Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
42,266 Commits
38 Branches
683 Tags
532 MiB
Commit Graph

70 Commits (d2eb0235ccea45707c168feab2dba3d9ec7f941f)

Author SHA1 Message Date
xjm 706b0006c5
SA-CORE-2023-005 by benjifisher, Heine, cmlara, mlhess, larowlan, David_Rothstein, xjm, Wim Leers, DamienMcKenna, effulgentsia, pwolanin, mcdruid, poker10, jenlampton, longwave, kim.pepper, alexpott, drumm 2023-04-19 11:18:37 -05:00
Dave Long d45cf927fc
Issue #3027639 by catch, jonhattan, ankithashetty, Lal_, voleger, beunerd, cmlara, yogeshmpawar, Jose Reyero, drfuzetto, MiguelArber, smustgrave, longwave, Berdir, leandro713, Ambient.Impact, olli, amitaibu: Make css/js optimized assets path configurable 2023-04-11 14:10:23 +01:00
Dave Long 1d3e0326a5
Issue #3336463 by sleitner, recrit, catch: Htaccess rewrite rules for gzipped CSS and JavaScript aggregates never match 2023-03-30 15:03:35 +01:00
Alex Pott 67357a32f4
Issue #3311406 by Anybody, Grevil, nod_: .htaccess ExpiresDefault (2W) is much too low. Should be ~1Y 2023-03-21 11:59:13 +00:00
catch b3fac4a09f Issue #3328454 by xjm, Bhanu951, jidrone, smustgrave: Replace most strpos() !== FALSE or === FALSE with str_contains() 2023-03-18 11:30:09 +00:00
Dave Long beab28f25f
Issue #3107548 by tunic, roderik, nicrodgers, greggles, anita_novicell, larowlan: Enhance hash_salt documentation in default.settings.php 2023-03-12 20:06:51 +00:00
catch f36dacc692 Issue #3150614 by pfrenssen, cilefen, murilohp, FinnishFlash, mpp, andypost, ranjith_kumar_k_u, vagelis-prokopiou, rpayanm, tsplash, blazey, Winn, znerol, alexpott, Berdir, mxr576, catch, anagomes: Set SameSite on session cookies 2023-03-06 17:14:57 +00:00
catch e6c4507cfe Revert "Issue #3150614 by pfrenssen, cilefen, murilohp, FinnishFlash, mpp, andypost, ranjith_kumar_k_u, vagelis-prokopiou, blazey, tsplash, Winn, alexpott, Berdir, mxr576: Set SameSite on session cookies" 
This reverts commit a3bddae403.
 2023-03-03 16:08:14 +00:00
catch a3bddae403 Issue #3150614 by pfrenssen, cilefen, murilohp, FinnishFlash, mpp, andypost, ranjith_kumar_k_u, vagelis-prokopiou, blazey, tsplash, Winn, alexpott, Berdir, mxr576: Set SameSite on session cookies 2023-03-03 11:13:53 +00:00
catch e4d567db3b Issue #3317265 by ressa, smustgrave: Use immediately visible and functioning String override example 2023-02-23 16:22:19 +00:00
catch 2d0782d91f Issue #3198868 by dpi, acbramley, larowlan: Add delay to queue suspend 2023-02-23 10:20:36 +00:00
Dave Long 945c48ff03
Issue #3333281 by MustangGB, smustgrave, xjm: Give trusted host configuration hint in default.settings.php 2023-02-16 22:36:17 +00:00
xjm e7b87b5c20
Issue #2854817 by Liam Morland, longwave, alexpott, JoshaHubbers, effulgentsia, alex-b, Mile23, thalles, mr.baileys, Wim Leers, xjm: Duplicate X-Content-Type-Options headers both with the value nosniff 2023-01-26 06:37:33 -06:00
Alex Pott 86bced910a
Issue #3191389 by anmolgoyal74, greggles, larowlan, mcdruid, pwolanin, brayfe: File Inclusion issue security hardening 2023-01-20 14:18:55 +00:00
xjm efb94e3a54
Issue #3327115 by Eric_A, alexpott, xjm, longwave, pandaski: .htaccess rules broken since yarn.lock got added 2022-12-14 20:51:17 -06:00
Dave Long e9e78219c4
Issue #3032746 by mfb, O'Briat, Anybody: Improve documentation for reverse proxy addresses setting 2022-11-30 17:35:34 +00:00
catch 2233484fba Issue #3308369 by JeroenT, cilefen: Block access to yarn.lock and package.json 2022-11-17 16:56:43 +00:00
catch af6cdbf062 Issue #3260401 by idebr, Spokje, Akram Khan, mcdruid, longwave, alexpott: Google is abandoning FLoC - so remove the header 2022-11-17 14:13:32 +00:00
Alex Pott b29f980b79
Issue #3112452 by lalitware, guilhermevp, narendra.rajwar27, WagnerMelo, ravi.shankar, mradcliffe, adalbertov, himanshu_sindhwani, quondam, Vidushi Mehta, alexpott, longwave, anmolgoyal74: Fix indentation consistency in core's yaml files 2022-10-09 12:06:21 +01:00
Alex Pott 198b03a0e5
Issue #3271222 by Rajab Natshah, yogeshmpawar, BramDriesen: Include Disallow Oembed media links in the robots.txt file for better Drupal SEO 2022-10-05 12:58:39 +01:00
Alex Pott bc1a8d8493
Issue #3305748 by kay_v, Spokje, bmahesh03121: improve instructions for allowedOrigins in default.services.yml 2022-10-03 14:30:44 +01:00
Alex Pott 9fbab426bf
Issue #3096101 by quietone, danflanagan8, abhisekmazumdar, anmolgoyal74, alexpott, gabesullice, Wim Leers, Matroskeen, ankithashetty, mikelutz, benjifisher, daffie, webchick: Allow migrate_drupal_ui source database to be set in settings.php 2022-10-03 14:17:48 +01:00
Alex Pott a6c49dbae4
Issue #1040534 by catch, Owen Barton, danreb, mikeytown2, ogi, omega8cc, xjm: Rewrite rules for gzipped CSS and JavaScript aggregates cause lots of lstats for files that will never exist 2022-10-03 14:14:32 +01:00
xjm 0ca6cc73e2
SA-CORE-2022-016 by fabpot, nicolas.grekas, xjm, lauriii, alexpott, Berdir, larowlan, catch, longwave, cilefen, james.williams, benjifisher 2022-09-28 11:52:42 -05:00
Alex Pott c7357380a2
Issue #3079404 by anavarre: Document that .htaccess 301s get the ExpiresDefault value of 2 weeks instead of the Drupal value 2022-09-26 20:32:11 +01:00
catch cc44e691f9 Issue #2381797 by Tom Verhaeghe, slashrsm, johnwebdev, chr.fritsch, ankithashetty, Krzysztof Domański, nevergone, tobiasb, yogeshmpawar, anmolgoyal74, dhirendra.mishra, Wim Leers, longwave, Fabianx, andypost, joachim, alexpott: Add render_cache debug output 2022-09-21 14:49:58 +01:00
catch ebe774d4b9 Issue #3293216 by longwave, Spokje, quietone: Rename references to Simpletest in tests 2022-08-15 11:24:13 +09:00
Lauri Eskola 047faa3e96
Issue #3262674 by tstoeckler, lauriii, cindytwilliams, mherchel, Gábor Hojtsy: Use Claro instead of Bartik as fallback maintenance theme 2022-08-08 11:39:05 +03:00
Alex Pott f42a2f544e
Issue #3119840 by raman.b, hugovk, johnwebdev, dawehner: Support syntax highlighting on GitHub for non-standard PHP extension files 2022-07-23 06:57:02 +01:00
xjm 0b4f0cda54
SA-CORE-2022-012 by cmlara, GuyPaddock, larowlan, mondrake, effulgentsia, xjm, longwave, Dave Reid, lauriii, David Strauss, benjifisher, alexpott, mcdruid, Fabianx 
(cherry picked from commit 1f82337d17)
 2022-07-20 10:24:21 -05:00
catch ac1a32abf8 Issue #3292908 by alexpott, dww, longwave, catch, Berdir, Charlie ChX Negyesi, mradcliffe, kndr: Fast 404s are slower than regular 404s 2022-07-19 17:31:48 +09:00
xjm fa594a90ab
Issue #3295650 by Spokje, BR0kEN, Berdir, catch, Krzysztof Domański, longwave, voleger, neclimdul: Stop recommending using \Drupal\Component\Assertion\Handle::register() in example.settings.local.php 2022-07-13 13:05:24 -05:00
catch 70d480ab7f Issue #2733675 by smccabe, murilohp, andregp, Johnny Santos, ankithashetty, mglaman, jonathanshaw, daffie, alexpott, catch, froboy: Warning when mysql is not set to READ-COMMITTED 2022-06-17 11:00:43 +01:00
catch 1f171b936c Issue #3166449 by ravi.shankar, adamzimmermann, mmatsoo, walangitan, joshua.boltz, Cottser: Improve wording around twig.cache setting for production environments 2022-02-14 17:23:42 +00:00
Alex Pott 648e58d053
Issue #3175428 by tunic, kishor_kolekar, ranjith_kumar_k_u: Add link to "Trusted host settings" in default.settings.php 2022-01-03 15:55:48 +00:00
Alex Pott 934f42ae87
Issue #3129043 by mondrake, daffie, ankithashetty, ravi.shankar, alexpott, Beakerboy, catch: Move core database drivers to modules of their own 2021-12-29 17:14:14 +00:00
catch 94ee839741 Issue #3255350 by alexpott, longwave: Remove PHP 7 code from Drupal 10 2021-12-21 13:04:58 +00:00
Alex Pott 87fc0a7d04
Issue #3186524 by longwave, alexpott, xjm, Spokje: Fix htaccess files for PHP 8 2021-12-21 09:27:26 +00:00
catch d79e4a6518 Issue #3106531 by mondrake, daffie, Rithesh BK, catch, xjm: Notify in Status Report that per-table database prefixes are no longer supported, and will throw errors in Drupal 10.0 2021-09-07 16:26:18 +01:00
catch 492b7a181d Issue #2473875 by znerol, alexpott, andypost, kim.pepper, amit.drupal, raman.b, martin107, joachim: Convert uses of $_SESSION to symfony session retrieved from the request 2021-08-18 09:53:24 +01:00
catch f45d8df4f2 Issue #3190070 by Spokje: Incorrect comment indentation in default.services.yml 2021-08-16 15:10:49 +01:00
catch 6802ea3355 Issue #3207968 by quietone, longwave, Spokje: Replace @codingStandards comments with phpcs: comments 2021-05-17 20:22:22 +01:00
effulgentsia 573e752f04 Issue #3209628 by longwave, rachel_norfolk, antiorario, phenaproxima, rootwork, larowlan, neclimdul, Maeglin: Add Permissions-Policy header to block Google FLoC 2021-05-14 13:39:12 -07:00
Lee Rowlands 79dd8321b2
Issue #3041885 by tedbow, beautifulmind, dww, ayushmishra206, phenaproxima, webchick, xjm, AaronMcHale, larowlan, benjifisher, heddn, catch, jhodgdon, longwave, mglaman, alexpott, mxr576, effulgentsia: Display relevant Security Advisories data for Drupal 2021-05-12 16:40:17 +10:00
webchick 3b1a9ef0c4 Issue #3192842 by gabesullice, xjm, phenaproxima, lhockley, thalles: Make our README more welcoming by converting it into an "entrypoint" into the Drupal ecosystem 2021-02-11 12:04:33 -08:00
catch 7e9af0f04d Issue #3195533 by daffie, longwave: [Symfony 6] The constant Symfony\Component\HttpFoundation\Request::HEADER_X_FORWARDED_ALL is deprecated 2021-02-02 10:02:25 +00:00
catch cda287d212 Issue #2238561 by alexpott, dawehner, andypost, bradjones1, ridhimaabrol24, jofitz, eiriksm, Darren Oh, kalyansamanta, znerol, neclimdul, catch, pwolanin: Use the default PHP session ID instead of generating a custom one 2021-01-04 13:23:54 +00:00
catch 0a27cd413e Issue #3181084 by alexpott, anushrikumari: Remove commented out httpoxy rule from web.config 2020-11-30 11:14:32 +00:00
Alex Pott 0eec7fe50d
Issue #3138746 by jungle, rajandro, sja112, longwave, jameszhang023, quietone, dww: Fix 45 "shouldBeCamelCased" and related typos in core 2020-11-09 11:14:31 +00:00
Lee Rowlands dcd4464392
Issue #1538118 by dww, swentel, dawehner, pwolanin, sanduhrs, alexpott, ayushmishra206, Wim Leers, yogeshmpawar, mgifford, cilefen, David_Rothstein, drumm, larowlan, Heine, colan, tedbow, benjifisher, klausi, borisson_, quietone: Update status does not verify the identity or authenticity of the release history URL 2020-11-05 08:53:31 +10:00