Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: silverstripe/silverstripe-admin
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 1.11.2
Choose a base ref
...
head repository: silverstripe/silverstripe-admin
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 1.11
Choose a head ref
  • 4 commits
  • 3 files changed
  • 3 contributors

Commits on Aug 25, 2022

  1. Verified

    This commit was signed with the committer’s verified signature.
    virajjasani Viraj Jasani
    Copy the full SHA
    20ef8e7 View commit details

Commits on Aug 29, 2022

  1. Merge pull request #1349 from creative-commoners/pulls/1.11/rescue-ma…

    …ster-fieldholder-case
    
    BUG case error in SelectionGroup template
    emteknetnz authored Aug 29, 2022

    Verified

    This commit was signed with the committer’s verified signature.
    virajjasani Viraj Jasani
    Copy the full SHA
    6d19987 View commit details

Commits on Sep 14, 2022

  1. Verified

    This commit was signed with the committer’s verified signature.
    virajjasani Viraj Jasani
    Copy the full SHA
    e27f355 View commit details

Commits on Nov 20, 2022

  1. Merge pull request #1392 from creative-commoners/pulls/1.11/cve-38146

    Filter query string for protoype pollution
    GuySartorelli authored Nov 20, 2022

    Verified

    This commit was signed with the committer’s verified signature.
    virajjasani Viraj Jasani
    Copy the full SHA
    f4abae6 View commit details
Showing with 66 additions and 55 deletions.
  1. +1 −1 client/dist/js/vendor.js
  2. +64 −53 client/src/bundles/vendor.js
  3. +1 −1 themes/cms-forms/templates/SilverStripe/Forms/SelectionGroup.ss
2 changes: 1 addition & 1 deletion client/dist/js/vendor.js

Large diffs are not rendered by default.

117 changes: 64 additions & 53 deletions client/src/bundles/vendor.js
Original file line number Diff line number Diff line change
@@ -2,60 +2,71 @@
import/no-webpack-loader-syntax,
import/no-extraneous-dependencies,
import/no-unresolved,
import/extensions
import/extensions,
global-require
*/
// TODO Enable require(*.css) includes once https://github.com/webpack/extract-text-webpack-plugin/issues/179
// is resolved. Included in bundle.scss for now.

require('babel-polyfill');
require('json-js');

// jQuery plugins require that the jQuery object is exposed as a global
// webpack.ProvidePlugin is used to ensure that jQuery and $ are provided to all includes
require('script-loader!../../../thirdparty/jquery/jquery.js');
require('expose-loader?jQuery!jquery');

// Expose the libraries as globals for other modules to access
// Note that these are order-dependent - earlier items should not depend on later ones
require('expose-loader?PropTypes!prop-types');
require('expose-loader?classnames!classnames');
require('expose-loader?DeepFreezeStrict!deep-freeze-strict');
require('expose-loader?React!react');
require('expose-loader?ReactDom!react-dom');
require('expose-loader?ReactRouterDom!react-router-dom');
require('expose-loader?Reactstrap!reactstrap');
require('expose-loader?IsomorphicFetch!isomorphic-fetch');
require('expose-loader?Redux!redux');
require('expose-loader?ReactRedux!react-redux');
require('expose-loader?ReduxThunk!redux-thunk');
require('expose-loader?ReduxForm!redux-form');
require('expose-loader?ReactSelect!react-select');
require('expose-loader?ReactDND!react-dnd');
require('expose-loader?ReactDNDHtml5Backend!react-dnd-html5-backend');
require('expose-loader?Page!page.js');
require('expose-loader?validator!validator');
require('expose-loader?ApolloClient!apollo-client');
require('expose-loader?ReactApollo!react-apollo');
require('expose-loader?GraphQLTag!graphql-tag');
require('expose-loader?GraphQLFragments!graphql-fragments');
require('expose-loader?NodeUrl!url');
require('expose-loader?qs!qs');
require('expose-loader?modernizr!modernizr');
require('expose-loader?history!history');
require('expose-loader?moment!moment');
require('expose-loader?merge!merge');

require('../../../thirdparty/jquery-ondemand/jquery.ondemand.js');
require('../../../thirdparty/jquery-ui/jquery-ui.js');
// require('../../../thirdparty/jquery-ui-themes/smoothness/jquery-ui.css');
require('../../../thirdparty/jquery-entwine/dist/jquery.entwine-dist.js');
require('../../../thirdparty/jquery-cookie/jquery.cookie.js');
require('../../../thirdparty/jquery-query/jquery.query.js');
require('../../../thirdparty/jquery-form/jquery.form.js');
require('jquery-sizes/lib/jquery.sizes.js');
require('../../../thirdparty/jstree/jquery.jstree.js');
// require('../../../thirdparty/stree/themes/apple/style.css');
require('../../../thirdparty/jquery-hoverIntent/jquery.hoverIntent.js');
require('../../../thirdparty/jquery-changetracker/lib/jquery.changetracker.js');

require('chosen-js');
(() => {
// prevent prototype pollution via query string
let ok = true;
const urlParams = new URLSearchParams(window.location.search);
urlParams.forEach((value, key) => {
if (key.includes('__proto__')) {
ok = false;
}
});
if (!ok) {
window.stop();
throw new Error('Malicious url detected, aborting');
}
require('babel-polyfill');
require('json-js');
// jQuery plugins require that the jQuery object is exposed as a global
// webpack.ProvidePlugin is used to ensure that jQuery and $ are provided to all includes
require('script-loader!../../../thirdparty/jquery/jquery.js');
require('expose-loader?jQuery!jquery');
// Expose the libraries as globals for other modules to access
// Note that these are order-dependent - earlier items should not depend on later ones
require('expose-loader?PropTypes!prop-types');
require('expose-loader?classnames!classnames');
require('expose-loader?DeepFreezeStrict!deep-freeze-strict');
require('expose-loader?React!react');
require('expose-loader?ReactDom!react-dom');
require('expose-loader?ReactRouterDom!react-router-dom');
require('expose-loader?Reactstrap!reactstrap');
require('expose-loader?IsomorphicFetch!isomorphic-fetch');
require('expose-loader?Redux!redux');
require('expose-loader?ReactRedux!react-redux');
require('expose-loader?ReduxThunk!redux-thunk');
require('expose-loader?ReduxForm!redux-form');
require('expose-loader?ReactSelect!react-select');
require('expose-loader?ReactDND!react-dnd');
require('expose-loader?ReactDNDHtml5Backend!react-dnd-html5-backend');
require('expose-loader?Page!page.js');
require('expose-loader?validator!validator');
require('expose-loader?ApolloClient!apollo-client');
require('expose-loader?ReactApollo!react-apollo');
require('expose-loader?GraphQLTag!graphql-tag');
require('expose-loader?GraphQLFragments!graphql-fragments');
require('expose-loader?NodeUrl!url');
require('expose-loader?qs!qs');
require('expose-loader?modernizr!modernizr');
require('expose-loader?history!history');
require('expose-loader?moment!moment');
require('expose-loader?merge!merge');
require('../../../thirdparty/jquery-ondemand/jquery.ondemand.js');
require('../../../thirdparty/jquery-ui/jquery-ui.js');
// require('../../../thirdparty/jquery-ui-themes/smoothness/jquery-ui.css');
require('../../../thirdparty/jquery-entwine/dist/jquery.entwine-dist.js');
require('../../../thirdparty/jquery-cookie/jquery.cookie.js');
require('../../../thirdparty/jquery-query/jquery.query.js');
require('../../../thirdparty/jquery-form/jquery.form.js');
require('jquery-sizes/lib/jquery.sizes.js');
require('../../../thirdparty/jstree/jquery.jstree.js');
// require('../../../thirdparty/stree/themes/apple/style.css');
require('../../../thirdparty/jquery-hoverIntent/jquery.hoverIntent.js');
require('../../../thirdparty/jquery-changetracker/lib/jquery.changetracker.js');
require('chosen-js');
})();
Original file line number Diff line number Diff line change
@@ -23,7 +23,7 @@
<% if $FieldList %>
<div class="selection-group selection-group__item__fieldlist" id="$ID">
<% loop $FieldList %>
$Fieldholder
$FieldHolder
<% end_loop %>
</div>
<% end_if %>