Merge branch 'release/1.7.12'

This commit is contained in:
Andy Miller
2021-04-15 12:03:43 -06:00
5 changed files with 42 additions and 18 deletions

View File

@@ -1,3 +1,12 @@
# v1.7.12
## 04/15/2021
1. [](#improved)
* Improve JSON support for the request
1. [](#bugfix)
* Fixed absolute path support for Windows [#3297](https://github.com/getgrav/grav/issues/3297)
* Fixed adding tags in admin after upgrading Grav [#3315](https://github.com/getgrav/grav/issues/3315)
# v1.7.11
## 04/13/2021
@@ -9,7 +18,7 @@
1. [](#improved)
* Better GPM detection of unauthorized installations
1. [](#bugfix)
* **IMPORTANT** Fixed security vulnerability with Twig allowing dangerous PHP functions by default (GHSA-g8r4-p96j-xfxc)[https://github.com/getgrav/grav/security/advisories/GHSA-g8r4-p96j-xfxc]
* **IMPORTANT** Fixed security vulnerability with Twig allowing dangerous PHP functions by default [GHSA-g8r4-p96j-xfxc](https://github.com/getgrav/grav/security/advisories/GHSA-g8r4-p96j-xfxc)
* Fixed nxinx appending repeating `?_url=` in some redirects
* Fixed deleting page with language code not removing the folder if it was the last language [#3305](https://github.com/getgrav/grav/issues/3305)
* Fixed fatal error when using markdown links with `image://` stream [#3285](https://github.com/getgrav/grav/issues/3285)

12
composer.lock generated
View File

@@ -2135,16 +2135,16 @@
},
{
"name": "rockettheme/toolbox",
"version": "1.5.8",
"version": "1.5.9",
"source": {
"type": "git",
"url": "https://github.com/rockettheme/toolbox.git",
"reference": "531b2c333d024becabc67b13ae819d92708c5e5f"
"reference": "2d6693235aaca2efaadb61c84dac927aaf4eabfa"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/rockettheme/toolbox/zipball/531b2c333d024becabc67b13ae819d92708c5e5f",
"reference": "531b2c333d024becabc67b13ae819d92708c5e5f",
"url": "https://api.github.com/repos/rockettheme/toolbox/zipball/2d6693235aaca2efaadb61c84dac927aaf4eabfa",
"reference": "2d6693235aaca2efaadb61c84dac927aaf4eabfa",
"shasum": ""
},
"require": {
@@ -2185,9 +2185,9 @@
],
"support": {
"issues": "https://github.com/rockettheme/toolbox/issues",
"source": "https://github.com/rockettheme/toolbox/tree/1.5.8"
"source": "https://github.com/rockettheme/toolbox/tree/1.5.9"
},
"time": "2021-04-12T20:11:43+00:00"
"time": "2021-04-14T19:52:40+00:00"
},
{
"name": "seld/cli-prompt",

View File

@@ -9,7 +9,7 @@
// Some standard defines
define('GRAV', true);
define('GRAV_VERSION', '1.7.11');
define('GRAV_VERSION', '1.7.12');
define('GRAV_SCHEMA', '1.7.0_2020-11-20_1');
define('GRAV_TESTING', false);
@@ -68,7 +68,7 @@ unset($path);
// INTERNAL: Do not use!
define('USER_DIR', GRAV_WEBROOT . '/' . GRAV_USER_PATH . '/');
define('CACHE_DIR', (!str_starts_with(GRAV_CACHE_PATH, '/') ? GRAV_ROOT . '/' : '') . GRAV_CACHE_PATH . '/');
define('CACHE_DIR', (!preg_match('`^(/|[a-z]:[\\\/])`ui', GRAV_CACHE_PATH) ? GRAV_ROOT . '/' : '') . GRAV_CACHE_PATH . '/');
// DEPRECATED: Do not use!
define('CACHE_PATH', GRAV_CACHE_PATH . DS);
@@ -81,10 +81,10 @@ define('PAGES_DIR', USER_DIR . 'pages/');
define('DATA_DIR', USER_DIR . 'data/');
define('PLUGINS_DIR', USER_DIR . 'plugins/');
define('THEMES_DIR', USER_DIR . 'themes/');
define('SYSTEM_DIR', (!str_starts_with(GRAV_SYSTEM_PATH, '/') ? GRAV_ROOT . '/' : '') . GRAV_SYSTEM_PATH . '/');
define('SYSTEM_DIR', (!preg_match('`^(/|[a-z]:[\\\/])`ui', GRAV_SYSTEM_PATH) ? GRAV_ROOT . '/' : '') . GRAV_SYSTEM_PATH . '/');
define('LIB_DIR', SYSTEM_DIR . 'src/');
define('VENDOR_DIR', GRAV_ROOT . '/vendor/');
define('LOG_DIR', (!str_starts_with(GRAV_LOG_PATH, '/') ? GRAV_ROOT . '/' : '') . GRAV_LOG_PATH . '/');
define('LOG_DIR', (!preg_match('`^(/|[a-z]:[\\\/])`ui', GRAV_LOG_PATH) ? GRAV_ROOT . '/' : '') . GRAV_LOG_PATH . '/');
// END DEPRECATED
// Some extensions

View File

@@ -10,6 +10,7 @@
namespace Grav\Common\Service;
use Grav\Common\Uri;
use JsonException;
use Nyholm\Psr7\Factory\Psr17Factory;
use Nyholm\Psr7Server\ServerRequestCreator;
use Pimple\Container;
@@ -18,6 +19,7 @@ use function explode;
use function fopen;
use function function_exists;
use function in_array;
use function is_array;
use function strtolower;
use function trim;
@@ -51,18 +53,30 @@ class RequestServiceProvider implements ServiceProviderInterface
$headers = function_exists('getallheaders') ? getallheaders() : $creator::getHeadersFromServer($_SERVER);
$post = null;
if ('POST' === $method) {
if (in_array($method, ['POST', 'PUT', 'PATCH', 'DELETE'])) {
foreach ($headers as $headerName => $headerValue) {
if ('content-type' !== strtolower($headerName)) {
continue;
}
if (in_array(
strtolower(trim(explode(';', $headerValue, 2)[0])),
['application/x-www-form-urlencoded', 'multipart/form-data']
)) {
$post = $_POST;
break;
$contentType = strtolower(trim(explode(';', $headerValue, 2)[0]));
switch ($contentType) {
case 'application/x-www-form-urlencoded':
case 'multipart/form-data':
$post = $_POST;
break 2;
case 'application/json':
case 'application/vnd.api+json':
try {
$json = file_get_contents('php://input');
$post = json_decode($json, true, 512, JSON_THROW_ON_ERROR);
if (!is_array($post)) {
$post = null;
}
} catch (JsonException $e) {
$post = null;
}
break 2;
}
}
}

View File

@@ -173,6 +173,7 @@ trait ControllerResponseTrait
if ($method !== 'GET' && $method !== 'HEAD') {
$this->setMessage($message, 'error');
$referer = $request->getHeaderLine('Referer');
return $this->createRedirectResponse($referer, 303);
}