composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,971 Commits 151 Branches 134 Tags
da99a250bf152aeb8b5cc79cc201fe2022380375
Commit Graph

1774 Commits

Author SHA1 Message Date
Pierre Goiffon
763112c179 N°7344 rest.php core/get : add try/catch around query execution (#622) 
Co-authored-by: Thomas Casteleyn <thomas.casteleyn@super-visions.com>
Co-authored-by: Molkobain <lajarige.guillaume@free.fr>
 2024-03-12 18:08:04 +01:00
Anne-Catherine
87582a021b N°6993 - Error message on bulk transition on object containing a null blob (#596) 2024-01-15 15:49:19 +01:00
odain-cbd
c140ebcb6b N°7085 - Fix infinite loop in login page until fatal error occurs (#592) 
* N°7085 - login page infinite loop until fatal error- add Config->AddAllowedLoginTypes

* N°7085 - reproduce issue via a test

* N°7085-fix infinite loop

* N°7085 - ci: fix config file rights in tearDown

* N°7085 - ci: fix config file rights in tearDown (again)

* N°7085 - ci: fix config file content

* N°7085 - ci : add runTestsInSeparateProcesses

* Update core/config.class.inc.php

Co-authored-by: Molkobain <lajarige.guillaume@free.fr>

* N°7085 - exit -1 + enhance log message

* PR feedbacks from Romain regarding LoginTest annotations

---------

Co-authored-by: Molkobain <lajarige.guillaume@free.fr>
 2024-01-12 08:13:40 +01:00
Pierre Goiffon
a4f6f6e877 N°4368 Fix CORB blocking regression (#598) 
Don't send X-Content-Type-Options HTTP header for certain WebPage impl to workaround CORB blocking
To disable globally this new behavior introduced in 9865bf07, set the `security.enable_header_xcontent_type_options` config parameter to false

Thanks @Molkobain for the review !
 2024-01-05 10:41:18 +01:00
Pierre Goiffon
9865bf0779 N°4368 add sending X-Content-Type-Options HTTP header 
Replace in consumers the \WebPage::add_xframe_options call by \WebPage::add_http_headers
 2023-12-19 18:25:26 +01:00
Pierre Goiffon
5a43448644 N°6458 Security hardening 2023-11-15 11:14:07 +01:00
Stephen Abello
9469681a0c N°6777 - Security hardening 2023-10-17 09:12:40 +02:00
Pierre Goiffon
c72cb7e70e N°6606 security hardening 2023-10-13 17:15:37 +02:00
Pierre Goiffon
9df92665e0 N°6606 Backport of utils::ENUM_SANITIZATION_FILTER_* constants 
Were introduced in 3.0.0, but not added to the support/2.7 branch
 2023-10-13 17:10:35 +02:00
Molkobain
851ab9c356 N°6097 - Add \utils::GetDataPath() method to avoid duplicating manual path build 2023-08-10 15:45:39 +02:00
Eric Espie
5475b9fbbe N°3454 - MoveToProd in 2 steps - fix utils::GetCurrentModuleName() 2023-07-25 17:44:43 +02:00
Eric Espie
6f8e7c7002 N°3454 - MoveToProd in 2 steps - fix utils::GetCurrentModuleUrl() 2023-07-25 17:20:37 +02:00
Eric Espie
d388ce9a06 Merge branch 'feature/6548_Hide_DBHost_and_DBUser_in_log' into support/2.7 2023-07-18 09:17:40 +02:00
Stephen Abello
2b5973ec67 N°6436 - Integrate Performance Audit pre requisite in iTop Pro 2.7.9 2023-07-18 09:15:37 +02:00
Eric Espie
78396d8e4a 6548 - [ER] Hide DBHost and DBUser in log 2023-07-10 17:37:27 +02:00
Eric Espie
90cf7502e8 N°6358 - Login REST API 2023-06-07 10:09:30 +02:00
Eric Espie
c596fa2967 N°6358 - Login API REST 2023-06-07 09:17:24 +02:00
Eric Espie
9e96ea2873 N°6350 - code hardening 2023-06-01 15:35:56 +02:00
Molkobain
4aff65f98b N°6217 - Add accessiblity meta data for title on "Power menu" 2023-04-25 21:51:32 +02:00
acognet
3c94974d9d N°541 - Dashlets: Improve readability when to much labels (pie chart) or too long labels (bar chart) 2023-04-25 12:09:11 +02:00
Molkobain
fbd72b2783 N°6217 - Add accessiblity meta data for title on "Power menu" 2023-04-20 11:03:43 +02:00
Anne-Catherine
4e95ca3c7b N°541 - Dashlets: Improve readability when to much labels (pie chart) or too long labels (bar chart) (#452) 
* N°541 - Dashlets: Improve readability when to much labels (pie chart) or too long labels (bar chart)
 2023-04-13 11:23:20 +02:00
Eric Espie
92a36dcfdd 📝 Change packages for auto-documentation 2022-12-29 12:24:56 +01:00
Eric Espie
b37e74b407 📝 Change packages for auto-documentation 2022-12-28 09:51:46 +01:00
Pierre Goiffon
d412a52fcc N°4449 Fix FPD in dashboard export/import 2022-11-29 18:10:17 +01:00
Eric Espie
75f4751b82 N°5741 - remove use of get_config_parameter in Twig 2022-11-23 15:09:20 +01:00
Eric Espie
4c1df9927d N°5394 - use session for the FSM 2022-09-12 09:45:30 +02:00
Anne-Catherine
d7e5705520 N°5318 - Fix DBObject::CheckValue() messages being HTML encoded when not necessary (#326) 
* Rollback N°4898 - Security fix

* N°5318 - security fix
 2022-08-12 17:50:14 +02:00
Stephen Abello
35a8b501c9 N°5393 Security hardening 2022-08-12 11:33:55 +02:00
acognet
f798ef1d76 N°4538 - Dashlet Groupby on ExternalKey with special character, bad display - remove useless test 2022-05-23 14:21:03 +02:00
Molkobain
80e7313b24 PHPDoc 2022-05-19 17:40:14 +02:00
Benjamin Dalsass
5f0a820b4a N°4899 - add sanitizer url since annotation and tests for sanitizer function 2022-05-19 08:36:42 +02:00
Benjamin Dalsass
03ef4246bf N°4899 - add sanitizer url since annotation and tests for sanitizer function 2022-05-18 12:03:07 +02:00
Benjamin Dalsass
61a2d200b4 N°4900 - Stored XSS in dashlets failed OQL query 2022-05-18 08:10:01 +02:00
Benjamin Dalsass
3d6bbe4029 Revert "N°4900 - Stored XSS in dashlets failed OQL query" 
This reverts commit 562dd8fc21.
 2022-05-18 08:05:19 +02:00
Benjamin Dalsass
8e97279401 N°4899 - Reflected XSS on revert_dashboard operation 2022-05-17 09:27:06 +02:00
Benjamin Dalsass
562dd8fc21 N°4900 - Stored XSS in dashlets failed OQL query 2022-05-17 08:20:26 +02:00
Pierre Goiffon
8e6e2432d3 Extensibility : iPortalUIExtension and AbstractPortalUIExtension aren't experimental anymore 2022-04-21 17:29:40 +02:00
acognet
6fa2d47780 N°4538 - Dashlet Groupby on ExternalKey with special character, bad display 2022-04-15 10:03:04 +02:00
Pierre Goiffon
809ea2eb49 💡 N°4854 Add phpdoc to utils::*Module* methods 2022-03-02 09:42:09 +01:00
acognet
35165568af N°4057 - Custom Translation for Custom Tab is not inherited by instanciable Classes 2022-02-14 09:10:18 +01:00
Molkobain
4a67819f87 N°4714 - Revert rename of utils::GetItopVersionWikiSyntax as it is used in cached packages in the ITSM Designer 2022-02-11 20:00:39 +01:00
Pierre Goiffon
b494ff2ce6 N°4488 Remove cmdbAbstractObject methods used in export.php from API methods and add comment in export.php 
`@deprecated` was added in 03e9bcd4 but as none of those will be removed in a near future, we are using `@internal`instead !
 2022-02-11 16:15:35 +01:00
acognet
03e9bcd47a N°4488 - deprecate cmdbAbstractObject::GetSetAsHTMLSpreadsheet() used only by the old export.php 2022-02-10 15:04:59 +01:00
Pierre Goiffon
299ad7e753 N°4714 Fix \utils::GetCoreVersionWikiSyntax throwing Exception when 2nd version digit is "0" (for example in 3.0.1) 2022-02-08 14:48:02 +01:00
Pierre Goiffon
b4fc647845 N°4714 Rename \utils::GetItopVersionWikiSyntax to GetCoreVersionWikiSyntax 
Will avoid confusion between core or product version !
 2022-02-01 15:40:43 +01:00
Pierre Goiffon
17612f88d3 N°4714 utils version method refactoring 
- removes utils::GetItopPatchVersion and GetItopMinorVersion : unused and badly named :/
- GetItopVersionWikiSyntax now uses core version constant
- iTopModulesPhpVersionIntegrationTest::testiTopModulesPhpVersion now uses ITOP_CORE_VERSION constant
 2022-02-01 15:24:56 +01:00
Pierre Goiffon
fcfcf85e0d N°4714 fix constant version usages in utils methods 2022-02-01 11:39:57 +01:00
Pierre Goiffon
45b5c39af7 N°3129 PHP 8.0 compat : code review modifications 
Many thanks @Molkobain & @Hipska !
 2022-01-31 16:41:35 +01:00
Pierre Goiffon
75dbad7406 N°3129 PHP 8.0 compat: Fix "Deprecated: Required parameter ... follows optional parameter ..." 
* \SQLObjectQuery::PrepareSingleTable
* \HistoryBlock::GetRenderContent
* \MenuBlock::GetRenderContent
* \UILinksWidgetDirect::DisplayAsBlock
* \UILinksWidgetDirect::Display
* \UILinksWidgetDirect::DisplayEditInPlace
* \UIExtKeyWidget::AutoComplete
* \UIExtKeyWidget::DisplayFromAttCode
 2022-01-28 17:01:07 +01:00