Skip to content

@zerocrates zerocrates released this Apr 6, 2021 · 124 commits to develop since this release

Bugs Fixed

  • The "body" for some browse views was not correctly escaped
  • The URL data type allowed javascript: URLs which could lead to XSS issues in some browsers (#1688)
  • The public cross-site search results pages did not correctly escape the user's query, leading to an XSS issue (#1698)
  • An error occurred when deleting individual site pages, and their entries in the fulltext search index were not properly removed (#1662)
  • Batch edits involving resource templates could fail when run in-process rather than in the background (#1690)
  • Public cross-site search results for item sets caused an error
  • Linked resource counts incorrectly included private non-visible resources
  • Some errors and exceptions were not included in logs (#1657)
  • Some labels were not translated when displaying linked resources
  • The "no resources" label displayed incorrectly in some admin sidebars
  • The "Add Site" button on the admin dashboard could improperly be visible for users who did not have permission to add sites (#1680)
  • The id API parameter was not correctly supported in the REST API (#1667, contributed by @Daniel-KM)
  • The proc_open CLI execution strategy could generate a warning by unncecessarily trying to read from the subprocess stdin
  • The default from option for emails in configuration was not correctly checked (#1685)

Changes

  • Value types and languages are now matched case-insensitively by the value() function, matching the behaviors of database queries and the spec for language codes (#1672, #1684, contributed by @Daniel-KM)
  • The gulp scripts are updated to stick to Composer 1, which is necessary for compatibility for the current dependencies (#1659)
  • OEmbed now supports the non-standard "text/json+oembed" media type (#1670, contributed by @Avnerus)
  • The installer now checks up-front for PHP JSON support, leading to better error reporting when it's missing

Internationalization

  • New translations for Bulgarian, Croatian, and Romanian
  • Updated translations for Catalan, Czech, German, Estonian, Italian, Lithuanian, Mongolian, Chinese (Taiwan)
Assets 3