomo and updated the tracking code (rabauss)
  • #1865 Store the crawl logs in a unique subfolder per installation (bohnmedia)
  • #1892 Fix the visibility of the EnvironmentTest::$projectDir property (leofeyer)
  • #1891 Rename all occurrences of rootDir to projectDir (aschempp)
  • #1754 Allow forcing a password change upon login in the contao:user:password command (m-vo)
  • #1762 Remove the redirect status type from 401 and 403 pages (fritzmg)
  • #1871 Reduce the file queries by preloading image models (Toflar)
  • #1883 Enable framework.assets by default in Managed Edition (fritzmg)
  • #1880 Let the user disable 2FA if it is enforced (bytehead)
  • #1886 Increase the margin for TinyMCE fields (fritzmg)
  • #1879 Fix the back end layout yet again (fritzmg)
  • #1877 Fix the widget headline and help wizard alignment (leofeyer)
  • #1875 Fix the search field height in the back end (leofeyer)
  • #1844 Lazy-load commands (aschempp)
  • #1823 Fix back end layout problems in various browsers (fritzmg)
  • #1815 Show error 500 for unsupported image types (ausi)
  • #1843 Added Tideways profiler cookie to the cookie deny list (Toflar)
  • #1840 Improve the legacy class import performance (Toflar)
  • #1839 Improve the performance of the file manager (Toflar)
  • #1828 Correctly fix the mailer transport (fritzmg)
  • #1827 Add compatibility with imagine-svg 1.0 (ausi)
  • #1817 Ignore minlength/maxlength/minval/maxval in hidden fields (qzminski)
  • #1763 Add the Osano Cookie Consent cookie to the cookie deny list (Mynyx)
  • #1771 Replace "visitors" with "members" in the 2FA explanation (Mynyx)
  • #1774 Fix addImageToTemplate with fullsize (fritzmg)
  • #1788 Fix Escargot 0.6 compat and skip broken link checker (Toflar)
  • #1583 Hide the crawler in maintenance mode (leofeyer)
  • #1776 Correctly redirect to the preferred language if there is no index alias (aschempp)
  • #1790 Ignore the Litespeed HTTP2 Smart Push cookie (Toflar)
  • #1761 Use the createResult() method in CeAccessMigration (fritzmg)

4.9.3 (2020-05-14)

Fixed issues:

  • #1745 Replace ocramius/package-versions with composer/package-versions-deprecated (leofeyer)
  • #1742 Fix notices for empty database result sets (ausi)
  • #1743 Correctly check for duplicate input parameters (aschempp)
  • #1740 Rename "security question" to "spam protection" (leofeyer)
  • #1699 Ignore minval/maxval in checkbox/radio/select fields (aschempp)
  • #1738 Re-add the page ID to the JSON-LD context (leofeyer)
  • #1729 Always show the default template in the drop-down menu (leofeyer)
  • #1701 Improve the deprecation message of the AbstractLockedCommand (Blog404DE)
  • #1733 Fix the indentation in the event_list.html5 template (leofeyer)
  • #1732 Redirect if a news/event has an external target and is called via the default URL (leofeyer)
  • #1727 Move the metadata fields back up in the news/events module (leofeyer)
  • #1715 Re-add the redirect in the BackendUser::authenticate() method (leofeyer)
  • #1712 Remove the broken storeFrontendReferer() method (leofeyer)
  • #1711 Fix fixed position of toolbar elements (fritzmg)
  • #1651 Execute schema diff queries in the correct order (ausi)
  • #1694 Handle invalid language codes in the meta wizard (leofeyer)
  • #1692 Skip the preview redirect if the preview script is not set (leofeyer)
  • #1691 Add the translation domain in the installation controller (leofeyer)
  • #1625 Fix the wrong CSRF token storage being wired (Toflar)
  • #1628 Adjust the FrontendController::checkCookiesAction() comment (Mynyx)
  • #1638 Correctly check if the search panel is active (dmolineus)
  • #1658 Add the Contao Manager cookie to the cookie deny list (Mynyx)
  • #1663 Fix the playerAspect default value (fritzmg)
  • #1668 Fix running the broken link checker (richardhj)
  • #1670 Fix the search indexer page detection (qzminski)
  • #1673 Do not update the search index if contao itself is crawling (Toflar)
  • #1642 Fix the tl_maintenance_jobs.crawl_queue explanation (Mynyx)
  • #1640 Return the request argument if it has the correct type (aschempp)
  • #1634 Verify TOTP with a window of 1 for better UX (Toflar)
  • #1623 Also add z-index to the .cto-toolbar__open element (leofeyer)
  • #1590 Change how to count records in RobotsTxtListener (fritzmg)

4.9.2 (2020-04-02)

Fixed issues:

  • #1615 Add additional Google Analytics cookies to the cookie deny list (Mynyx)
  • #1614 Fix a comment in the MakeResponsePrivateListener class (Mynyx)
  • #1613 Fix the Contao toolbar labels (leofeyer)
  • #1612 Ensure that the login icons are always visible in Firefox (leofeyer)
  • #1608 Increase the split button breakpoint (leofeyer)
  • #1600 Correctly filter subscriber specific crawl logs (Toflar)
  • #1599 Fixed broken URIs not being reported as error in search index subscriber (Toflar)
  • #1598 Hide the metadata fields if a news/event points to an external source (leofeyer)
  • #1549 Dynamically configure the TokenChecker service (bytehead)
  • #1592 Fix the picker in the meta wizard (leofeyer)
  • #1596 Handle the "toggle nodes" command in the main back end method (leofeyer)
  • #1597 Correctly check whether a group is allowed to import themes (leofeyer)
  • #1542 Keep the sorting of the selected IDs for actions (rabauss)
  • #1595 Use the correct page title on the back end dashboard page (leofeyer)
  • #1593 Re-add the "edit meta" label in the news and calendar bundles (leofeyer)
  • #1591 Show all files in the template editor (leofeyer)
  • #1579 Fix the preview bar alignment (leofeyer)
  • #1586 Correctly check for loaded languages when adding the default labels (leofeyer)
  • #1584 Show "-" if the device family is "Other" (leofeyer)
  • #1582 Remove the default preview bar datalist option (leofeyer)
  • #1581 Disable the "switch user" button if it would impersonate the original user (leofeyer)
  • #1580 Fix the tl_content.listtype DCA definition (leofeyer)
  • #1554 Send the correct content type for SVG favicons (Toflar)
  • #1551 Allow SVG images in favicons (Toflar)
  • #1541 Show label instead of ID in the picker widget (ausi)
  • #1525 Remove string type hint as there can be an array value (bytehead)
  • #1182 Allow clearing the model registry (m-vo)
  • #1534 Port the 'handle URL suffix when redirecting page IDs' changes (leofeyer)
  • #1533 Correctly sort if both root pages are fallback (aschempp)
  • #1532 Fixed some Piwik/Matomo cookie regex (aschempp)
  • #1520 Optimize MSC.twoFactorBackupCodesExplain (Mynyx)
  • #1513 Fix a "toggle element" permission check (rabauss)
  • #1493 Adjust the JSON-LD data in the default indexer test (leofeyer)
  • #1475 Register custom types in functional tests (aschempp)
  • #1437 Translate the "show preview toolbar" title (richardhj)
  • #1457 Use a context prefix in the JSON-LD schema (ausi)
  • #1455 Do not expose the page ID in the JSON-LD context (Toflar)
  • #1450 Use the native font stack in the layout.html.twig template (fritzmg)
  • #1439 Fix missing image sizes with numeric theme names (ausi)
  • #1444 Make sure log messages are in proper CSV format (Toflar)
  • #1445 Retry failed schema diff migrations (ausi)
  • #1453 Fix the input length of the alias fields (aschempp)

4.9.1 (2020-02-27)

Fixed issues:

  • #1423 Revert the document.write() changes (leofeyer)
  • #1420 Handle the "no JSON-LD found" case separately from the "noSearch" case (leofeyer)
  • #1421 Update the composer run documentation in the README.md file (leofeyer)
  • #1411 Skip orphan pages in the route provider (aschempp)
  • #1419 Always append the current URL on redirect (aschempp)
  • #1416 Correctly check if a folder has been renamed (leofeyer)
  • #1417 Fix uploading files into mounted folders for regular users (leofeyer)
  • #1418 Add a better DNS check in the site structure (leofeyer)
  • #1413 Correctly calculate the crawler progress (leofeyer)
  • #1396 Do not show the current URI in the progress bar title when crawling (Toflar)
  • #1385 Warn if the crawler runs without a domain name (Toflar)
  • #1369 Clear the dev cache in the script handler (Toflar)
  • #1370 Make sure the subdirectory in the tmp folder exists (Toflar)
  • #1377 Fix the getAttributesFromDca() type hint (leofeyer)
  • #1376 Adjust the login screen again (leofeyer)
  • #1375 Simulate active state of the debug button in debug mode (leofeyer)
  • #1374 Show the correct help text for the 2FA verification field (leofeyer)
  • #1373 Fix the Ajax visibility toggle in the site structure (leofeyer)
  • #1372 Correctly save new template folders (leofeyer)
  • #1359 Fix the PictureFactoryInterface::create() type hint (bytehead)
  • #1364 Fix the login screen CSS (leofeyer)
  • #1354 Hide the 2FA fields in the back end info modal (bytehead)

4.9.0 (2020-02-18)

Fixed issues:

4.9.0-RC2 (2020-02-11)

Fixed issues:

  • #1292 Revert the "contao_backend_switch" route name change (richardhj)
  • #1293 Update the back end keyboard shortcuts link (leofeyer)
  • #1291 Hide the member widget if searching protected sites is disabled (leofeyer)
  • #1286 Fix the front end preview URLs in the back end (leofeyer)
  • #1267 Fix possible null value in AuthenticationSuccessHandler (bytehead)
  • #1275 Move the PreviewAuthenticationListener to the core-bundle (bytehead)
  • #1257 Allow DCA filter definitions without placeholder values (fritzmg)
  • #1289 Improve the post update/install CLI hint (Toflar)
  • #1282 Correctly publish new folders (leofeyer)
  • #1283 Use wikimedia/less.php instead of oyejorge/less.php (leofeyer)
  • #1284 Add z-index:1 to the paste hint (leofeyer)
  • #1230 Add a "title" attribute to the debug mode menu item (xchs)
  • #1255 Do not use a relative font for the preview bar (leofeyer)
  • #1222 Do not try to register Contao 3 classes as services (aschempp)
  • #1246 Fix possible null value access in BackupCodeManager (bytehead)
  • #1237 Set the DB password to null if empty (leofeyer)
  • #1217 Correctly encode the DATABASE_URL parameter (richardhj)
  • #1232 Add the "url" parameter to the DropZone options (bytehead)
  • #1225 Correctly determine the Ajax URL now that our forms no longer have an action (leofeyer)
  • #1223 Add a crawl queue maintenance job (Toflar)
  • #1221 Set the row format in the default table options (leofeyer)

4.9.0-RC1 (2020-01-18)

New features:

  • #559 Add trusted devices for 2FA (bytehead)
  • #1165 Automatically load services in the src/ directory (aschempp)
  • #1184 Add backup code functionality for 2FA (bytehead, aschempp)
  • #1098 Add a cron service and command with cron expressions (fritzmg)
  • #1180 Use spl_object_id() instead of spl_object_hash() (Toflar)
  • #1178 Rebuild the login process (bytehead, aschempp)
  • #1057 Add a back end maintenance task for the crawler (Toflar)
  • #580 Get pagetree picker url parameters via own method (rabauss)
  • #579 Get filetree picker url parameters via own method (rabauss)
  • #521 Add a range field and support steps in text fields (fritzmg)
  • #1154 Get universal picker url parameters via own method (rabauss)
  • #989 Rework the front end preview (richardhj)
  • #709 Add a migrations command (ausi)
  • #581 Compile navigation row via own method (rabauss)
  • #860 Use the Knp menu for the back end header menu (leofeyer)
  • #1068 Implement a broken link checker (Toflar)
  • #1132 Turn event listeners with more than one method into to subscribers (leofeyer)
  • #705 Allow to limit the content element and form field types (leofeyer)
  • #1121 Pass the module model to the navigation templates (leofeyer)
  • #1125 Simplify the event registration (leofeyer)
  • #1129 Update the node modules and run the Gulp task (leofeyer)
  • #1122 Add the WEBP icon to the mimetypes mapper (leofeyer)
  • #1123 Do not strip forms in the ModuleArticle::generatePdf() method (leofeyer)
  • #1124 Rename "account settings" to "group settings" for groups (leofeyer)
  • #1115 Test the service arguments more accurately (leofeyer)
  • #1101 Refactor the back end main menu, so it becomes a regular Knp menu (leofeyer)
  • #714 Add a universal table picker (aschempp)
  • #1085 Add support for the new bundle structure (aschempp)
  • #1078 Correctly reset the necessary services (aschempp)
  • #1094 Upgrade to PHPStan 0.12 (leofeyer)
  • #1080 Replace Guzzle with Symfony's HttpClient (Toflar)
  • #1086 Ignore the .github folder when installing from dist (leofeyer)
  • #718 Use the cache strategy to merge fragment caching into the main page (aschempp)
  • #1063 Add support for invokable listeners and method validation (aschempp)
  • #603 Add an abstract controller for common service tasks (aschempp)
  • #1055 Hide the metadata field when editing folders (leofeyer)
  • #1045 Add @internal to what is not covered by our BC promise (leofeyer)
  • #1053 Do not add the X-Forwarded-Host in Environment::url() anymore (leofeyer)
  • #1058 Do not use Chosen in the meta wizard anymore (leofeyer)
  • #1056 Cleanup the SubscriberResult class (Toflar)
  • #1052 Add referrerpolicy="no-referrer" when loading assets via CDN (leofeyer)
  • #954 Set the "accept" attribute in the upload form field (bohnmedia)
  • #985 Implement the contao:crawl command (Toflar)
  • #852 Add a command to debug fragments (aschempp)
  • #1034 Allow to configure the HttpCache trace level using an environment variable (Toflar)
  • #1039 Use the object type instead of @param object now that we have PHP 7.2 (leofeyer)
  • #1027 Automatically upgrade new password hashes (Toflar)
  • #983 Support configuring the SearchIndexListener behaviour (Toflar)
  • #621 Add a command to debug manager plugins (aschempp)
  • #1012 Update to Symfony 4.4 (leofeyer)
  • #990 Explicitly enable the required PHP extensions (leofeyer)
  • #976 Replace the ./run script with Composer (leofeyer)
  • #968 Adjust the help text of the start/stop fields (leofeyer)
  • #840 Use the default template path (m-vo)
  • #955 Do not require league/uri anymore (leofeyer)
  • #639 Fix model relations when using entities (Tastaturberuf)
  • #946 Stop using the deprecated Doctrine DBAL methods (leofeyer)
  • #948 Remove the app folder if there are no more files in it (leofeyer)
  • #887 Clear invalid URLs using the new search indexer abstraction (Toflar)
  • #945 Remove tests that are now always skipped (leofeyer)
  • #943 Update to PHP 7.2, PHPUnit 8 and Doctrine DBAL 2.10 (leofeyer)
  • #810 Automatically load the services.yml file if it exists (leofeyer)
  • #730 Implement a search indexer abstraction (Toflar)
  • #604 Pass the mime type to the download element links (Toflar)
  • #672 Optimize DBAFS file sync (m-vo)
  • #768 Support using env(DATABASE_URL) (leofeyer)
  • #762 Do not install the tests with "prefer-dist" (leofeyer)
  • #776 Simplify registering custom fragment types (aschempp)
  • #717 Dynamically add robots.txt and favicon.ico per root page (Toflar)
  • #703 Add support for lazy loading images (ausi)

Fixed issues: