Releases
4.12.0
Compare
Sorry, something went wrong.
No results found
Store Management
The “Share cart…” order element action now generates a secure tokenized URL.
Administration
Added the loadCartUrlExpiry setting, for controlling how long cart load links remain valid (seven days by default).
Extensibility
Added craft\commerce\controllers\CartController::actionCartChallenge().
Added craft\commerce\controllers\CartController::actionCartSent().
Added craft\commerce\controllers\CartController::actionEmailChallenge().
Added craft\commerce\controllers\OrdersController::actionGetLoadCartUrl().
Added craft\commerce\models\Settings::$loadCartUrlExpiry.
Added craft\commerce\services\Carts::getLoadCartUrl().
craft\commerce\elements\Order::getLoadCartUrl() now returns a secure tokenized URL.
System
Cart load URLs are now generated with time-limited security tokens, which are now required when loading carts from non-authenticated requests.
Fixed moderate-severity server-side template injection vulnerability. (# )
PDF download URLs now use the code query param instead of token (#4303 ).
You can’t perform that action at this time.