Commit Graph

28 Commits

Author SHA1 Message Date
58e885e35f Added the setLocation() method for Output.
Useful for redirecting the user to a different page and automatically setting the correct status header.
2023-02-14 14:55:46 +01:00
d6863d3f51 Merge pull request 'Fixed bug #3 which caused xss_clean() to fail when calling input variables from arrays.' (#5) from fix/3 into master
Reviewed-on: #5
2022-12-06 11:19:05 +00:00
22e3ec2fd0 Fixed bug #3 which caused xss_clean() to fail when calling input variables from arrays.
Closes #3.
2022-12-06 12:18:13 +01:00
d66c244931
Merge branch 'master' of ssh://gitea.i15.nl:7070/FuzeWorks/WebComponent 2022-03-15 19:24:47 +01:00
0e2eb5ef72
config.web.php already provides a prefix, so config.security should not provide one.
Can be merged later whenever necessary.

Also verifies if the protection is enabled or not.
2022-03-15 19:24:29 +01:00
3c7011eddb
config.web.php already provides a prefix, so config.security should not provide one.
Can be merged later whenever necessary.
2022-03-15 19:18:45 +01:00
cd331dc39d
Stop lowering cache permissions.
- Temporary solution until ObjectStorage is implemented here.
2021-11-30 11:33:18 +01:00
444f614c48
Updated compatibility of WebComponent.
- Now uses latest libraries of FuzeWorks.
2021-11-29 22:47:45 +01:00
af25072b24
Upgraded dependencies and upped the LICENSE. 2021-01-25 12:21:41 +01:00
d7b2c40c57
Fixed Resources being unable to serve static files when using more complicated URI's. 2020-08-02 11:12:51 +02:00
e3485fa256 Separated events into methods so they can be properly logged by Core. 2020-07-12 12:02:43 +02:00
c09d1a35d5 Fixed CSRF-null bug
A bug caused FuzeWorks instances to crash when CSRF protection was disabled.

This was fixed by allowing the method to return null as well.
2020-04-02 20:37:23 +02:00
b976dbeae3
Implemented HTTP->HTTPS redirect and fixed a bug with Output where a 500 is raised when no output is created. 2019-12-20 11:11:22 +01:00
1180445dcc
Changed output cache to include GET parameters as cache key.
This allows more dynamic pages to cache pages based on the exact request.
2019-11-16 11:41:44 +01:00
74cb630d80
Fixed bug causing a header warning.
By default, FuzeWorks\Layout doesn't redirect it's display output to FuzeWorks\Output. If this is desired behaviour the layoutDisplayEvent needs to be interrupted. This eventListener was not implemented, resulting in FuzeWorks\Layout::display output not being redirected.

This patch fixes that.
2019-11-06 00:19:33 +01:00
0ba98f8130 Merge branch 'development' into 'master'
Release 1.2.0

See merge request fuzeworks/webcomponent!2
2019-09-21 18:28:47 +00:00
ddbc787c45
Release 1.2.0 2019-09-21 20:28:03 +02:00
35df988200
Release 1.2.0-RC5 2019-09-18 00:21:03 +02:00
a04293d8b4
Fixed bug resulting in exception on every request. 2019-09-17 22:13:56 +02:00
cf8315e06b Merge branch 'holiday-branch' into 'development'
Release 1.2.0-RC4

See merge request fuzeworks/webcomponent!1
2019-08-21 17:50:54 +00:00
fd531b53e2
Released 1.2.0-RC4 2019-08-21 19:49:45 +02:00
7c77c339cf Implemented Resources.
Resources are static files which have to be served by FuzeWorks. The developer can register a directory in which static files can be found, which shall be loaded if the folder is requested.
This system should be avoided for high-performance applications. It is recommended to make special configurations in the web server in those kinds of cases.
2019-07-22 19:53:18 +02:00
612ab3abca Implemented the RouteWebRequestEvent and sessions.
- Developers can now use the RouteWebRequestEvent to cancel the loading of web requests
- FuzeWorks\Input now starts the PHP session, which is required for some dependencies
2019-07-22 11:48:45 +02:00
208d2783c7
Release 1.2.0-RC3 2019-03-05 11:23:52 +01:00
416d3895d0
Implemented changes requested by FuzeWorks\Application
- CSRF Verification is now functional again
- CSRF throws CSRFException
- XSS clean can now be disabled in the config globally. Once disabled, this can't be overridden
- X-Powered-By header is now always suppressed
- WebComponent now assigns global variables to the LayoutEngine.
- CSRF Exceptions can be handled by a view, if this one implements the securityExceptionHandler() method
- Error403 page added
2019-03-01 11:25:18 +01:00
fb733077ee
Updated minor changes. Creates version 1.2.0-RC1 2019-02-15 19:30:11 +01:00
eda14348b0
Implemented all basic features of WebComponent. Not release ready 2019-02-09 20:22:49 +01:00
e276a7ca29
Initial commit 2019-02-04 00:10:18 +01:00