Commit graph

98 commits

Author SHA1 Message Date
mark_story
3baaecc81c Type check before unset()
Calling unset() on string indices fails fatally on 5.3.x and lower.

Fixes #3027
2012-07-11 15:54:24 -04:00
mark_story
f528bb29ba Fix lint error. 2012-07-05 22:50:54 -04:00
Rachman Chavik
22373868bb if blackHoleCallback is set, requests _must_ get blackholed 2012-07-03 19:27:02 +07:00
Ceeram
03e2263b69 Merge branch '2.1' into 2.2 2012-06-19 18:35:36 +02:00
mark_story
f9ddc9c64c Move error disabling to the error controller. 2012-06-18 22:08:39 -04:00
mark_story
7ef83b89f5 Merge branch '2.1' into 2.2
h origin especially if it merges an updated upstream into a topic branch.
2012-06-17 20:54:59 -04:00
mark_story
fec6c1c6cb Fix security component causing black holes on error pages.
Fixes #2966
2012-06-17 20:50:00 -04:00
mark_story
19e0d8d946 Switch usage to Hash where possible. 2012-03-26 22:32:53 -04:00
Juan Basso
c754fb2dcb Updated copyright to 2012. 2012-03-12 22:46:46 -04:00
Juan Basso
3b1bd90ad6 Updated copyright to 2012. 2012-03-12 22:46:07 -04:00
mark_story
61aba0f0f8 Fix most coding standard issues in Controller. 2012-03-03 19:27:46 -05:00
euromark
22452f61f8 type hinting controllers and views 2012-02-25 19:46:06 -05:00
Majna
0cd9a93e9e Remove unused variables and statements. 2012-02-17 21:10:43 +01:00
mark_story
df5d9ac3d1 Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Model/Model.php
	lib/Cake/Test/Case/Routing/RouterTest.php
2012-01-20 20:28:15 -05:00
mark_story
ad304e0b43 Reformat long line. 2012-01-19 21:50:51 -05:00
Stefano Zoffoli
c3b806ce8c Prevent blackhole auth error where are present multi fields 2012-01-19 17:48:39 +01:00
mark_story
2e8498e166 Merge branch '2.0' into 2.1
Conflicts:
	lib/Cake/Model/Datasource/Database/Postgres.php
	lib/Cake/Test/Case/Console/TaskCollectionTest.php
	lib/Cake/Test/Case/Model/ModelIntegrationTest.php
	lib/Cake/Test/Case/Utility/ClassRegistryTest.php
	lib/Cake/Utility/ClassRegistry.php
2011-12-11 22:51:40 -05:00
Kyle Robinson Young
c836ba08a3 Add/move docblocks to make text available in the API docs 2011-12-08 07:35:02 -08:00
mark_story
545694d84b Fix undefined variable error. 2011-12-06 12:35:18 -05:00
mark_story
fc4846d676 Move overflow limits to only take effect after expiration. 2011-12-06 12:23:15 -05:00
mark_story
9296f770d5 Adding SecurityComponent::$csrfLimit
This property allows you to control the number of tokens
that will be kept active.  Its possible to make really large
CSRF collection sizes.  Capping the number of tokens allows developers
to better control session sizes.
2011-12-03 20:13:17 -05:00
mark_story
e421b3bc8f Adding SecurityComponent::generateToken()
This method allows end developers to add the csrf tokens
manually, if they aren't added automatically.

Tokens are cheap to generate, simplifying the logic
makes things a bit easier to understand.
2011-12-03 20:13:03 -05:00
Ceeram
2bb4ed01be Removing _Token from request data.
It is not used outside the component and could possibly affect Model::save().
Fixes #2256

Signed-off-by: mark_story <mark@mark-story.com>
2011-11-15 22:51:04 -05:00
ADmad
fc5a465189 Cleaning up code left over from 1.3. If no black-hole callback is specified Security::blackHole() now throws an exception. Closes #1532 2011-10-19 02:32:38 +05:30
Jose Lorenzo Rodriguez
91d0a081fb Fixing more links in doc blocks 2011-10-15 11:38:49 -04:30
Juan Basso
16ef234180 Removing trailing spaces. 2011-08-15 23:55:08 -04:00
Juan Basso
620a65b2fc Merge branch '2.0' into 2.0-api-doc
Conflicts:
	lib/Cake/Test/Case/View/Helper/CacheHelperTest.php
	lib/Cake/Utility/Debugger.php
2011-08-14 21:12:05 -04:00
mark_story
3014d3fb84 Fixing issues with CSRF token failure and requestAction.
Fixes #1900
2011-08-12 20:38:24 -04:00
mark_story
1df8de683d Fixing notice error when all csrf tokens are expired at once.
Fixes #1901
2011-08-11 23:06:18 -04:00
Juan Basso
895c10af7b Adjusted some types in @param, @return and @var. 2011-07-31 22:57:17 -04:00
Juan Basso
9bc3e567c1 Removed the @access and @static. 2011-07-30 20:56:48 -04:00
Jose Lorenzo Rodriguez
cfd2d9e00b Updating all @package annotations in doc blocks 2011-07-26 01:46:14 -04:30
mark_story
878b854be0 More updates for disabledFields -> unlockedFields. 2011-06-14 22:18:05 -04:00
mark_story
c136349919 Updating SecurityComponent to use unlocked instead of disabled. 2011-06-14 22:01:59 -04:00
mark_story
be6a2e096f Starting to update SecurityComponent. 2011-06-14 21:50:45 -04:00
Juan Basso
192812ee7f Updating the copyright to 2011. 2011-05-30 22:32:43 -04:00
mark_story
69c43a5762 Fixing issue where SecurityComponent::csrfUseOnce = false
caused forms that weren't the first to fail.
Fixes #1745
2011-05-30 21:49:18 -04:00
Renan Gonçalves
438050dcaa Adding 'public' visibility to all public methods. 2011-05-30 22:02:32 +02:00
mark_story
6289f20b83 Fixing Router::reverse() serializing all of _Token.
Removing CSRF tokens from the parameters SecurityComponent exports.
Updating tests for both Router and SecurityComponent.
Fixes #1697
2011-05-16 20:35:27 -04:00
Jose Lorenzo Rodriguez
0cd51de827 Merge remote-tracking branch 'origin/2.0' into 2.0-class-loading 2011-03-12 23:49:02 -04:30
José Lorenzo Rodríguez
4cebe55a9b Merge remote-tracking branch 'origin/2.0' into 2.0-class-loading
Conflicts:
	app/webroot/index.php
	lib/Cake/Controller/Component/AuthComponent.php
	lib/Cake/Network/CakeRequest.php
	lib/Cake/tests/cases/libs/controller/components/auth.test.php
2011-02-21 22:28:30 -04:30
José Lorenzo Rodríguez
6e4f4efb79 Merge remote branch 'origin/2.0' into 2.0-class-loading
Conflicts:
	cake/bootstrap.php
	lib/Cake/Console/Command/TestSuiteShell.php
	lib/Cake/Console/TaskCollection.php
	lib/Cake/Controller/ComponentCollection.php
	lib/Cake/Controller/Controller.php
	lib/Cake/Core/App.php
	lib/Cake/Model/BehaviorCollection.php
	lib/Cake/Network/CakeRequest.php
	lib/Cake/TestSuite/CakeTestSuiteDispatcher.php
	lib/Cake/TestSuite/CakeWebTestCase.php
	lib/Cake/TestSuite/TestManager.php
	lib/Cake/TestSuite/TestRunner.php
	lib/Cake/View/HelperCollection.php
	lib/Cake/tests/cases/libs/model/datasources/dbo/dbo_postgres.test.php
	lib/Cake/tests/cases/libs/test_manager.test.php
2011-02-13 23:10:19 -04:30
José Lorenzo Rodríguez
32e0d86976 Fixing sSecurity component tests 2011-01-28 02:02:33 -04:30
José Lorenzo Rodríguez
4c0e06c451 Merge remote branch 'origin/2.0' into 2.0-class-loading
Conflicts:
	cake/bootstrap.php
	cake/libs/view/helpers/js.php
	lib/Cake/Model/AclNode.php
	lib/Cake/Model/ConnectionManager.php
	lib/Cake/bootstrap.php
	lib/Cake/tests/cases/libs/controller/controller.test.php
2011-01-02 02:00:03 -04:30
José Lorenzo Rodríguez
827a74b734 Merge remote branch 'origin/2.0' into 2.0-class-loading 2010-12-19 23:12:37 -04:30
José Lorenzo Rodríguez
8436fd53d0 Changing initial uses of App::uses() to the new packages system 2010-12-15 01:20:02 -04:30
José Lorenzo Rodríguez
07e43bb0f8 Merge remote branch 'origin/2.0' into 2.0-class-loading
Conflicts:
	cake/libs/view/scaffolds/edit.ctp
	cake/libs/view/scaffolds/form.ctp
	cake/tests/test_app/plugins/test_plugin/views/tests/scaffold.edit.ctp
	cake/tests/test_app/plugins/test_plugin/views/tests/scaffold.form.ctp
	cake/tests/test_app/views/posts/scaffold.edit.ctp
	cake/tests/test_app/views/posts/scaffold.form.ctp
	lib/Cake/Error/ErrorHandler.php
	lib/Cake/Model/Behavior/TranslateBehavior.php
	lib/Cake/Model/Datasource/CakeSession.php
	lib/Cake/Routing/Router.php
	lib/Cake/TestSuite/TestManager.php
	lib/Cake/View/scaffolds/edit.ctp
	lib/Cake/tests/cases/console/shells/bake.test.php
	lib/Cake/tests/cases/libs/cake_log.test.php
	lib/Cake/tests/cases/libs/cake_request.test.php
	lib/Cake/tests/cases/libs/view/helpers/number.test.php
	lib/Cake/tests/test_app/plugins/test_plugin/views/tests/scaffold.edit.ctp
	lib/Cake/tests/test_app/views/posts/scaffold.edit.ctp
2010-12-15 01:13:05 -04:30
José Lorenzo Rodríguez
fbbb5c9337 Moving more clases to the new layout while trying to make controller related classes load 2010-12-04 02:45:22 -04:30
Renamed from cake/libs/controller/components/security.php (Browse further)