mirror of
https://github.com/sbrl/Pepperminty-Wiki.git
synced 2024-11-25 05:22:59 +00:00
Changelog: more fiddling
This commit is contained in:
parent
334c3956c7
commit
8e93ea65dc
1 changed files with 2 additions and 2 deletions
|
@ -34,11 +34,11 @@ Make sure you have PHP 7.3+ when you update past this point! It isn't the end of
|
||||||
- Don't worry, we've absorbed all the useful features (see above)
|
- Don't worry, we've absorbed all the useful features (see above)
|
||||||
- NOTE TO SELF: Don't forget to update wikimatrix.org when we next make a stable release! (if you are reading this in the release notes for a stable release, please get in touch)
|
- NOTE TO SELF: Don't forget to update wikimatrix.org when we next make a stable release! (if you are reading this in the release notes for a stable release, please get in touch)
|
||||||
- Enabled horizontal resize handle on sidebar (but it doesn't persist yet)
|
- Enabled horizontal resize handle on sidebar (but it doesn't persist yet)
|
||||||
- `SameSite=Strict` is now set on all cookies in PHP 7.3+
|
- [security] `SameSite=Strict` is now set on all cookies in PHP 7.3+
|
||||||
- This prevents session-stealing attacks from third-party origins
|
- This prevents session-stealing attacks from third-party origins
|
||||||
- This complies with the [new samesite cookies rules](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite#SameSiteNone_requires_Secure).
|
- This complies with the [new samesite cookies rules](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite#SameSiteNone_requires_Secure).
|
||||||
- A warning is generated in PHP 7.2 and below = [please upgrade](https://www.php.net/supported-versions.php) to PHP 7.3+! (#200)
|
- A warning is generated in PHP 7.2 and below = [please upgrade](https://www.php.net/supported-versions.php) to PHP 7.3+! (#200)
|
||||||
- The `Secure` cookie flag is now automatically added when clients use HTTPS to prevent downgrade-based session stealing attacks (control this with the new `cookie_secure` setting)
|
- [security] The `Secure` cookie flag is now automatically added when clients use HTTPS to prevent downgrade-based session stealing attacks (control this with the new `cookie_secure` setting)
|
||||||
- Standardised prefixed to (most) `error_log()` calls to aid clarity in multi-wiki environments
|
- Standardised prefixed to (most) `error_log()` calls to aid clarity in multi-wiki environments
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
Loading…
Reference in a new issue