mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-08-27 18:10:34 +02:00
Code Issues Releases Wiki Activity
8,592 Commits 89 Branches 54 Tags
fe5d5438642b35cc8d78366eeebf18aab6ba70c7
Commit Graph

8592 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniël Klabbers
c443aa09e3 fixed tests on master, missing views directory and suppressing notices from tempnam when storing files in tmp 2019-06-24 13:00:36 +02:00
Daniël Klabbers
cbd57be8f1 Merge branch 'master' into advisory-fix-1 2019-06-24 12:53:37 +02:00
Daniël Klabbers
c15e270c01 changelog and constraint for beta 9 2019-06-24 12:45:11 +02:00
Daniël Klabbers
6afd9d4a79 changelog and constraint for beta 9 2019-06-24 12:44:10 +02:00
Daniël Klabbers
79e1f7c051 changelog and constraint for beta 8.1 2019-06-24 12:07:38 +02:00
Daniël Klabbers
3714d7a8ab update constraint 2019-06-24 12:05:54 +02:00
Daniël Klabbers
2224da8aa4 update constraint 2019-06-24 12:04:40 +02:00
Daniël Klabbers
aa7f367cb3 update constraint 2019-06-24 12:04:33 +02:00
Daniël Klabbers
9c7cbcef36 update constraint 2019-06-24 12:04:24 +02:00
Daniël Klabbers
72ca5e9978 update constraint 2019-06-24 12:04:17 +02:00
Daniël Klabbers
e0bbb67081 update constraint 2019-06-24 12:03:49 +02:00
Daniël Klabbers
b3ca59615b update constraint 2019-06-24 12:02:29 +02:00
Daniël Klabbers
a1c00ee5de update constraint 2019-06-24 12:01:37 +02:00
Daniël Klabbers
f21b062b3d update constraint 2019-06-24 12:01:04 +02:00
Daniël Klabbers
f346f6558f changelog for 0.1.0-beta.9 2019-06-24 11:58:48 +02:00
Daniël Klabbers
f87e1ff3fb changelog for 0.1.0-beta.9 2019-06-24 11:56:50 +02:00
Daniël Klabbers
664ed52373 changelog for 0.1.0-beta.9 2019-06-24 11:52:02 +02:00
Daniël Klabbers
93a6163f48 changelog for 0.1.0-beta.9, with the correct link 2019-06-24 11:50:45 +02:00
Daniël Klabbers
b39c439c73 changelog for 0.1.0-beta.9 2019-06-24 11:50:21 +02:00
Daniël Klabbers
7402c46b6f changelog for 0.1.0-beta.9 2019-06-24 11:46:55 +02:00
Daniël Klabbers
e6fe134b0e changelog for 0.1.0-beta.9 2019-06-24 11:33:08 +02:00
Daniël Klabbers
4b7b8a8fa4 changelog for 0.1.0-beta.9 2019-06-24 11:26:45 +02:00
Daniël Klabbers
b787ce43ad changelog for 0.1.0-beta.9, with the correct link 2019-06-24 11:25:19 +02:00
Daniël Klabbers
7d4304d620 changelog for 0.1.0-beta.9 2019-06-24 11:25:04 +02:00
Daniël Klabbers
6b8fc76283 changelog for 0.1.0-beta.9 2019-06-24 11:23:29 +02:00
flarum-bot
04e82ffb5b Bundled output for commit 8a193d7c86 [skip ci] 2019-06-24 09:19:09 +00:00
Daniël Klabbers
9b81aef5f0 added labels for tags, by re-using those in the permisssion groups 2019-06-24 11:18:19 +02:00
Daniël Klabbers
8a193d7c86 updated changelog 2019-06-24 11:17:42 +02:00
Daniël Klabbers
b895659556 Updated edit tag modal to use appropriate lang-english keys 2019-06-24 11:17:30 +02:00
Daniël Klabbers
85158dc34f Merge pull request #58 from datitisev/1232-tag-exclusion-subscription 
Do not hide tags from Following (subscriptions)
 2019-06-24 11:06:30 +02:00
flarum-bot
a446082da7 Bundled output for commit bb2f691e75 [skip ci] 2019-06-24 09:02:40 +00:00
Daniël Klabbers
bb2f691e75 Merge pull request #60 from NomisCZ/master 
Add custom icon functionality
 2019-06-24 11:01:25 +02:00
Daniël Klabbers
1a5eea0ba3 Merge pull request #118 from fvlasie/master 
Improved style of English
 2019-06-24 10:53:10 +02:00
Daniël Klabbers
de5ab3a436 Merge branch 'master' of github.com:flarum/core 2019-06-24 10:49:39 +02:00
Daniël Klabbers
96bf238aea removed link to home, go back, which is always the case with csrf token invalidation 2019-06-24 10:49:31 +02:00
Daniël Klabbers
686bbdbb8a added strings for the 419 csrf token timeout 2019-06-24 09:39:26 +02:00
Daniël Klabbers
c935f8c74d Apply fixes from StyleCI (#1800) 
[ci skip] [skip ci]
 2019-06-24 09:15:15 +02:00
Franz Liedke
a65074d01b Merge pull request from GHSA-3wjh-93gr-chh6 
* Integration tests: Memoize request handler as well

This is useful to send HTTP requests (or their PSR-7 equivalents)
through the entire application's middleware stack (instead of
talking to specific controllers, which should be considered
implementation detail).

* Add tests for CSRF token check

* Integration tests: Configure vendor path

Now that this is possible, make the easy change...

* Implement middleware for CSRF token verification

This fixes a rather large oversight in Flarum's codebase, which was that
we had no explicit CSRF protection using the traditional token approach.

The JS frontend was actually sending these tokens, but the backend did
not require them.

* Accept CSRF token in request body as well

* Refactor tests to shorten HTTP requests

Multiple tests now provide JSON request bodies, and others copy cookies
from previous responses, so let's provide convenient helpers for these.

* Fixed issue with tmp/storage/views not existing, this caused tmpname to notice.
Fixed csrf test that assumed an access token allows application access, which is actually api token.
Improved return type hinting in the StartSession middleware

* Using a different setting key now, so that it won't break tests whenever you re-run them once smtp is set.
Fixed, badly, the test to create users etc caused by the prepareDatabase flushing all settings by default.

* added custom view, now needs translation
 2019-06-24 09:14:38 +02:00
Daniël Klabbers
f49564b548 added custom view, now needs translation 2019-06-22 19:40:20 +02:00
Daniël Klabbers
304e36ca22 Using a different setting key now, so that it won't break tests whenever you re-run them once smtp is set. 
Fixed, badly, the test to create users etc caused by the prepareDatabase flushing all settings by default.
 2019-06-18 17:45:29 +02:00
Daniël Klabbers
b69b24eea6 Fixed issue with tmp/storage/views not existing, this caused tmpname to notice. 
Fixed csrf test that assumed an access token allows application access, which is actually api token.
Improved return type hinting in the StartSession middleware
 2019-06-18 17:22:23 +02:00
Daniël Klabbers
6fe9ea3dee Update CHANGELOG.md 
clarifying reason for change on the `like` fix
 2019-06-13 09:13:31 +02:00
Franz Liedke
49b71511d3 Apply fixes from StyleCI 2019-06-12 23:33:41 +00:00
Franz Liedke
a1c18b4e0f Update changelog 2019-06-13 01:32:33 +02:00
Franz Liedke
0e0159c397 Update changelog 2019-06-13 01:32:20 +02:00
Franz Liedke
6d9dd5b59e Add changelog 2019-06-13 01:32:12 +02:00
Franz Liedke
2f270c7c73 Update changelog 2019-06-13 01:32:03 +02:00
Franz Liedke
5a16992398 Update changelog 2019-06-13 01:03:39 +02:00
Franz Liedke
953cae0de1 Refactor tests to shorten HTTP requests 
Multiple tests now provide JSON request bodies, and others copy cookies
from previous responses, so let's provide convenient helpers for these.
 2019-06-13 00:13:59 +02:00
Franz Liedke
3899cd8487 Accept CSRF token in request body as well 2019-06-13 00:13:58 +02:00