Checkout Tools
  • last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates

Merge (5.3.x > 5.2.x): * [backported] Fixes INP-1883 - Rework URL-encoding in Debugger Report file URLs

r16815: Differential Revision: https://qa.in-portal.org/D492

Fixes INP-1872 - Properly handle constant absence during category cache rebuild

Differential Revision: https://qa.in-portal.org/D480

    • -2
    • +2
    ./core/units/categories/cache_updater.php

Bug INP-1725 - Introduce secure Session Key generation/storage

Differential Revision: https://qa.in-portal.org/D488

    • -31
    • +40
    ./core/units/helpers/language_import_helper.php
    • -23
    • +49
    ./core/units/categories/cache_updater.php
    • -1
    • +6
    ./core/kernel/session/session_storage.php

Fixes INP-1858 - HTML-escape data in Admin Console grids

Differential Revision: https://qa.in-portal.org/D463

    • -7
    • +7
    ./core/admin_templates/incs/grid_blocks.tpl
    • -1
    • +1
    ./core/admin_templates/incs/form_blocks.tpl
    • -2
    • +2
    ./core/admin_templates/users/user_selector.tpl
    • -3
    • +3
    ./core/admin_templates/user_selector.tpl

Fixes INP-1857 - Prevent recursion in the "\kUrlManager::show404" method

Differential Revision: https://qa.in-portal.org/D462

    • -0
    • +5
    ./core/kernel/managers/url_manager.php

Fixes INP-1856 - Make cookies unavailable via the "kApplication::GetVar" calls

Differential Revision: https://qa.in-portal.org/D465

    • -1
    • +1
    ./core/units/users/users_tag_processor.php
    • -1
    • +1
    ./core/units/users/users_event_handler.php

Fixes INP-1851 - Log file upload meta-information as part of the Request Data

Differential Revision: https://qa.in-portal.org/D457

Fixes INP-1849 - Ignore non-string Mod-Rewrite URL during URL parsing

Differential Revision: https://qa.in-portal.org/D455

Fixes INP-1846 - Escape Request URI in the System Log

Differential Revision: https://qa.in-portal.org/D452

Fixes INP-1879 - Adjust Phabricator URL to use SSL

Differential Revision: https://qa.in-portal.org/D490

Fixes INP-1725 - Introduce secure Session Key generation/storage

Differential Revision: http://qa.in-portal.org/D479

    • -1
    • +1
    ./core/units/users/users_event_handler.php
    • -11
    • +29
    ./core/kernel/session/session.php
    • -5
    • +25
    ./core/units/helpers/search_helper.php
    • -4
    • +4
    ./core/kernel/utility/temp_handler.php
  1. … 9 more files in changeset.

[backported] Fixes INP-1756 - Create "Security*" classes for security-related jobs

r16795: Differential Revision: http://qa.in-portal.org/D478

Fixes INP-1871 - Properly dispose session during logout workflow

Differential Revision: http://qa.in-portal.org/D477

Fixes INP-1870 - Save the session to the database immediately after the user login

Differential Revision: http://qa.in-portal.org/D476

    • -0
    • +5
    ./core/kernel/session/session_storage.php

Fixes INP-1869 - Add vendor autoloader support for Class Locator

Differential Revision: http://qa.in-portal.org/D475

Fixes INP-1867 - Remove the MySQL password warning from Phing DB dumps

Differential Revision: http://qa.in-portal.org/D473

Fixes INP-1866 - Verify SSL certificate on cURL connections

Differential Revision: http://qa.in-portal.org/D470

    • -24
    • +73
    ./core/units/helpers/curl_helper.php

Fixes INP-1864 - Require Username on the Login Form

Differential Revision: http://qa.in-portal.org/D471

Fixes INP-1865 - Use cryptographically safe session key generator

Differential Revision: http://qa.in-portal.org/D472

Fixes INP-1859 - Escape MySQL 8.3 keywords

Differential Revision: http://qa.in-portal.org/D464

Fixes INP-1847 - Specify image resizing defaults for category item images

Differential Revision: http://qa.in-portal.org/D453

Fixes INP-1862 - Execute "lint" prior to deploy during the build

Differential Revision: http://qa.in-portal.org/D468

Fixes INP-1861 - Cache results of the PHP_CodeSniffer & PHP_MessDetector

Differential Revision: http://qa.in-portal.org/D469

Fixes INP-1850 - Repair the "kHTTPQuery::getHeaders" method

Differential Revision: http://qa.in-portal.org/D456

Fixes INP-1848 - Filter list configuration request parameters on the Front-End

Differential Revision: http://qa.in-portal.org/D454

    • -9
    • +24
    ./core/kernel/db/cat_event_handler.php
    • -15
    • +72
    ./core/kernel/db/db_event_handler.php

Fixes INP-1817 - Change engine for storing export user presets

Differential Revision: http://qa.in-portal.org/D420

    • -15
    • +18
    ./core/units/helpers/cat_dbitem_export_helper.php
    • -28
    • +13
    ./core/kernel/db/db_event_handler.php

Fixes INP-1668 - Allow specifying image quality, orientation and output format during resizing

Differential Revision: http://qa.in-portal.org/D368

    • -5
    • +150
    ./core/units/helpers/image_helper.php

Fixes INP-1843 - Cache results of the "kCountryStatesHelper::getCountryIso" method

Differential Revision: http://qa.in-portal.org/D448

    • -12
    • +14
    ./core/units/helpers/country_states_helper.php

Fixes INP-1842 - Cache user primary group detection during Checkout

Differential Revision: http://qa.in-portal.org/D447

    • -0
    • +28
    ./core/units/helpers/user_helper.php
    • -0
    • +6
    ./core/units/users/users_event_handler.php

Fixes INP-1840 - Reset form scroll prior to window resizing handling

Differential Revision: http://qa.in-portal.org/D445