mirror of
https://github.com/getgrav/grav.git
synced 2026-07-13 01:43:47 +02:00
Merge branch 'release/1.7.12'
This commit is contained in:
11
CHANGELOG.md
11
CHANGELOG.md
@@ -1,3 +1,12 @@
|
||||
# v1.7.12
|
||||
## 04/15/2021
|
||||
|
||||
1. [](#improved)
|
||||
* Improve JSON support for the request
|
||||
1. [](#bugfix)
|
||||
* Fixed absolute path support for Windows [#3297](https://github.com/getgrav/grav/issues/3297)
|
||||
* Fixed adding tags in admin after upgrading Grav [#3315](https://github.com/getgrav/grav/issues/3315)
|
||||
|
||||
# v1.7.11
|
||||
## 04/13/2021
|
||||
|
||||
@@ -9,7 +18,7 @@
|
||||
1. [](#improved)
|
||||
* Better GPM detection of unauthorized installations
|
||||
1. [](#bugfix)
|
||||
* **IMPORTANT** Fixed security vulnerability with Twig allowing dangerous PHP functions by default (GHSA-g8r4-p96j-xfxc)[https://github.com/getgrav/grav/security/advisories/GHSA-g8r4-p96j-xfxc]
|
||||
* **IMPORTANT** Fixed security vulnerability with Twig allowing dangerous PHP functions by default [GHSA-g8r4-p96j-xfxc](https://github.com/getgrav/grav/security/advisories/GHSA-g8r4-p96j-xfxc)
|
||||
* Fixed nxinx appending repeating `?_url=` in some redirects
|
||||
* Fixed deleting page with language code not removing the folder if it was the last language [#3305](https://github.com/getgrav/grav/issues/3305)
|
||||
* Fixed fatal error when using markdown links with `image://` stream [#3285](https://github.com/getgrav/grav/issues/3285)
|
||||
|
||||
12
composer.lock
generated
12
composer.lock
generated
@@ -2135,16 +2135,16 @@
|
||||
},
|
||||
{
|
||||
"name": "rockettheme/toolbox",
|
||||
"version": "1.5.8",
|
||||
"version": "1.5.9",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/rockettheme/toolbox.git",
|
||||
"reference": "531b2c333d024becabc67b13ae819d92708c5e5f"
|
||||
"reference": "2d6693235aaca2efaadb61c84dac927aaf4eabfa"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/rockettheme/toolbox/zipball/531b2c333d024becabc67b13ae819d92708c5e5f",
|
||||
"reference": "531b2c333d024becabc67b13ae819d92708c5e5f",
|
||||
"url": "https://api.github.com/repos/rockettheme/toolbox/zipball/2d6693235aaca2efaadb61c84dac927aaf4eabfa",
|
||||
"reference": "2d6693235aaca2efaadb61c84dac927aaf4eabfa",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
@@ -2185,9 +2185,9 @@
|
||||
],
|
||||
"support": {
|
||||
"issues": "https://github.com/rockettheme/toolbox/issues",
|
||||
"source": "https://github.com/rockettheme/toolbox/tree/1.5.8"
|
||||
"source": "https://github.com/rockettheme/toolbox/tree/1.5.9"
|
||||
},
|
||||
"time": "2021-04-12T20:11:43+00:00"
|
||||
"time": "2021-04-14T19:52:40+00:00"
|
||||
},
|
||||
{
|
||||
"name": "seld/cli-prompt",
|
||||
|
||||
@@ -9,7 +9,7 @@
|
||||
|
||||
// Some standard defines
|
||||
define('GRAV', true);
|
||||
define('GRAV_VERSION', '1.7.11');
|
||||
define('GRAV_VERSION', '1.7.12');
|
||||
define('GRAV_SCHEMA', '1.7.0_2020-11-20_1');
|
||||
define('GRAV_TESTING', false);
|
||||
|
||||
@@ -68,7 +68,7 @@ unset($path);
|
||||
|
||||
// INTERNAL: Do not use!
|
||||
define('USER_DIR', GRAV_WEBROOT . '/' . GRAV_USER_PATH . '/');
|
||||
define('CACHE_DIR', (!str_starts_with(GRAV_CACHE_PATH, '/') ? GRAV_ROOT . '/' : '') . GRAV_CACHE_PATH . '/');
|
||||
define('CACHE_DIR', (!preg_match('`^(/|[a-z]:[\\\/])`ui', GRAV_CACHE_PATH) ? GRAV_ROOT . '/' : '') . GRAV_CACHE_PATH . '/');
|
||||
|
||||
// DEPRECATED: Do not use!
|
||||
define('CACHE_PATH', GRAV_CACHE_PATH . DS);
|
||||
@@ -81,10 +81,10 @@ define('PAGES_DIR', USER_DIR . 'pages/');
|
||||
define('DATA_DIR', USER_DIR . 'data/');
|
||||
define('PLUGINS_DIR', USER_DIR . 'plugins/');
|
||||
define('THEMES_DIR', USER_DIR . 'themes/');
|
||||
define('SYSTEM_DIR', (!str_starts_with(GRAV_SYSTEM_PATH, '/') ? GRAV_ROOT . '/' : '') . GRAV_SYSTEM_PATH . '/');
|
||||
define('SYSTEM_DIR', (!preg_match('`^(/|[a-z]:[\\\/])`ui', GRAV_SYSTEM_PATH) ? GRAV_ROOT . '/' : '') . GRAV_SYSTEM_PATH . '/');
|
||||
define('LIB_DIR', SYSTEM_DIR . 'src/');
|
||||
define('VENDOR_DIR', GRAV_ROOT . '/vendor/');
|
||||
define('LOG_DIR', (!str_starts_with(GRAV_LOG_PATH, '/') ? GRAV_ROOT . '/' : '') . GRAV_LOG_PATH . '/');
|
||||
define('LOG_DIR', (!preg_match('`^(/|[a-z]:[\\\/])`ui', GRAV_LOG_PATH) ? GRAV_ROOT . '/' : '') . GRAV_LOG_PATH . '/');
|
||||
// END DEPRECATED
|
||||
|
||||
// Some extensions
|
||||
|
||||
@@ -10,6 +10,7 @@
|
||||
namespace Grav\Common\Service;
|
||||
|
||||
use Grav\Common\Uri;
|
||||
use JsonException;
|
||||
use Nyholm\Psr7\Factory\Psr17Factory;
|
||||
use Nyholm\Psr7Server\ServerRequestCreator;
|
||||
use Pimple\Container;
|
||||
@@ -18,6 +19,7 @@ use function explode;
|
||||
use function fopen;
|
||||
use function function_exists;
|
||||
use function in_array;
|
||||
use function is_array;
|
||||
use function strtolower;
|
||||
use function trim;
|
||||
|
||||
@@ -51,18 +53,30 @@ class RequestServiceProvider implements ServiceProviderInterface
|
||||
$headers = function_exists('getallheaders') ? getallheaders() : $creator::getHeadersFromServer($_SERVER);
|
||||
|
||||
$post = null;
|
||||
if ('POST' === $method) {
|
||||
if (in_array($method, ['POST', 'PUT', 'PATCH', 'DELETE'])) {
|
||||
foreach ($headers as $headerName => $headerValue) {
|
||||
if ('content-type' !== strtolower($headerName)) {
|
||||
continue;
|
||||
}
|
||||
if (in_array(
|
||||
strtolower(trim(explode(';', $headerValue, 2)[0])),
|
||||
['application/x-www-form-urlencoded', 'multipart/form-data']
|
||||
)) {
|
||||
$post = $_POST;
|
||||
|
||||
break;
|
||||
$contentType = strtolower(trim(explode(';', $headerValue, 2)[0]));
|
||||
switch ($contentType) {
|
||||
case 'application/x-www-form-urlencoded':
|
||||
case 'multipart/form-data':
|
||||
$post = $_POST;
|
||||
break 2;
|
||||
case 'application/json':
|
||||
case 'application/vnd.api+json':
|
||||
try {
|
||||
$json = file_get_contents('php://input');
|
||||
$post = json_decode($json, true, 512, JSON_THROW_ON_ERROR);
|
||||
if (!is_array($post)) {
|
||||
$post = null;
|
||||
}
|
||||
} catch (JsonException $e) {
|
||||
$post = null;
|
||||
}
|
||||
break 2;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -173,6 +173,7 @@ trait ControllerResponseTrait
|
||||
if ($method !== 'GET' && $method !== 'HEAD') {
|
||||
$this->setMessage($message, 'error');
|
||||
$referer = $request->getHeaderLine('Referer');
|
||||
|
||||
return $this->createRedirectResponse($referer, 303);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user