3.1.3-rc1.md 1.64 KB

Edit Raw Blame History


3.1.3-rc1
Overview

Security: Require ADMIN for ?flush=1&isDev=1 (SS-2014-001)
Security: XSS in third party library (SWFUpload) (SS-2014-002)
Security: SiteTree.ExtraMeta allows JavaScript for malicious CMS authors (SS-2014-003)
Better loading performance when using multiple UploadField instances
Option for force_js_to_bottom on Requirements class (ignoring inline <script> tags)
Added ListDecorator->filterByCallback() for more sophisticated filtering
New DataList filters: LessThanOrEqualFilter and GreaterThanOrEqualFilter
"Cancel" button on "Add Page" form
Better code hinting on magic properties (for IDE autocompletion)
Increased Behat test coverage (editing HTML content, managing page permissions)
Support for PHPUnit 3.8

Upgrading
SiteTree.ExtraMeta allows JavaScript for malicious CMS authors
If you have previously used the SiteTree.ExtraMeta field for <head> markup
other than its intended use case (<meta> and <link>), please consult
SS-2014-003.
Changelog

framework
cms
installer