- 08 Sep, 2020 1 commit
-
-
Benni Mack authored
Change-Id: If694e01dae5c4a40d4474d8b38a878229dd35cfb Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65632 Tested-by:
Benni Mack <benni@typo3.org> Reviewed-by:
-
- 07 Sep, 2020 6 commits
-
-
Resolves: #91809 Releases: 9.5 Change-Id: Ic05671bbf1806ea293545e62a3cf71dc93ea5ca0 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65621 Tested-by:
Andreas Fernandez <a.fernandez@scripting-base.de> Tested-by:
TYPO3com <noreply@typo3.com> Tested-by:
Oliver Hader <oliver.hader@typo3.org> Reviewed-by:
-
Resolves: #92218 Releases: 9.5 Change-Id: I5de91f1bf6390608702466def10f13e1a0dd6ad5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65620 Tested-by:
Björn Jacob <bjoern.jacob@tritum.de> Tested-by:
Richard Haeser <richard@richardhaeser.com> Reviewed-by:
-
New `SecurityUtility. getRandomHexValue(20)` returns 20 hexadecimal characters provided by the Web Crypto API. see https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API Resolves: #91809 Releases: master, 10.4, 9.5 Change-Id: Iaee1c7641b34e1316fccd069808c519d1c3ba2ab Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65616 Tested-by:
-
Pages that are deleted or moved in the current workspace are shown correctly in the page tree now, especially when fetching pages only on a specific level or when filtering. Resolves: #92041 Resolves: #92057 Resolves: #92096 Resolves: #91652 Releases: master, 10.4, 9.5 Change-Id: Iaf966b7e85ba9b5c5771033db943e5a426de54e7 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65553 Tested-by:
-
Helmut Hummel authored
For building URIs using the Symfony routing, array URL arguments are deflated (foo[bar] -> foo__bar). In case the final URI contains a remaining query string, the arguments get inflated again. However the query string of the URI is currently only updated, when at least one of the remaining arguments require a cHash. In case remaining arguments exist, the query string needs to be always updated, whether the URI requires a cHash or not. Resolves: #92183 Releases: master, 10.4, 9.5 Change-Id: I1966b4b1e8e09716733b3357922cf857543c14e4 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65596 Tested-by:
Helmut Hummel <typo3@helhum.io> Reviewed-by:
-
Helmut Hummel authored
In http://review.typo3.org/11011 a plain DB call that fetched the storage record was replaced with usage of StorageRepository::findByUid, which in turn calls ResourceFactory::getStorageObject again. This leads to all events also called twice. To avoid this a new internal method is introduced on StorageRepository, which only fetches the storage row again. Resolves: #92201 Releases: master, 10.4, 9.5 Change-Id: Ibce6e8d9a0b5ce7abb0f86d80ac42a1a86d47e35 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65613 Tested-by:
-
- 05 Sep, 2020 1 commit
-
-
Christian Kuhn authored
CSV fixture files are a straight way to feed test database with stuff and to assert database state after operations. Script Build/Scripts/checkIntegrityCsvFixtures.php tests those files for integrity, making sure all lines have the same number of columns. Maintaining the number of commas when fiddling with functional tests however is annoying. The patch adds options to checkIntegrityCsvFixtures.php: * '--fix' simply fixes files with broken integrity * '--fixAll' goes through all files and looks for details like superfluous comma. While --fixAll is used once now to establish a good baseline on all .csv fixtutre files, --fix can be used whenever the integrity script mumbles about broken stuff: Build/Scripts/checkIntegrityCsvFixtures.php --fix It is also added to runTests.sh: Build/Scripts/runTests.sh -s fixCsvFixtures Change-Id: Idee2a97094f56d059b02f801ffecb50a7ce21a5c Resolves: #92207 Releases: master, 10.4, 9.5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65589 Tested-by:
Christian Kuhn <lolli@schwarzbu.ch> Reviewed-by:
-
- 03 Sep, 2020 2 commits
-
-
With this patch, the path resolving for certain assets is now completely handled by PageRenderer by using the EXT: prefix. Resolves: #91365 Releases: master, 10.4, 9.5 Change-Id: Ia23650244f70f5e4cdf8d953bfcb2f0fcf01ef6a Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65560 Tested-by:
-
Helmut Hummel authored
The point of repeatable update wizards is that they are not marked executed and thus always checked for possible updates. They therefore must not be marked executed during installation. Resolves: #91211 Releases: master, 9.5 Change-Id: Ic4e98b95711433705f77899d664cc7cf2c7a42ba Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/64565 Tested-by:
Daniel Goerz <daniel.goerz@posteo.de> Reviewed-by:
-
- 02 Sep, 2020 1 commit
-
-
As it's highly discouraged to check for global constants in ext_localconf.php due to limited caching the example code is updated to not propose this check anymore. Resolves: #90974 Releases: master, 10.4, 9.5 Change-Id: I32e9d39d9a5a975986fd009ccf60a0fcf1a8fed0 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65532 Tested-by:
-
- 31 Aug, 2020 1 commit
-
-
Issue #69135 fixed issue #60249, but introduced an invalid call to `BackendUtility::selectVersionsOfRecord`. The scope was to handle all versions in all workspaces (`$workspace=null`). As a result, without patch, command 'cleanup:versions' reports too many unused placeholder rows and the action command 'cleanup:versions --action=unused_placeholders' deletes too many. Resolves: #92139 Related: #69135 Related: #60249 Releases: master, 10.4, 9.5 Change-Id: I4d0694d2657c9bf12a5200b6474f1ed1f083d98e Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65481 Tested-by:
-
- 28 Aug, 2020 1 commit
-
-
Andreas Fernandez authored
This patch wraps operands in parentheses which could otherwise cause unwanted side-effects. In most cases null coalesce operators are affected. Resolves: #92104 Releases: master, 10.4, 9.5 Change-Id: I95815354090516f09b61655126c61ccc8714a751 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65499 Tested-by:
-
- 27 Aug, 2020 1 commit
-
-
Add the specific way to override a RTE configuration preset for a flexform field Resolves: #92102 Releases: master, 10.4, 9.5 Change-Id: I88a621aff48c43833cf5ee9a8e97403322a33a05 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65476 Tested-by:
-
- 26 Aug, 2020 1 commit
-
-
Andreas Fernandez authored
Instead of generating the URL to the backend login, the URI of the current request is now used for the referrer check in backend login. This fixes a redirect issue with password recovery links opened via email. The anchor-based reload detection has been replaced with a localStorage-based solution as browsers don't trigger a new request if the target location is already loaded, but only an achor is appended to the URL. Resolves: #91442 Releases: master, 10.4, 9.5 Change-Id: I577bdd8ce75c94f864852f812c0b8ad66f0d5634 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65003 Tested-by:
Jörg Bösche <typo3@joergboesche.de> Reviewed-by:
-
- 21 Aug, 2020 1 commit
-
-
Since #91354 the Core has security checks for valid and secure HTTP responses. Add additional configuration in the default .htaccess template to ensure those checks are green by default. Resolves: #91893 Releases: master, 10.4, 9.5 Change-Id: Ibcb7d9b9b5fde3b1a9054d0cbf51fda710cd8f0d Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65413 Tested-by:
-
- 19 Aug, 2020 1 commit
-
-
Resolves: #92037 Releases: master, 10.4, 9.5 Change-Id: I1278496485ead10a46f82c1d681db1e48a0aac1d Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65305 Tested-by:
-
- 17 Aug, 2020 1 commit
-
-
Page tree will fetch just 2 levels of pages plus pages which are expanded on the initial load. Next levels are fetched on demand via Ajax when expanding the node. Search works server side now. To clear search, click on "x" button. Change-Id: I2691c531b419398325989070c375a9ec0d08ae82 Releases: master, 10.4, 9.5 Resolves: #88943 Resolves: #88098 Resolves: #88259 Resolves: #91884 Resolves: #91753 Resolves: #91916 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65355 Tested-by:
-
- 14 Aug, 2020 1 commit
-
-
Helmut Hummel authored
Instead of looking at the mime type of the file, the configured image file extensions is checked to decide whether to extract width and height for sys_file_metadata. This allows pdf files to have their width and height to be extracted. While the exact pixel values do not matter much for a PDF, the ratio of width and height (landscape or portrait or even square) can be very useful to "know". Releases: master, 10.4, 9.5 Resolves: #91967 Change-Id: I354be4f07edf6e4c3b59748ccb87b67dd66caa8e Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65323 Tested-by:
-
- 13 Aug, 2020 1 commit
-
-
Georg Ringer authored
Fix a typo in the variable name to show possible descriptions again. This is especially useful if a task failed because it contains the actual error message. It has been broken since the refactoring to fluid. Resolves: #91871 Releases: master, 10.4, 9.5 Change-Id: I8cd1ed8268e810ca505bc74728db62ac229c034f Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65314 Tested-by:
Georg Ringer <georg.ringer@gmail.com> Reviewed-by:
-
- 12 Aug, 2020 1 commit
-
-
Canonical URL generation is tested using real requests to the website frontend instead of manually creating TSFE components. Resolves: #91982 Releases: master, 10.4, 9.5 Change-Id: I325af73d53af5ae9ccefd6a0c3d75776c4951893 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65287 Tested-by:
-
- 10 Aug, 2020 4 commits
-
-
The route configuration shown below using `ExtbaseEnhancer` is currently not evaluated anymore due to missing route variables in `routePath`. For this particular case in `ExtbaseEnhancer` the controller-action pair is implicitly defining variables. MyPlugin: type: Extbase extension: ... plugin: ... routes: - routePath: '/action' _controller: 'MyController::action' Resolves: #91880 Releases: master, 10.4, 9.5 Change-Id: Ib42f87c3c9f83acc7f2ceec4a93169d15777ed08 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65233 Tested-by: -
Calling ShowImageController with old links containing serialized parameters leads to PHP warnings as the json_decode doesn't return an array in this case. To prevent this warnings we now ensure that parameters is a valid array in any case, prior to calling the foreach. Resolves: #91882 Releases: master, 10.4, 9.5 Change-Id: If33068f4f69bd858ff130ca4f31970df8fa1d624 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65242 Tested-by:
Oliver Klee <typo3-coding@oliverklee.de> Reviewed-by:
-
When dealing with inline foreign field setups in workspaces and having a child table not workspace aware, the DataHandler still tries to create workspace copies of the not workspace aware child. In v9, it sets pid=-1 for those records, which succeeds if the pid db field is signed. In this case a dead record of the child is created. If the field is unsigned, the insertion fails and an error message is created. In v10 and master pid=-1 is gone and the real pid is set, the record is created and becomes a 1:1 duplicate in live workspace. The patch adds an according check to the DataHandler in workspace context to skip not workspace aware children. Resolves: #91680 Releases: master, 10.4, 9.5 Change-Id: Ifb8183f25e69a75ecc5b5ebac3c9a57c03265e7f Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65253 Tested-by:
-
The Backport of #86653 to 9.5 introduced a regression that made it impossible to preview hidden content via adminpanel in the frontend, when the option "Show hidden records" is used. Releases: 9.5 Resolves: #91083 Related: #86653 Change-Id: I0967012172b2823731a1545cda70ed4f883605b3 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/64491 Tested-by:
Daniel Haupt <mail@danielhaupt.de> Tested-by:
Tomas Norre Mikkelsen <tomasnorre@gmail.com> Reviewed-by:
Markus Gehrig <markus.gehrig96@gmail.com> Reviewed-by:
-
- 07 Aug, 2020 1 commit
-
-
Benni Mack authored
This reverts commit fb61db41 as it contained various regressions, which should be fixed in the next iteration. Change-Id: Ic9a4e543daab4697605073a00e7a51ab139a67a8 Releases: master, 10.4, 9.5 Resolves: #91949 Reverts: #88943 Reverts: #88098 Reverts: #88259 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65205 Tested-by:
Frank Nägler <frank.naegler@typo3.org> Tested-by:
-
- 06 Aug, 2020 2 commits
-
-
This change uses a "random" frontend user ID (currently 1337) to a very unlikely number PHP_INT_MAX to ensure that no usual frontend user is used to preview. This line can be removed completely once https://review.typo3.org/c/Packages/TYPO3.CMS/+/64441 is fixed as well. But 1337 is a no-go (that's why it needs to into 9.5) Resolves: #91837 Related: #90773 Releases: master, 10.4, 9.5 Change-Id: I70eebcf1220b216b3a9929a7b31eb83e999f282a Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65219 Tested-by:
-
Helmut Hummel authored
Only try to fetch translated uids for translated records, and provide is_siteroot field for slug helper, so that it can be checked if slug is generated for a site root. Resolves: #90736 Resolves: #89485 Releases: master, 10.4, 9.5 Change-Id: I707e5a1df2d06a81eea2dd491302b003d086e42a Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65066 Tested-by:
-
- 04 Aug, 2020 6 commits
-
-
The variable $crazyRecursionLimiter actually limits the number of subpages that are rendered for each page and not the depth of recursive calls to getTree(). This limit only affects the browsable pagetree in for example the link browser and not the pagetree in the navigation pane. Resolves: #91853 Releases: master, 10.4, 9.5 Change-Id: Ib2ff5471226217bc880ddee3b278771393a09354 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65169 Tested-by:
Anja Leichsenring <aleichsenring@ab-softlab.de> Reviewed-by:
-
Prevents a non-numeric value warning in ErrorHandler.php by casting the value given to the parameter of the constructor to an int. Resolves: #91930 Releases: master, 10.4, 9.5 Change-Id: I000596ee0bdf8599a2eadea5216286971a94c806 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65164 Tested-by:
-
This commit prevents a warning regarding a non-numeric value in the phpErrorCode argument of the PhpErrorCodeViewHelper. TYPO3 Fluid is actually not converting the value to int, and there could be anything incoming as parameter. Resolves: #91929 Releases: master, 10.4, 9.5 Change-Id: I3514004829f97849b9fb6f16b07f9ffb53679f87 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65162 Tested-by:
-
The core version check is run synchronously while logging into the Backend. If the get.typo3.org service is down, logins take extremely long. Since there is no API to run this check asynchronously, the patch drops this information from the toolbar, it is only available in the reports module. Resolves: #91507 Related: #84549 Releases: master, 10.4, 9.5 Change-Id: I78fd381df1aff6a40cc9bd57ac5a4babed2ec999 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65183 Tested-by:
-
This patch fixes DBAL-DriverExceptions on PostgreSQL for updates of the user configuration by defining the correct parameter type for strings containing NULL bytes in the update queries. Resolves: #91468 Releases: 10.4, 9.5 Change-Id: I07661438031e4cee0821657e1f926ac685db371f Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/64572 Tested-by:
-
This patch fixes the SQL query retrieving the failed login attempts which was broken due to a missing GROUP BY statement on PostgreSQL and MySQL when using strict mode. Additionally the performance has been improved by reversing the order of query executions: The failed attempts are now only retrieved if more than $max allowed failures have been recorded. Resolves: #91649 Releases: master, 10.4, 9.5 Change-Id: I1778e74cd4fc820d7fd330794b61f068babb9206 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65100 Tested-by:
Stephan Großberndt <stephan.grossberndt@typo3.org>
Tested-by: Stephan Großberndt <stephan.grossberndt@typo3.org>
Reviewed-by:
-
- 03 Aug, 2020 1 commit
-
-
Language handling always bases on the existence of a page version for the requested language. If this is not available, handling follows fallback settings. Functional Tests that test for translated content to be returned as expected must provide such a translated page on their own, else the fallback handling kicks in, renders the test falsly reassuring. Resolves: #91905 Releases: master, 10.4, 9.5 Change-Id: I77d1e096cd0e62134ffd818f8bd32667e566d44a Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65173 Tested-by:
-
- 31 Jul, 2020 3 commits
-
-
The example of how to use the FormProtectionFactory in frontend context uses non-matching arguments making the whole code example harder to understand. This patch adjusts the ReST document to use the same arguments in validateToken() as in generateToken() to make the connection to these methods more clear. Releases: master, 10.4, 9.5 Resolves: #91895 Change-Id: Ie1cff9df38295c08926699af29b4698e1f49d47e Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65156 Tested-by:
-
Each link triggering the "New content element" wizard is now initially disabled and gets enabled once the according module has been loaded and initialized. Resolves: #91165 Resolves: #91848 Releases: master, 9.5 Change-Id: Ic4073faa5bd97f9b50bb8c3ada6864539c0ae63f Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65090 Tested-by:
Oliver Bartsch <bo@cedev.de>
Tested-by: Oliver Bartsch <bo@cedev.de>
Reviewed-by: -
As data is fetched from database, it might not be of proper types, e.g. when using sqlite. Therefore ensure returned value is of expected type. Resolves: #91894 Releases: master, 10.4, 9.5 Change-Id: Ie7fefafa8978c0a01755a8e7c749ed7010697f8d Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65152 Reviewed-by:
-
- 28 Jul, 2020 2 commits
-
-
Change-Id: I24988b5c3c850252c2be6ec0ff3e6f23459a3446 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65129 Tested-by:
-
Change-Id: I53436b24663b8bcb5f2a53017d588795a508caa2 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65128 Tested-by:
-
