Commit Graph

28 Commits

Author SHA1 Message Date
Abel Hoogeveen 58e885e35f Added the setLocation() method for Output.
Useful for redirecting the user to a different page and automatically setting the correct status header.
2023-02-14 14:55:46 +01:00
Abel Hoogeveen d6863d3f51 Merge pull request 'Fixed bug #3 which caused xss_clean() to fail when calling input variables from arrays.' (#5) from fix/3 into master
Reviewed-on: #5
2022-12-06 11:19:05 +00:00
Abel Hoogeveen 22e3ec2fd0 Fixed bug #3 which caused xss_clean() to fail when calling input variables from arrays.
Closes #3.
2022-12-06 12:18:13 +01:00
Abel Hoogeveen d66c244931
Merge branch 'master' of ssh://gitea.i15.nl:7070/FuzeWorks/WebComponent 2022-03-15 19:24:47 +01:00
Abel Hoogeveen 0e2eb5ef72
`config.web.php` already provides a prefix, so `config.security` should not provide one.
Can be merged later whenever necessary.

Also verifies if the protection is enabled or not.
2022-03-15 19:24:29 +01:00
Abel Hoogeveen 3c7011eddb
`config.web.php` already provides a prefix, so `config.security` should not provide one.
Can be merged later whenever necessary.
2022-03-15 19:18:45 +01:00
Abel Hoogeveen cd331dc39d
Stop lowering cache permissions.
- Temporary solution until ObjectStorage is implemented here.
2021-11-30 11:33:18 +01:00
Abel Hoogeveen 444f614c48
Updated compatibility of WebComponent.
- Now uses latest libraries of FuzeWorks.
2021-11-29 22:47:45 +01:00
Abel Hoogeveen af25072b24
Upgraded dependencies and upped the LICENSE. 2021-01-25 12:21:41 +01:00
Abel Hoogeveen d7b2c40c57
Fixed Resources being unable to serve static files when using more complicated URI's. 2020-08-02 11:12:51 +02:00
Abel Hoogeveen e3485fa256 Separated events into methods so they can be properly logged by Core. 2020-07-12 12:02:43 +02:00
Abel Hoogeveen c09d1a35d5 Fixed CSRF-null bug
A bug caused FuzeWorks instances to crash when CSRF protection was disabled.

This was fixed by allowing the method to return null as well.
2020-04-02 20:37:23 +02:00
Abel Hoogeveen b976dbeae3
Implemented HTTP->HTTPS redirect and fixed a bug with Output where a 500 is raised when no output is created. 2019-12-20 11:11:22 +01:00
Abel Hoogeveen 1180445dcc
Changed output cache to include GET parameters as cache key.
This allows more dynamic pages to cache pages based on the exact request.
2019-11-16 11:41:44 +01:00
Abel Hoogeveen 74cb630d80
Fixed bug causing a header warning.
By default, FuzeWorks\Layout doesn't redirect it's display output to FuzeWorks\Output. If this is desired behaviour the layoutDisplayEvent needs to be interrupted. This eventListener was not implemented, resulting in FuzeWorks\Layout::display output not being redirected.

This patch fixes that.
2019-11-06 00:19:33 +01:00
Abel Hoogeveen 0ba98f8130 Merge branch 'development' into 'master'
Release 1.2.0

See merge request fuzeworks/webcomponent!2
2019-09-21 18:28:47 +00:00
Abel Hoogeveen ddbc787c45
Release 1.2.0 2019-09-21 20:28:03 +02:00
Abel Hoogeveen 35df988200
Release 1.2.0-RC5 2019-09-18 00:21:03 +02:00
Abel Hoogeveen a04293d8b4
Fixed bug resulting in exception on every request. 2019-09-17 22:13:56 +02:00
Abel Hoogeveen cf8315e06b Merge branch 'holiday-branch' into 'development'
Release 1.2.0-RC4

See merge request fuzeworks/webcomponent!1
2019-08-21 17:50:54 +00:00
Abel Hoogeveen fd531b53e2
Released 1.2.0-RC4 2019-08-21 19:49:45 +02:00
Abel Hoogeveen 7c77c339cf Implemented Resources.
Resources are static files which have to be served by FuzeWorks. The developer can register a directory in which static files can be found, which shall be loaded if the folder is requested.
This system should be avoided for high-performance applications. It is recommended to make special configurations in the web server in those kinds of cases.
2019-07-22 19:53:18 +02:00
Abel Hoogeveen 612ab3abca Implemented the RouteWebRequestEvent and sessions.
- Developers can now use the RouteWebRequestEvent to cancel the loading of web requests
- FuzeWorks\Input now starts the PHP session, which is required for some dependencies
2019-07-22 11:48:45 +02:00
Abel Hoogeveen 208d2783c7
Release 1.2.0-RC3 2019-03-05 11:23:52 +01:00
Abel Hoogeveen 416d3895d0
Implemented changes requested by FuzeWorks\Application
- CSRF Verification is now functional again
- CSRF throws CSRFException
- XSS clean can now be disabled in the config globally. Once disabled, this can't be overridden
- X-Powered-By header is now always suppressed
- WebComponent now assigns global variables to the LayoutEngine.
- CSRF Exceptions can be handled by a view, if this one implements the securityExceptionHandler() method
- Error403 page added
2019-03-01 11:25:18 +01:00
Abel Hoogeveen fb733077ee
Updated minor changes. Creates version 1.2.0-RC1 2019-02-15 19:30:11 +01:00
Abel Hoogeveen eda14348b0
Implemented all basic features of WebComponent. Not release ready 2019-02-09 20:22:49 +01:00
Abel Hoogeveen e276a7ca29
Initial commit 2019-02-04 00:10:18 +01:00