v2.1.0 updated developer fields, fixed license, fixed cspheadermiddleware

composer.lock

@@ -1582,16 +1582,16 @@
         },
         {
             "name": "symfony/event-dispatcher",
-            "version": "v5.4.26",
+            "version": "v5.4.34",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/event-dispatcher.git",
-                "reference": "5dcc00e03413f05c1e7900090927bb7247cb0aac"
+                "reference": "e3bca343efeb613f843c254e7718ef17c9bdf7a3"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/5dcc00e03413f05c1e7900090927bb7247cb0aac",
-                "reference": "5dcc00e03413f05c1e7900090927bb7247cb0aac",
+                "url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/e3bca343efeb613f843c254e7718ef17c9bdf7a3",
+                "reference": "e3bca343efeb613f843c254e7718ef17c9bdf7a3",
                 "shasum": ""
             },
             "require": {
@@ -1647,7 +1647,7 @@
             "description": "Provides tools that allow your application components to communicate with each other by dispatching events and listening to them",
             "homepage": "https://symfony.com",
             "support": {
-                "source": "https://github.com/symfony/event-dispatcher/tree/v5.4.26"
+                "source": "https://github.com/symfony/event-dispatcher/tree/v5.4.34"
             },
             "funding": [
                 {
@@ -1663,7 +1663,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-07-06T06:34:20+00:00"
+            "time": "2023-12-27T21:12:56+00:00"
         },
         {
             "name": "symfony/event-dispatcher-contracts",

system/typemill/Middleware/CspHeadersMiddleware.php

@@ -11,17 +11,17 @@ class CspHeadersMiddleware implements MiddlewareInterface
 {
 	protected $settings;
 
-	protected $cspFromPlugins = false;
+	protected $cspFromPlugins;
 
-	protected $cspFromTheme = false;
+	protected $cspFromTheme;
 
 	public function __construct($settings, $cspFromPlugins, $cspFromTheme)
 	{
 		$this->settings = $settings;
 
-		$this->$cspFromPlugins = $cspFromPlugins;
+		$this->cspFromPlugins = $cspFromPlugins;
 
-		$this->$cspFromTheme = $cspFromTheme;
+		$this->cspFromTheme = $cspFromTheme;
 	}
 	
 	public function process(Request $request, RequestHandler $handler) :response

system/typemill/author/js/vue-license.js

@@ -43,35 +43,6 @@ const app = Vue.createApp({
 									</div>
 								</div>
 							</div>
-<!--
-							<div v-for="(fieldDefinition, fieldname) in formDefinitions">
-								<fieldset class="flex flex-wrap justify-between border-2 border-stone-200 p-4 my-8" v-if="fieldDefinition.type == 'fieldset'">
-									<legend class="text-lg font-medium">{{ fieldDefinition.legend }}</legend>
-									<component v-for="(subfieldDefinition, subfieldname) in fieldDefinition.fields"
-										:key="subfieldname"
-										:is="selectComponent(subfieldDefinition.type)"
-										:errors="errors"
-										:name="subfieldname"
-										:userroles="userroles"
-										:value="formData[subfieldname]" 
-										v-bind="subfieldDefinition">
-									</component>
-								</fieldset>
-								<component v-else
-									:key="fieldname"
-									:is="selectComponent(fieldDefinition.type)"
-									:errors="errors"
-									:name="fieldname"
-									:userroles="userroles"
-									:value="formData[fieldname]" 
-									v-bind="fieldDefinition">
-								</component>
-							</div>
-							<div class="my-5">
-								<div :class="messageClass" class="block w-full h-8 px-3 py-1 my-1 text-white transition duration-100">{{ message }}</div>
-								<input type="submit" @click.prevent="save()" value="save" class="w-full p-3 my-1 bg-stone-700 hover:bg-stone-900 text-white cursor-pointer transition duration-100">
-							</div>
--->
 						</form>
 					</Transition>`,
 	data() {

system/typemill/author/system/license.twig

@@ -17,11 +17,4 @@
 		app.config.globalProperties.$filters = translatefilter;
 		app.mount('#license');
 	</script>
-    <script src="https://cdn.paddle.com/paddle/paddle.js"></script>
-    <script type="text/javascript">
-
-		Paddle.Environment.set('sandbox');
-		Paddle.Setup({ vendor: 10629 });
-
-    </script>
 {% endblock %}

system/typemill/settings/defaults.yaml

@@ -1,4 +1,4 @@
-version: '2.0.3'
+version: '2.1.0'
 title: 'Typemill'
 author: 'Unknown'
 copyright: false

system/typemill/settings/system.yaml

@@ -220,29 +220,34 @@ fieldsetsecurity:
         aftererror: 'Show after first wrong input'
 fieldsetdeveloper:
   type: fieldset
-  legend: Developer
+  legend: "Developer"
   fields:
     displayErrorDetails:
       type: checkbox
-      label: Error reporting
-      checkboxlabel: Display application errors
+      label: "Error reporting"
+      checkboxlabel: "Display application errors"
     twigcache:
       type: checkbox
-      label: Twig cache
-      checkboxlabel: Activate the cache for twig templates
+      label: "Twig cache"
+      checkboxlabel: "Activate the cache for twig templates"
     proxy:
       type: checkbox
-      label: Proxy
-      checkboxlabel: Use x-forwarded-header.
+      label: "Proxy"
+      checkboxlabel: "Use x-forwarded-header"
     trustedproxies:
       type: text
-      label: Trusted IPs for proxies (comma separated)
+      label: "Trusted IPs for proxies (comma separated)"
     headersoff:
       type: checkbox
-      label: Disable Custom Headers
-      checkboxlabel: Disable all custom headers of Typemill and send your own headers instead.
+      label: "Disable Custom Headers"
+      checkboxlabel: "Disable all custom headers of Typemill and send your own headers instead."
     corsdomains:
       type: textarea
-      label: Allowed Domains for API-Access (CORS)
+      label: "Allowed Domains for API-Access (CORS)"
       placeholder: 'https://my-website-that-uses-the-api.org,https://another-website-using-the-api.org'
-      description: Add all domains separated with comma, that should have access to the API. Domains will be added to the cors-header.
+      description: "Add all domains separated with comma, that should have access to the Typemill API. Domains will be added to the cors-header."
+    cspdomains:
+      type: textarea
+      label: "Allowed Domains for Content on Typemill (CSP)"
+      placeholder: 'https://www.google.com,*google.com'
+      description: "Add all domains separated with comma, that you want to integrate on your Typemill website. Domains will be added to the csp-header. Usually done with plugins and themes, but add manually if something is blocked."

system/typemill/system.php

@@ -52,7 +52,7 @@ ini_set('display_startup_errors', 0);
 error_reporting(E_ALL);
 
 /****************************
-* LOAD SETTINGS							*
+* LOAD SETTINGS				*
 ****************************/
 
 $settingsModel = new Settings();
@@ -77,23 +77,6 @@ $uriFactory 						= new UriFactory();
 $uri 								= $uriFactory->createFromGlobals($_SERVER);
 $urlinfo 							= Helpers::urlInfo($uri);
 
-/* PROBLEM WITH URLINFO
-
-* it contains basic authentication like
-
-	["basepath"]=> "/typemill" 
-	["currentpath"]=> "/typemill/api/v1/mainnavi" 
-	["route"]=> "/api/v1/mainnavi" 
-	["scheme"]=>  "http" 
-	["authority"]=>  "trendschau:password@localhost" 
-	["protocol"]=> "http://trendschau:password@localhost" 
-	["baseurl"] => "http://trendschau:password@localhost/typemill" 
-	["currenturl"]=> "http://trendschau:password@localhost/typemill/api/v1/mainnavi" 
-
-* It probably contains wrong scheme when used with proxy
-
-*/
-
 $timer['settings'] = microtime(true);
 
 /****************************