Benjamin Dalsass
af01ff9e62
N°9121 - CSV Import : The advanced mode option no longer works as bef… ( #863 )
2026-04-14 08:02:00 +02:00
Lenaick
5d0da47f21
N°8178 - Respect "high_cardinality_classes" parameter on search operation ( #870 )
2026-04-08 09:47:46 +02:00
jf-cbd
81f328b26e
N°8543 - rename security parameter with new convention
2026-04-01 10:37:46 +02:00
Molkobain
3406ca79de
N°9361 - Update PHPDoc
2026-03-30 13:49:30 +02:00
Benjamin DALSASS
458a996c29
N°8612 - force authentication for inline image endpoints
...
- ajax.render dict route needs to be reached without login authentication
2026-03-23 15:50:47 +01:00
jf-cbd
ed33238750
Merge remote-tracking branch 'origin/support/3.2' into support/3.2
2026-03-20 16:31:44 +01:00
jf-cbd
272678b8cd
N°9361 - Indicate to itop admin concerned by 8543 that changes could be required in extension
2026-03-20 16:30:53 +01:00
Benjamin Dalsass
170014e8f0
N°9232 - Information Disclosure ( #850 )
2026-03-20 14:35:05 +01:00
Stephen Abello
2a16143e53
N°9229 - Modernize search foreign keys code with built in JS tools ( #847 )
...
* N°9229 - Modernize search foreign keys code with built in JS tools
* N°9229 - Allow modals to have button id specified
* N°9229 - Remove the modal instead of only destroying it
* N°9229 - Remove dead code
* Update js/searchformforeignkeys.js
* Add robustness to modals button id
2026-03-18 15:23:52 +01:00
jf-cbd
eabbe2f00b
N°8543 - best practices
2026-03-18 10:09:25 +01:00
Lenaick
28db230697
N°9233 - Check user access before acquiring lock on object ( #844 )
2026-03-16 17:07:26 +01:00
jf-cbd
4fe61cbdc7
N°8543 - Add checks on exec.php ( #835 )
2026-03-16 17:06:37 +01:00
Benjamin Dalsass
e2994b645b
N°8612 inline images to base64 ( #826 )
2026-03-16 08:36:37 +01:00
lenaick.moreira
9792358aea
Remove debug OQL filter in HTML comments of the universal search page
2026-03-09 17:06:00 +01:00
lenaick.moreira
7bfa14a874
N°9235 - Sanitize oql_clause query parameter in universal search page
2026-03-09 17:06:00 +01:00
Benjamin Dalsass
ab8e7bd15e
N°9236 - tag admin fix ( #832 )
2026-03-09 08:30:39 +01:00
Lenaick
61e5536b50
N°9234 - Sanitize query expression parameter in suggested OQL on run query page ( #829 )
2026-03-05 16:02:30 +01:00
Lenaick
104dd1970f
N°9230 - Sanitize dashboard_id parameter in "revert_dashboard" operation of AJAX render function ( #828 )
2026-03-05 15:55:28 +01:00
Stephen Abello
aede5ea7b8
Fix CI by updating files code style
2026-02-23 16:25:08 +01:00
Stephen Abello
da6c443a35
Fix CI by updating files code style
2026-02-23 16:08:20 +01:00
Stephen Abello
9c39efd9af
N°8549 - Update inline images secret ( #815 )
2026-02-23 15:42:21 +01:00
Benjamin DALSASS
454a1b26eb
N°8603 N°8601 - Remove unnecessary quotes in reload url injection
2026-02-23 10:22:10 +01:00
Benjamin Dalsass
330539abd2
N°8601 N°8603 dashboards issues ( #813 )
2026-02-23 06:51:40 +01:00
odain
890a2568c8
N°8796 - Add PHP code style validation in iTop and extensions - format whole code base
2025-11-07 15:39:53 +01:00
Benjamin Dalsass
062d543b26
N°8148 - CAS problem when sending a link ending in & ( #722 )
...
N°8148 - CAS problem when sending a link ending in &
2025-06-30 14:19:33 +02:00
v-dumas
3689a83953
N°2583 - Control rights per class (bulk read on business, bulk write on others)
2025-06-11 17:13:25 +02:00
v-dumas
17d85fbb3f
N°2583 - Advanced mode on CSV import add technical classes and class codes
2025-06-11 16:50:38 +02:00
v-dumas
5e59aff74f
N°2583 - Filter Universal Search based on user rights
2025-06-11 16:48:28 +02:00
v-dumas
9e1e81ccc1
N°2583 - Audit, User, Query classes available for universal Search without the "Administrator" profile
2025-06-11 11:17:27 +02:00
v-dumas
cb13a7a5b4
N°2583 - Audit, User, Query classes can be Import with bulk_modify right
2025-05-23 17:37:47 +02:00
bdalsass
9618e47045
N°8201 - [CVE_Request]_Cross-Site-Script Reflected(XSS Reflected at the name="attr_installed" (Low or Medium)
2025-05-23 10:16:22 +02:00
Eric Espie
23af649d7f
Merge remote-tracking branch 'origin/support/3.1' into support/3.2
2024-10-14 09:26:25 +02:00
Eric Espie
88756a443a
Fix event listeners display when the listener is a static method
2024-10-14 09:25:05 +02:00
Eric Espie
0f1f2875ff
Allow searching unknown class
2024-09-20 14:37:29 +02:00
Molkobain
119dcf9c97
N°7730 - Rename constant as it is actually for ID and class selectors, not only IDs
2024-08-26 13:55:03 +02:00
Eric Espie
b7d14ca48e
N°7730 - code hardening
2024-08-26 13:55:03 +02:00
Molkobain
8c704951e1
N°7730 - Rename constant as it is actually for ID and class selectors, not only IDs
2024-08-19 18:41:32 +02:00
Eric Espie
24c23628d6
N°7730 - code hardening
2024-08-19 15:15:22 +02:00
jf-cbd
0ee1818f12
N°7732 - CSRF protection generating error when cancelling the creation of an object
...
N°7741 - PDF export on impact analysis not working
2024-08-07 17:56:34 +02:00
Molkobain
d32949d1d3
N°7410 - Fix typo in template path
2024-07-18 16:06:12 +02:00
Romain Quetiez
baf85e7a80
N°7629 Deprecate utils::GetClassesForInterface in favor of InterfaceDiscovery::FindItopClasses
...
Improve caching strategy and robustness
2024-07-16 10:13:13 +02:00
jf-cbd
0d9f348e93
🎨 Reformatting log channels name
2024-07-05 12:05:51 +02:00
Molkobain
296c5bd3d2
N°7565 - Refactor "other actions" tab to display action class name on the panel
2024-07-04 23:42:17 +02:00
Molkobain
a2bddea1e2
N°7565 - Forbid disabling internal newsroom provider
2024-07-04 23:33:38 +02:00
Molkobain
c3582f0aff
N°7552 - Fix mentions not taking triggers filter into account
2024-07-04 11:30:51 +02:00
jf-cbd
7b6334d447
Merge remote-tracking branch 'refs/remotes/origin/support/3.1' into support/3.2
2024-07-04 11:01:16 +02:00
jf-cbd
bfd9be8280
Merge remote-tracking branch 'refs/remotes/origin/support/3.0' into support/3.1
2024-07-04 10:59:57 +02:00
jf-cbd
96e1388dde
N°7603 - Security hardening + UI blocks examples updated
2024-07-04 10:56:08 +02:00
jf-cbd
8b35679fcf
N°7124 - Security hardening
2024-07-03 15:51:43 +02:00
jf-cbd
98f946c871
N°7124 - [SECU] Cross-Site Request Forgery (CSRF) in several iTop pages (finalize implementation)
2024-07-02 17:14:55 +02:00
