Various bug fixes and a security fix for encrypted cookies in Laravel
UX/UI Improvements
- Added new Paragraph Formats option to the Editor Settings page, which allows you to control the available tags in the Paragraph Formats button.
API Changes
- The
Encryptable
trait now encrypts "empty" values correctly, such as the number zero and an empty string. The only value that is left unencrypted is anull
value. - Fixed docblocks in the
October\Rain\Network\Http
class that referred to the$options
property as anarray
instead of thecallable
that is actually used
Bug Fixes
- Unit tests involving authentication are now namespaced to
backend.auth
, to prevent conflicts with other authentication libraries. - Fixed "use statement with non-compound names has no effect" when attempting to import classes already in the root namespace (like facades) in the CMS PHP code section.
- Fixed a bug where the text entry of a
taglist
field would remain after the tag has been created. - Resolved an issue where PHP
max_input_vars
limits would prevent "group" filters from working if they contained more options thanmax_input_vars
would allow. - Fixed support for
ignoreTimezone
indate
anddaterange
filter scope types. - Fixed issue with Arabic translation in the backend where Indic numerals were being used instead of Arabic numerals for the
datepicker
FormWidget which was confusing the serverside processing of date values. - Fixed issue where an incorrect
<textarea>
tag definition broke the popup editor forstringList
andtext
type fields in the Inspector.
Security Improvements
- Improved validation of encrypted cookies by locking cookie values to the cookie they were created for. See the security advisory for more information.
Translation Improvements
- Improved French translation.
Community Improvements
- Added note in
config/cms.php
for handling URL generation for uploaded files when using October in a subfolder installation.