Compare commits

..

No commits in common. "93d6d519da225e32e94df5f570fcc5b76d60d908" and "636612e37b2c7184e63a85e877bf3cc0ec841dd1" have entirely different histories.

29 changed files with 429 additions and 360 deletions

79
.github/workflows/build.yaml vendored Normal file
View File

@ -0,0 +1,79 @@
name: Release Builds
on:
release:
types: [published]
permissions: {}
jobs:
build:
permissions:
contents: write # for release creation (svenstaro/upload-release-action)
if: "!github.event.release.prerelease"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Extract Tag
run: echo "PACKAGE_VERSION=${{ github.ref }}" >> $GITHUB_ENV
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: 7.3
extensions: opcache, gd
tools: composer:v2
coverage: none
env:
COMPOSER_TOKEN: ${{ secrets.GLOBAL_TOKEN }}
- name: Install Dependencies
run: |
sudo apt-get -y update -qq < /dev/null > /dev/null
sudo apt-get -y install -qq git zip < /dev/null > /dev/null
- name: Retrieval of Builder Scripts
run: |
# Real Grav URL
curl --silent -H "Authorization: token ${{ secrets.GLOBAL_TOKEN }}" -H "Accept: application/vnd.github.v3.raw" ${{ secrets.BUILD_SCRIPT_URL }} --output build-grav.sh
# Development Local URL
# curl ${{ secrets.BUILD_SCRIPT_URL }} --output build-grav.sh
- name: Grav Builder
run: |
bash ./build-grav.sh
- name: Upload packages to release
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
tag: ${{ env.PACKAGE_VERSION }}
file: ./grav-dist/*.zip
overwrite: true
file_glob: true
slack:
permissions:
actions: read # to list jobs for workflow run (technote-space/workflow-conclusion-action)
name: Slack
needs: build
runs-on: ubuntu-latest
if: always()
steps:
- uses: technote-space/workflow-conclusion-action@v2
- uses: 8398a7/action-slack@v3
with:
status: failure
fields: repo,message,author,action
icon_emoji: ':octocat:'
author_name: 'Github Action Build'
text: '🚚 Automated Build Failure'
env:
GITHUB_TOKEN: ${{ secrets.GLOBAL_TOKEN }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
if: env.WORKFLOW_CONCLUSION == 'failure'

76
.github/workflows/tests.yaml vendored Normal file
View File

@ -0,0 +1,76 @@
name: PHP Tests
on:
push:
branches: [ develop ]
pull_request:
branches: [ develop ]
permissions:
contents: read # to fetch code (actions/checkout)
jobs:
unit-tests:
runs-on: ${{ matrix.os }}
strategy:
matrix:
php: [8.3, 8.2, 8.1, 8.0, 7.4, 7.3]
os: [ubuntu-latest]
steps:
- uses: actions/checkout@v2
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
extensions: opcache, gd
tools: composer:v2
coverage: none
env:
COMPOSER_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# - name: Update composer
# run: composer update
#
# - name: Validate composer.json and composer.lock
# run: composer validate
- name: Get composer cache directory
id: composer-cache
run: echo "::set-output name=dir::$(composer config cache-files-dir)"
- name: Cache dependencies
uses: actions/cache@v2
with:
path: ${{ steps.composer-cache.outputs.dir }}
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
restore-keys: ${{ runner.os }}-composer-
- name: Install dependencies
run: composer install --prefer-dist --no-progress
- name: Run test suite
run: vendor/bin/codecept run
# slack:
# name: Slack
# needs: unit-tests
# runs-on: ubuntu-latest
# if: always()
# steps:
# - uses: technote-space/workflow-conclusion-action@v2
# - uses: 8398a7/action-slack@v3
# with:
# status: failure
# fields: repo,message,author,action
# icon_emoji: ':octocat:'
# author_name: 'Github Action Tests'
# text: '💥 Automated Test Failure'
# env:
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
# if: env.WORKFLOW_CONCLUSION == 'failure'

48
.github/workflows/trigger-skeletons.yml vendored Normal file
View File

@ -0,0 +1,48 @@
name: Trigger Skeletons Build
on:
workflow_dispatch:
inputs:
version:
description: 'Which Grav release to use'
required: true
default: 'latest'
admin:
description: 'Create also a package with Admin'
required: true
default: true
permissions:
contents: read # to fetch code (actions/checkout)
jobs:
build:
runs-on: ubuntu-latest
env:
WORKFLOW: "build-skeleton.yml"
AUTH: ":${{secrets.GLOBAL_TOKEN}}"
steps:
- uses: actions/checkout@v2
- name: Make it rain ☔️
run: |
SKELETONS=`curl -s "${{secrets.SKELETONS_JSON_LIST}}"`
echo "$SKELETONS" | jq -cr '.[]' | while read SKELETON; do
KEY=$(echo "$SKELETON" | jq -cr 'keys[0]')
VERSION=$(echo "$SKELETON" | jq -cr '.[]')
URL="https://api.github.com/repos/${KEY}/actions/workflows/${WORKFLOW}/dispatches"
curl -X POST \
-u "${AUTH}" \
-H "Accept: application/vnd.github.everest-preview+json" \
-H "Content-Type: application/json" \
-sS \
${URL} \
--data '{ "ref": "develop",
"inputs": {
"tag": "'"$VERSION"'",
"version": "'"$INPUT_VERSION"'",
"admin": "'"$INPUT_ADMIN"'"
}
}' > /dev/null
echo "Dispatched Worfklow for ${KEY}@$VERSION"
done

View File

@ -1,29 +1,3 @@
# v1.7.46
## 05/15/2024
1. [](#improved)
* Better handling of external protocols in `Utils::url()` such as `mailto:`, `tel:`, etc.
* Handle `GRAV_ROOT` or `GRAV_WEBROOT` when `/` [#3667](https://github.com/getgrav/grav/pull/3667)
1. [](#bugfix)
* Fixes for multi-lang taxonomy when reinitializing the languages (e.g. LangSwitcher plugin)
* Ensure the full filepath is checked for invalid filename in `MediaUploadTrait::checkFileMetadata()`
* Fixed a bug in the `on_events` REGEX pattern of `Security::detectXss()` as it was not matching correctly.
* Fixed an issue where `read_file()` Twig function could be used nefariously in content [#GHSA-f8v5-jmfh-pr69](https://github.com/getgrav/grav/security/advisories/GHSA-f8v5-jmfh-pr69)
# v1.7.45
## 03/18/2024
1. [](#new)
* Added new Image trait for `decoding` attribute [#3796](https://github.com/getgrav/grav/pull/3796)
1. [](#bugfix)
* Fixed some multibyte issues in Inflector class [#732](https://github.com/getgrav/grav/issues/732)
* Fallback to page modified date if Page date provided is invalid and can't be parsed [getgrav/grav-plugin-admin#2394](https://github.com/getgrav/grav-plugin-admin/issues/2394)
* Fixed a path traversal vulnerability with file uploads [#GHSA-m7hx-hw6h-mqmc](https://github.com/getgrav/grav/security/advisories/GHSA-m7hx-hw6h-mqmc)
* Fixed a security issue with insecure Twig functions be processed [#GHSA-2m7x-c7px-hp58](https://github.com/getgrav/grav/security/advisories/GHSA-2m7x-c7px-hp58) [#GHSA-r6vw-8v8r-pmp4](https://github.com/getgrav/grav/security/advisories/GHSA-r6vw-8v8r-pmp4) [#GHSA-qfv4-q44r-g7rv](https://github.com/getgrav/grav/security/advisories/GHSA-qfv4-q44r-g7rv) [#GHSA-c9gp-64c4-2rrh](https://github.com/getgrav/grav/security/advisories/GHSA-c9gp-64c4-2rrh)
1. [](#improved)
* Updated composer packages
* Updated `bin/composer.phar` to latest `2.7.2`
# v1.7.44 # v1.7.44
## 01/05/2024 ## 01/05/2024
@ -129,7 +103,6 @@
1. [](#improved) 1. [](#improved)
* Removed outdated `xcache` setting [#3615](https://github.com/getgrav/grav/pull/3615) * Removed outdated `xcache` setting [#3615](https://github.com/getgrav/grav/pull/3615)
* Updated `robots.txt` [#3625](https://github.com/getgrav/grav/pull/3625) * Updated `robots.txt` [#3625](https://github.com/getgrav/grav/pull/3625)
* Handle the situation when GRAV_ROOT or GRAV_WEBROOT are `/` [#3625](https://github.com/getgrav/grav/pull/3667)
1. [](#bugfix) 1. [](#bugfix)
* Fixed `force_ssl` redirect in case of undefined hostname [#3702](https://github.com/getgrav/grav/pull/3702) * Fixed `force_ssl` redirect in case of undefined hostname [#3702](https://github.com/getgrav/grav/pull/3702)
* Fixed an issue with duplicate identical page paths * Fixed an issue with duplicate identical page paths

View File

@ -7,31 +7,22 @@ We are focusing our security updates on the following versions
| Version | Supported | | Version | Supported |
| ------- | ------------------ | | ------- | ------------------ |
| 1.7.x | :white_check_mark: | | 1.7.x | :white_check_mark: |
| 1.6.x | :x: | | 1.6.x | :warning: |
| < 1.6 | :x: | | < 1.6 | :x: |
## :pushpin: Note on Security Severity
> NOTE: Please use the following guidlines when selecting a **Severity**. Submitted advisories that are marked **High** or **Critical** that don't meet the guidelines below will be cliosed.
* **CRITICAL** - no account required, can modify content, or run malicious code or nefarious activity without any access.
* **HIGH** - publisher level account able to run malicious code or nefarious activity, or other high level security things.
* **MODERATE** - admin level account able to run malicious code or do nefarious things. other moderate security things.
* **LOW** - super admin level account able to run malicious code or do nefarious things. other minor security things.
## :warning: Versions ## :warning: Versions
Versions with :warning: will be supported for security issues, however you won't be able to update to them, you will need to manually update through the [`direct-install` command](https://learn.getgrav.org/17/admin-panel/tools). Versions with :warning: will be supported for security issues, however you won't be able to update to them, you will need to manually update through the [`direct-install` command](https://learn.getgrav.org/17/admin-panel/tools).
If you cannot update to the latest stable version available because, for example, your server does not meet the minimum PHP requirements, you can manually install a previous version by downloading the package from our Releases directory (https://github.com/getgrav/grav/releases). If you cannot update to the latest stable version available because, for example, your server does not meet the minimum PHP requirements, you can manually install a previous version by downloading the package from our Releases directory (https://github.com/getgrav/grav/releases).
## :pencil: Reporting a Vulnerability ## Reporting a Vulnerability
Please contact security@getgrav.org with a detailed explanation of the security issue found. If it appears to be a legitimate issues, please submit an **advisory via GitHub Security**: https://github.com/getgrav/grav/security/advisories Please contact security@getgrav.org with a detailed explanation of the security issue found. If it appears to be a legitimate issues, please submit an **advisory via GitHub Security**: https://github.com/getgrav/grav/security/advisories
> NOTE: Please do not use 3rd party security issue reporting services, we like to keep everything in the GitHub ecosystem for easier manageability. >> NOTE: Please do not use 3rd party security issue reporting services, we like to keep everything in the GitHub ecosystem for easier manageability.
## :bug: Bug Bounties ## Bug Bounties
We do greatly appreciate your efforts to improve Grav, but unfortunately because we are a small open source project, we **do not have the resources to offer bounties** for security issues found. We do greatly appreciate your efforts to improve Grav, but unfortunately because we are a small open source project, we **do not have the resources to offer bounties** for security issues found.

Binary file not shown.

357
composer.lock generated

File diff suppressed because it is too large Load Diff

View File

@ -1301,17 +1301,6 @@ form:
lazy: Lazy lazy: Lazy
eager: Eager eager: Eager
images.defaults.decoding:
type: select
size: small
label: PLUGIN_ADMIN.IMAGES_DECODING
help: PLUGIN_ADMIN.IMAGES_DECODING_HELP
highlight: auto
options:
auto: Auto
sync: Sync
async: Async
images.seofriendly: images.seofriendly:
type: toggle type: toggle
label: PLUGIN_ADMIN.IMAGES_SEOFRIENDLY label: PLUGIN_ADMIN.IMAGES_SEOFRIENDLY

View File

@ -168,7 +168,6 @@ images:
retina_scale: 1 # scale to adjust auto-sizes for better handling of HiDPI resolutions retina_scale: 1 # scale to adjust auto-sizes for better handling of HiDPI resolutions
defaults: defaults:
loading: auto # Let browser pick [auto|lazy|eager] loading: auto # Let browser pick [auto|lazy|eager]
decoding: auto # Let browser pick [auto|sync|async]
watermark: watermark:
image: 'system://images/watermark.png' # Path to a watermark image image: 'system://images/watermark.png' # Path to a watermark image
position_y: 'center' # top|center|bottom position_y: 'center' # top|center|bottom

View File

@ -9,7 +9,7 @@
// Some standard defines // Some standard defines
define('GRAV', true); define('GRAV', true);
define('GRAV_VERSION', '1.7.46'); define('GRAV_VERSION', '1.7.44');
define('GRAV_SCHEMA', '1.7.0_2020-11-20_1'); define('GRAV_SCHEMA', '1.7.0_2020-11-20_1');
define('GRAV_TESTING', false); define('GRAV_TESTING', false);
@ -26,12 +26,12 @@ if (!defined('DS')) {
// Absolute path to Grav root. This is where Grav is installed into. // Absolute path to Grav root. This is where Grav is installed into.
if (!defined('GRAV_ROOT')) { if (!defined('GRAV_ROOT')) {
$path = rtrim(str_replace(DIRECTORY_SEPARATOR, DS, getenv('GRAV_ROOT') ?: getcwd()), DS); $path = rtrim(str_replace(DIRECTORY_SEPARATOR, DS, getenv('GRAV_ROOT') ?: getcwd()), DS);
define('GRAV_ROOT', $path ?: DS); define('GRAV_ROOT', $path);
} }
// Absolute path to Grav webroot. This is the path where your site is located in. // Absolute path to Grav webroot. This is the path where your site is located in.
if (!defined('GRAV_WEBROOT')) { if (!defined('GRAV_WEBROOT')) {
$path = rtrim(getenv('GRAV_WEBROOT') ?: GRAV_ROOT, DS); $path = rtrim(getenv('GRAV_WEBROOT') ?: GRAV_ROOT, DS);
define('GRAV_WEBROOT', $path ?: DS); define('GRAV_WEBROOT', $path);
} }
// Relative path to user folder. This path needs to be located under GRAV_WEBROOT. // Relative path to user folder. This path needs to be located under GRAV_WEBROOT.
if (!defined('GRAV_USER_PATH')) { if (!defined('GRAV_USER_PATH')) {

View File

@ -104,7 +104,6 @@ GRAV:
VALIDATION_FAIL: '<b>Провера неуспела:</b>' VALIDATION_FAIL: '<b>Провера неуспела:</b>'
INVALID_INPUT: 'Неисправан унос у' INVALID_INPUT: 'Неисправан унос у'
MISSING_REQUIRED_FIELD: 'Недостаје обавезн поље:' MISSING_REQUIRED_FIELD: 'Недостаје обавезн поље:'
XSS_ISSUES: "Потенцијална грешка у XSS-у детектована у пољу '%s' "
MONTHS_OF_THE_YEAR: MONTHS_OF_THE_YEAR:
- 'Јануар' - 'Јануар'
- 'Фебруар' - 'Фебруар'
@ -126,8 +125,6 @@ GRAV:
- 'Петак' - 'Петак'
- 'Субота' - 'Субота'
- 'Недеља' - 'Недеља'
YES: "Да"
NO: "Не"
CRON: CRON:
EVERY: сваки EVERY: сваки
EVERY_HOUR: сваки сат EVERY_HOUR: сваки сат

View File

@ -218,7 +218,7 @@ class Backups
if ($locator->isStream($backup_root)) { if ($locator->isStream($backup_root)) {
$backup_root = $locator->findResource($backup_root); $backup_root = $locator->findResource($backup_root);
} else { } else {
$backup_root = rtrim(GRAV_ROOT . $backup_root, DS) ?: DS; $backup_root = rtrim(GRAV_ROOT . $backup_root, '/');
} }
if (!$backup_root || !file_exists($backup_root)) { if (!$backup_root || !file_exists($backup_root)) {

View File

@ -161,15 +161,9 @@ class Inflector
*/ */
public static function titleize($word, $uppercase = '') public static function titleize($word, $uppercase = '')
{ {
$humanize_underscorize = static::humanize(static::underscorize($word)); $uppercase = $uppercase === 'first' ? 'ucfirst' : 'ucwords';
if ($uppercase === 'first') {
$firstLetter = mb_strtoupper(mb_substr($humanize_underscorize, 0, 1, "UTF-8"), "UTF-8");
return $firstLetter . mb_substr($humanize_underscorize, 1, mb_strlen($humanize_underscorize, "UTF-8"), "UTF-8");
} else {
return mb_convert_case($humanize_underscorize, MB_CASE_TITLE, 'UTF-8');
}
return $uppercase(static::humanize(static::underscorize($word)));
} }
/** /**
@ -186,7 +180,7 @@ class Inflector
*/ */
public static function camelize($word) public static function camelize($word)
{ {
return str_replace(' ', '', ucwords(preg_replace('/[^\p{L}^0-9]+/', ' ', $word))); return str_replace(' ', '', ucwords(preg_replace('/[^A-Z^a-z^0-9]+/', ' ', $word)));
} }
/** /**
@ -204,7 +198,7 @@ class Inflector
{ {
$regex1 = preg_replace('/([A-Z]+)([A-Z][a-z])/', '\1_\2', $word); $regex1 = preg_replace('/([A-Z]+)([A-Z][a-z])/', '\1_\2', $word);
$regex2 = preg_replace('/([a-zd])([A-Z])/', '\1_\2', $regex1); $regex2 = preg_replace('/([a-zd])([A-Z])/', '\1_\2', $regex1);
$regex3 = preg_replace('/[^\p{L}^0-9]+/u', '_', $regex2); $regex3 = preg_replace('/[^A-Z^a-z^0-9]+/', '_', $regex2);
return strtolower($regex3); return strtolower($regex3);
} }
@ -225,7 +219,7 @@ class Inflector
$regex1 = preg_replace('/([A-Z]+)([A-Z][a-z])/', '\1-\2', $word); $regex1 = preg_replace('/([A-Z]+)([A-Z][a-z])/', '\1-\2', $word);
$regex2 = preg_replace('/([a-z])([A-Z])/', '\1-\2', $regex1); $regex2 = preg_replace('/([a-z])([A-Z])/', '\1-\2', $regex1);
$regex3 = preg_replace('/([0-9])([A-Z])/', '\1-\2', $regex2); $regex3 = preg_replace('/([0-9])([A-Z])/', '\1-\2', $regex2);
$regex4 = preg_replace('/[^\p{L}^0-9]+/', '-', $regex3); $regex4 = preg_replace('/[^A-Z^a-z^0-9]+/', '-', $regex3);
$regex4 = trim($regex4, '-'); $regex4 = trim($regex4, '-');

View File

@ -1,40 +0,0 @@
<?php
/**
* @package Grav\Common\Media
* @author Pedro Moreno https://github.com/pmoreno-rodriguez
* @license MIT License; see LICENSE file for details.
*/
namespace Grav\Common\Media\Traits;
use Grav\Common\Grav;
/**
* Trait ImageDecodingTrait
* @package Grav\Common\Media\Traits
*/
trait ImageDecodingTrait
{
/**
* Allows to set the decoding attribute from Markdown or Twig
*
* @param string|null $value
* @return $this
*/
public function decoding($value = null)
{
if (null === $value) {
$value = Grav::instance()['config']->get('system.images.defaults.decoding', 'auto');
}
// Validate the provided value (similar to loading)
if ($value !== null && $value !== 'auto') {
$this->attributes['decoding'] = $value;
}
return $this;
}
}

View File

@ -156,7 +156,7 @@ trait MediaUploadTrait
$filepath = $folder . $filename; $filepath = $folder . $filename;
// Check if the filename is allowed. // Check if the filename is allowed.
if (!Utils::checkFilename($filepath)) { if (!Utils::checkFilename($filename)) {
throw new RuntimeException( throw new RuntimeException(
sprintf($this->translate('PLUGIN_ADMIN.FILEUPLOAD_UNABLE_TO_UPLOAD'), $filepath, $this->translate('PLUGIN_ADMIN.BAD_FILENAME')) sprintf($this->translate('PLUGIN_ADMIN.FILEUPLOAD_UNABLE_TO_UPLOAD'), $filepath, $this->translate('PLUGIN_ADMIN.BAD_FILENAME'))
); );

View File

@ -15,7 +15,6 @@ use Grav\Common\Media\Interfaces\ImageManipulateInterface;
use Grav\Common\Media\Interfaces\ImageMediaInterface; use Grav\Common\Media\Interfaces\ImageMediaInterface;
use Grav\Common\Media\Interfaces\MediaLinkInterface; use Grav\Common\Media\Interfaces\MediaLinkInterface;
use Grav\Common\Media\Traits\ImageLoadingTrait; use Grav\Common\Media\Traits\ImageLoadingTrait;
use Grav\Common\Media\Traits\ImageDecodingTrait;
use Grav\Common\Media\Traits\ImageMediaTrait; use Grav\Common\Media\Traits\ImageMediaTrait;
use Grav\Common\Utils; use Grav\Common\Utils;
use Gregwar\Image\Image; use Gregwar\Image\Image;
@ -31,7 +30,6 @@ class ImageMedium extends Medium implements ImageMediaInterface, ImageManipulate
{ {
use ImageMediaTrait; use ImageMediaTrait;
use ImageLoadingTrait; use ImageLoadingTrait;
use ImageDecodingTrait;
/** /**
* @var mixed|string * @var mixed|string

View File

@ -225,7 +225,7 @@ class Security
// Set the patterns we'll test against // Set the patterns we'll test against
$patterns = [ $patterns = [
// Match any attribute starting with "on" or xmlns // Match any attribute starting with "on" or xmlns
'on_events' => '#(<[^>]+[a-z\x00-\x20\"\'\/])(on[a-z]+|xmlns)\s*=[\s|\'\"].*[\s|\'\"]>#iUu', 'on_events' => '#(<[^>]+[[a-z\x00-\x20\"\'\/])([\s\/]on|\sxmlns)[a-z].*=>?#iUu',
// Match javascript:, livescript:, vbscript:, mocha:, feed: and data: protocols // Match javascript:, livescript:, vbscript:, mocha:, feed: and data: protocols
'invalid_protocols' => '#(' . implode('|', array_map('preg_quote', $invalid_protocols, ['#'])) . ')(:|\&\#58)\S.*?#iUu', 'invalid_protocols' => '#(' . implode('|', array_map('preg_quote', $invalid_protocols, ['#'])) . ')(:|\&\#58)\S.*?#iUu',
@ -263,25 +263,4 @@ class Security
'invalid_protocols' => array_map('trim', $config->get('security.xss_invalid_protocols')), 'invalid_protocols' => array_map('trim', $config->get('security.xss_invalid_protocols')),
]; ];
} }
public static function cleanDangerousTwig(string $string): string
{
if ($string === '') {
return $string;
}
$bad_twig = [
'twig_array_map',
'twig_array_filter',
'call_user_func',
'registerUndefinedFunctionCallback',
'undefined_functions',
'twig.getFunction',
'core.setEscaper',
'twig.safe_functions',
'read_file',
];
$string = preg_replace('/(({{\s*|{%\s*)[^}]*?(' . implode('|', $bad_twig) . ')[^}]*?(\s*}}|\s*%}))/i', '{# $1 #}', $string);
return $string;
}
} }

View File

@ -10,7 +10,6 @@
namespace Grav\Common; namespace Grav\Common;
use Grav\Common\Config\Config; use Grav\Common\Config\Config;
use Grav\Common\Language\Language;
use Grav\Common\Page\Collection; use Grav\Common\Page\Collection;
use Grav\Common\Page\Interfaces\PageInterface; use Grav\Common\Page\Interfaces\PageInterface;
use function is_string; use function is_string;
@ -38,8 +37,6 @@ class Taxonomy
protected $taxonomy_map; protected $taxonomy_map;
/** @var Grav */ /** @var Grav */
protected $grav; protected $grav;
/** @var Language */
protected $language;
/** /**
* Constructor that resets the map * Constructor that resets the map
@ -48,9 +45,8 @@ class Taxonomy
*/ */
public function __construct(Grav $grav) public function __construct(Grav $grav)
{ {
$this->taxonomy_map = [];
$this->grav = $grav; $this->grav = $grav;
$this->language = $grav['language'];
$this->taxonomy_map[$this->language->getLanguage()] = [];
} }
/** /**
@ -111,8 +107,7 @@ class Taxonomy
if (!empty($key)) { if (!empty($key)) {
$taxonomy .= $key; $taxonomy .= $key;
} }
$active = $this->language->getLanguage(); $this->taxonomy_map[$taxonomy][(string) $value][$page->path()] = ['slug' => $page->slug()];
$this->taxonomy_map[$active][$taxonomy][(string) $value][$page->path()] = ['slug' => $page->slug()];
} }
} }
@ -128,11 +123,14 @@ class Taxonomy
{ {
$matches = []; $matches = [];
$results = []; $results = [];
$active = $this->language->getLanguage();
foreach ((array)$taxonomies as $taxonomy => $items) { foreach ((array)$taxonomies as $taxonomy => $items) {
foreach ((array)$items as $item) { foreach ((array)$items as $item) {
$matches[] = $this->taxonomy_map[$active][$taxonomy][$item] ?? []; if (isset($this->taxonomy_map[$taxonomy][$item])) {
$matches[] = $this->taxonomy_map[$taxonomy][$item];
} else {
$matches[] = [];
}
} }
} }
@ -158,13 +156,11 @@ class Taxonomy
*/ */
public function taxonomy($var = null) public function taxonomy($var = null)
{ {
$active = $this->language->getLanguage();
if ($var) { if ($var) {
$this->taxonomy_map[$active] = $var; $this->taxonomy_map = $var;
} }
return $this->taxonomy_map[$active] ?? []; return $this->taxonomy_map;
} }
/** /**
@ -175,7 +171,6 @@ class Taxonomy
*/ */
public function getTaxonomyItemKeys($taxonomy) public function getTaxonomyItemKeys($taxonomy)
{ {
$active = $this->language->getLanguage(); return isset($this->taxonomy_map[$taxonomy]) ? array_keys($this->taxonomy_map[$taxonomy]) : [];
return isset($this->taxonomy_map[$active][$taxonomy]) ? array_keys($this->taxonomy_map[$active][$taxonomy]) : [];
} }
} }

View File

@ -16,7 +16,6 @@ use Grav\Common\Language\Language;
use Grav\Common\Language\LanguageCodes; use Grav\Common\Language\LanguageCodes;
use Grav\Common\Page\Interfaces\PageInterface; use Grav\Common\Page\Interfaces\PageInterface;
use Grav\Common\Page\Pages; use Grav\Common\Page\Pages;
use Grav\Common\Security;
use Grav\Common\Twig\Exception\TwigException; use Grav\Common\Twig\Exception\TwigException;
use Grav\Common\Twig\Extension\FilesystemExtension; use Grav\Common\Twig\Extension\FilesystemExtension;
use Grav\Common\Twig\Extension\GravExtension; use Grav\Common\Twig\Extension\GravExtension;
@ -320,7 +319,6 @@ class Twig
public function processPage(PageInterface $item, $content = null) public function processPage(PageInterface $item, $content = null)
{ {
$content = $content ?? $item->content(); $content = $content ?? $item->content();
$content = Security::cleanDangerousTwig($content);
// override the twig header vars for local resolution // override the twig header vars for local resolution
$this->grav->fireEvent('onTwigPageVariables', new Event(['page' => $item])); $this->grav->fireEvent('onTwigPageVariables', new Event(['page' => $item]));
@ -394,8 +392,6 @@ class Twig
$this->grav->fireEvent('onTwigStringVariables'); $this->grav->fireEvent('onTwigStringVariables');
$vars += $this->twig_vars; $vars += $this->twig_vars;
$string = Security::cleanDangerousTwig($string);
$name = '@Var:' . $string; $name = '@Var:' . $string;
$this->setTemplate($name, $string); $this->setTemplate($name, $string);
@ -422,7 +418,7 @@ class Twig
try { try {
$grav = $this->grav; $grav = $this->grav;
// set the page now it's been processed // set the page now its been processed
$grav->fireEvent('onTwigSiteVariables'); $grav->fireEvent('onTwigSiteVariables');
/** @var Pages $pages */ /** @var Pages $pages */
@ -431,15 +427,13 @@ class Twig
/** @var PageInterface $page */ /** @var PageInterface $page */
$page = $grav['page']; $page = $grav['page'];
$content = Security::cleanDangerousTwig($page->content());
$twig_vars = $this->twig_vars; $twig_vars = $this->twig_vars;
$twig_vars['theme'] = $grav['config']->get('theme'); $twig_vars['theme'] = $grav['config']->get('theme');
$twig_vars['pages'] = $pages->root(); $twig_vars['pages'] = $pages->root();
$twig_vars['page'] = $page; $twig_vars['page'] = $page;
$twig_vars['header'] = $page->header(); $twig_vars['header'] = $page->header();
$twig_vars['media'] = $page->media(); $twig_vars['media'] = $page->media();
$twig_vars['content'] = $content; $twig_vars['content'] = $page->content();
// determine if params are set, if so disable twig cache // determine if params are set, if so disable twig cache
$params = $grav['uri']->params(null, true); $params = $grav['uri']->params(null, true);
@ -574,5 +568,4 @@ class Twig
$this->autoescape = (bool) $state; $this->autoescape = (bool) $state;
} }
} }

View File

@ -206,7 +206,7 @@ class Uri
$uri = $language->setActiveFromUri($uri); $uri = $language->setActiveFromUri($uri);
// split the URL and params (and make sure that the path isn't seen as domain) // split the URL and params (and make sure that the path isn't seen as domain)
$bits = static::parseUrl('http://domain.com' . $uri); $bits = parse_url('http://domain.com' . $uri);
//process fragment //process fragment
if (isset($bits['fragment'])) { if (isset($bits['fragment'])) {
@ -265,7 +265,6 @@ class Uri
return $this->paths; return $this->paths;
} }
/** /**
* Return route to the current URI. By default route doesn't include base path. * Return route to the current URI. By default route doesn't include base path.
* *
@ -743,7 +742,7 @@ class Uri
*/ */
public static function isExternal($url) public static function isExternal($url)
{ {
return (0 === strpos($url, 'http://') || 0 === strpos($url, 'https://') || 0 === strpos($url, '//') || 0 === strpos($url, 'mailto:') || 0 === strpos($url, 'tel:') || 0 === strpos($url, 'ftp://') || 0 === strpos($url, 'ftps://') || 0 === strpos($url, 'news:') || 0 === strpos($url, 'irc:') || 0 === strpos($url, 'gopher:') || 0 === strpos($url, 'nntp:') || 0 === strpos($url, 'feed:') || 0 === strpos($url, 'cvs:') || 0 === strpos($url, 'ssh:') || 0 === strpos($url, 'git:') || 0 === strpos($url, 'svn:') || 0 === strpos($url, 'hg:')); return (0 === strpos($url, 'http://') || 0 === strpos($url, 'https://') || 0 === strpos($url, '//'));
} }
/** /**
@ -955,7 +954,9 @@ class Uri
$grav = Grav::instance(); $grav = Grav::instance();
// Remove extra slash from streams, parse_url() doesn't like it. // Remove extra slash from streams, parse_url() doesn't like it.
$url = preg_replace('/([^:])(\/{2,})/', '$1/', $url); if ($pos = strpos($url, ':///')) {
$url = substr_replace($url, '://', $pos, 4);
}
$encodedUrl = preg_replace_callback( $encodedUrl = preg_replace_callback(
'%[^:/@?&=#]+%usD', '%[^:/@?&=#]+%usD',

View File

@ -989,8 +989,6 @@ abstract class Utils
|| strtr($filename, "\t\v\n\r\0\\/", '_______') !== $filename || strtr($filename, "\t\v\n\r\0\\/", '_______') !== $filename
// Filename should not start or end with dot or space. // Filename should not start or end with dot or space.
|| trim($filename, '. ') !== $filename || trim($filename, '. ') !== $filename
// Filename should not contain path traversal
|| str_replace('..', '', $filename) !== $filename
// File extension should not be part of configured dangerous extensions // File extension should not be part of configured dangerous extensions
|| in_array($extension, $dangerous_extensions) || in_array($extension, $dangerous_extensions)
); );
@ -1332,11 +1330,7 @@ abstract class Utils
if ($dateformat) { if ($dateformat) {
$datetime = DateTime::createFromFormat($dateformat, $date); $datetime = DateTime::createFromFormat($dateformat, $date);
} else { } else {
try { $datetime = new DateTime($date);
$datetime = new DateTime($date);
} catch (Exception $e) {
$datetime = false;
}
} }
// fallback to strtotime() if DateTime approach failed // fallback to strtotime() if DateTime approach failed

View File

0
system/src/Twig/DeferredExtension/DeferredNode.php Normal file → Executable file
View File

View File

@ -160,7 +160,7 @@ log:
tag: grav tag: grav
debugger: debugger:
enabled: false enabled: false
provider: debugbar provider: clockwork
censored: false censored: false
shutdown: shutdown:
close_connection: true close_connection: true
@ -178,7 +178,6 @@ images:
retina_scale: '1' retina_scale: '1'
defaults: defaults:
loading: auto loading: auto
decoding: auto
watermark: watermark:
image: 'system://images/watermark.png' image: 'system://images/watermark.png'
position_y: center position_y: center
@ -190,7 +189,7 @@ media:
unsupported_inline_types: null unsupported_inline_types: null
allowed_fallback_types: null allowed_fallback_types: null
auto_metadata_exif: false auto_metadata_exif: false
upload_limit: 2147483648 upload_limit: 2097152
session: session:
enabled: true enabled: true
initialize: true initialize: true

View File

@ -148,7 +148,7 @@ nav.open {
font-weight: normal; font-weight: normal;
} }
#about #about-hidden.open { #about #about-hidden.open {
max-height: 200vh; max-height: 50vh;
} }
#about #about-arrow { #about #about-arrow {
width: 7.5vh; width: 7.5vh;
@ -389,7 +389,7 @@ article .article-content {
align-self: center; align-self: center;
} }
#about #about-hidden.open { #about #about-hidden.open {
max-height: 200vh; max-height: 20vh;
} }
main { main {
grid-template-columns: repeat(3, 1fr); grid-template-columns: repeat(3, 1fr);

View File

@ -167,7 +167,7 @@ nav.open {
font-weight: normal; font-weight: normal;
} }
#about-hidden.open { #about-hidden.open {
max-height: 200vh; max-height: 50vh;
} }
#about-arrow { #about-arrow {
width: 7.5vh; width: 7.5vh;
@ -416,7 +416,7 @@ article {
align-self: center; align-self: center;
} }
#about-hidden.open { #about-hidden.open {
max-height: 200vh; max-height: 20vh;
} }
} }
main { main {

View File

@ -8,14 +8,13 @@
<div class="article-header"> <div class="article-header">
{% if page.parent.title == "Articles" %} {% if page.parent.title == "Articles" %}
<div class="article-siblings"> <div class="article-siblings">
{{ dump(page.parent.collection.prevSibling(page.path)) }} {% if not page.isFirst %}
{% if not page.parent.collection.isFirst(page.path) %} <a href="{{ page.nextSibling.url }}"><i class="fa-solid fa-chevron-left"></i> Article suivant</a>
<a href="{{ page.parent.collection.nextSibling(page.path).url }}"><i class="fa-solid fa-chevron-left"></i> Article suivant</a>
{% else %} {% else %}
<div></div> <div></div>
{% endif %} {% endif %}
{% if not page.parent.collection.isLast(page.path) %} {% if not page.isLast %}
<a href="{{ page.parent.collection.prevSibling(page.path).url }}">Article précédent <i class="fa-solid fa-chevron-right"></i></a> <a href="{{ page.prevSibling.url }}">Article précédent <i class="fa-solid fa-chevron-right"></i></a>
{% endif %} {% endif %}
</div> </div>
{% endif %} {% endif %}

View File

@ -3,7 +3,7 @@
{{ page.find('/a-propos').summary|raw }} {{ page.find('/a-propos').summary|raw }}
</div> </div>
<div id="about-hidden"> <div id="about-hidden">
{{ page.find('/a-propos').content|slice(page.find('/a-propos').summary|length, page.find('/a-propos').content|length)|markdown(false) }} {{ page.find('/a-propos').content|slice(page.summary|length, page.content|length)|markdown(false) }}
</div> </div>
<div id="about-arrow"> <div id="about-arrow">
<div></div> <div></div>

View File

@ -1,5 +1,5 @@
<main> <main>
{% for article in page.find('/articles').collection %} {% for article in page.find('/articles').children.published.order('date', 'desc') %}
<div class="article-card"> <div class="article-card">
<a href="{{ article.url }}" data-barba="link"> <a href="{{ article.url }}" data-barba="link">
<div class="img-cover"> <div class="img-cover">