Kijin Sung
83fe72be18
Fix #1037 IDN in Javascript @misol
2018-05-30 21:26:05 +09:00
Kijin Sung
4533dacd4b
Add Storage::getLock() for exclusive access to a named lock
...
여러 프로세스를 동시에 실행할 경우 1개만 작동하도록
lock을 관리하는 기능을 코어 프레임워크에서 제공하도록 한다.
두 개 이상의 프로세스에서 동일한 이름의 lock을 요청할 경우
먼저 요청한 프로세스는 true, 나머지 프로세스들은 false를 받게 된다.
lock을 갖고 있던 프로세스가 종료되면 다시 요청할 수 있다.
예를 들어 크론탭에서 1분마다 실행하는 CLI 스크립트가 있는데
간혹 1분 이상 소요된다면 2개가 동시에 실행될 수도 있다.
이 때 lock을 받지 못한 쪽을 종료하면 동시 실행을 방지할 수 있다.
2018-05-30 21:04:30 +09:00
Kijin Sung
f278ae5e75
Add methods to enable/disable Debug log collection
...
크론탭 등에서 다수의 쿼리를 실행하거나 각종 일괄처리 작업을 할 때
디버그 기록 때문에 메모리 사용량이 무한정 증가하는 문제 방지
2018-05-30 20:48:04 +09:00
Kijin Sung
591e9cb270
Revert "Improve cookie secure setting values"
...
This reverts commit 73da2af393
2018-04-23 00:43:24 +09:00
Kijin Sung
cfca05c897
Revert "Fix httpOnly flag by mistake.... ( #1032 )"
...
This reverts commit 0347bb7053
2018-04-23 00:42:12 +09:00
Min-Soo Kim
0347bb7053
Fix httpOnly flag by mistake.... ( #1032 )
...
73da2af393
2018-04-23 00:17:26 +09:00
Min-Soo Kim
73da2af393
Improve cookie secure setting values
...
HTTPS 를 사용하는 상황에 대한 판단을 할 수 있는 상황에서 쿠키의 secure flag 를 달아준다.
2018-04-22 23:58:13 +09:00
포피플
2306456154
Change Woorimail SSL Port
...
Some web hosting doesn't open a port 20080. So Woorimail change SSL port from 20080 to 443(ssl).
2018-03-09 14:13:51 +09:00
Kijin Sung
2dd549f076
Add methods to clear debug entries (for long-running scripts)
2018-01-16 15:03:36 +09:00
Kijin Sung
49be8be6c0
Fix error me_007 when sending email to multiple recipients via Woorimail
2018-01-04 14:20:57 +09:00
Kijin Sung
e3a2c1a6aa
Guard more count() calls in common framework classes
2017-12-09 02:49:01 +09:00
Kijin Sung
2158c4fa3b
Remove unnecessary count() calls in MediaFilter
2017-12-09 02:32:40 +09:00
Kijin Sung
0023a9cc1a
Cache opcache status to reduce function_exists() calls
2017-12-09 01:40:04 +09:00
Kijin Sung
0c62ff7561
Prevent exception on servers with flaky random_bytes() implementation
...
카페24 PHP 7.0 웹호스팅 상품에서 random_bytes() 함수가 작동하지 않음
2017-12-03 10:06:33 +09:00
Kijin Sung
d7beeb783c
config파일 읽을 때 BOM문자 제거
...
xpressengine/xe-core#1604
2017-11-30 21:53:23 +09:00
Kijin Sung
b1a4d322c7
Update admin check function in Debug::displayErrorScreen()
2017-10-15 23:42:38 +09:00
Kijin Sung
1f9f449fb0
Stop treating .swf as directly downloadable file
...
플래시 첨부파일을 본문에 직접 삽입하는 방식에서 다운로드만 가능한 방식에서 변경
file, importer, integration_search 등 모든 모듈에 일관성있게 적용
xpressengine/xe-core#2149
2017-10-12 00:29:22 +09:00
Kijin Sung
1042479d5b
Allow connection to Memcached and Redis via unix socket
2017-09-11 17:33:19 +09:00
Kijin Sung
744827518d
Fix Reply-To for Woorimail driver
2017-08-07 23:01:29 +09:00
Kijin Sung
e1846a4b6d
Use api_key and api_secret settings for Amazon SES mail driver
2017-07-04 22:17:33 +09:00
Kijin Sung
5ae15f4b66
Remove _rx_ajax_compat and _rx_csrf_token from request vars
...
JSON/XMLRPC 호환성 확보와 CSRF 공격 방지를 위해 사용되는 이 변수들이
Context::getRequestVars()에 포함되어 불필요하게 여기저기 저장되거나
URL에 포함되어 나오는 문제를 방지합니다.
2017-07-02 21:46:50 +09:00
Kijin Sung
464325c6f6
Update Markdown formatter to support footnotes and hard wraps natively
2017-06-29 23:58:20 +09:00
Kijin Sung
986f532ba5
Fix mail error messages being displayed as 'Array' only
2017-06-29 17:09:55 +09:00
Kijin Sung
c6e51cddc9
Fix fatal error when unable to connect to Woorimail server
2017-06-25 21:12:31 +09:00
Kijin Sung
227e1c53d1
Fix no Reply-To header when using Woorimail paid service
2017-06-22 16:19:28 +09:00
Kijin Sung
8c797aaba1
Pass through crypto exceptions
2017-05-07 15:29:21 +09:00
Kijin Sung
2822191271
Fix CSRF check for GET requests
2017-04-23 14:51:41 +09:00
Kijin Sung
df59e541c9
Skip diagnostic CSRF warning if the user is not logged in
2017-03-13 16:41:57 +09:00
Kijin Sung
a3ef122b57
Merge branch 'develop' into pr/csrf-token
2017-03-13 16:35:24 +09:00
Kijin Sung
a984665efc
Implement default timezone for domains
2017-03-13 12:51:24 +09:00
Kijin Sung
beee2165fb
Update session class to use getDefaultDomainInfo() for SSO
2017-03-13 11:35:37 +09:00
Kijin Sung
4257edf7fa
Implement saving favicon, mobicon, and default image for domain
2017-03-12 22:55:57 +09:00
Kijin Sung
89255d0281
Initial implementation of CSRF token enforcement in Security class
2017-03-06 15:54:56 +09:00
Kijin Sung
a0f2388842
Add Session::getGenericToken() for general-purpose token handling
2017-03-06 11:24:09 +09:00
Kijin Sung
5bd5044126
Improve referer checks in Session::checkSSO()
2017-03-04 22:15:46 +09:00
Kijin Sung
af7309b807
Consistently use new domain system for URL::isInternalUrl() and checkCSRF()
2017-03-04 22:09:45 +09:00
Kijin Sung
8cf3d7b520
Update SSO mechanism to use new domain system
2017-03-04 22:05:16 +09:00
Kijin Sung
8d53304e71
Merge branch 'develop' into pr/multidomain
2017-03-04 16:12:31 +09:00
Kijin Sung
cf01038ce6
Refresh member info when setSessionInfo() is called
2017-03-03 01:05:13 +09:00
Kijin Sung
210b6b4147
Merge branch 'develop' into pr/multidomain
2017-03-01 21:50:51 +09:00
Kijin Sung
aa879e7326
Improve HTMLFilter handling of editor component properties
2017-02-25 17:37:58 +09:00
Kijin Sung
fdf568bbb2
Update URL::isInternalURL()
2017-02-20 21:53:00 +09:00
Kijin Sung
fbe47e0610
Remove temporary list of override domains in Session class
2017-02-18 22:57:39 +09:00
Kijin Sung
cbc0197be6
Fix data-file-srl attribute being deleted by HTMLFilter
2017-02-17 21:45:03 +09:00
Kijin Sung
5c8a41a655
Fix PHP warning
2017-02-17 21:38:03 +09:00
Kijin Sung
2582ef2100
More thoroughly delete conflicting cookies
2017-02-17 21:09:57 +09:00
Kijin Sung
64f0d5cb45
Remove Android Chrome from buggy user-agent list
2017-02-17 20:24:13 +09:00
Kijin Sung
51acad706e
Remove unnecessary regex replacement
2017-02-17 20:15:56 +09:00
Kijin Sung
50410ec482
Delete conflicting wildcard cookies from subdomain
2017-02-17 19:44:01 +09:00
Kijin Sung
780034d4ee
Do not explicitly set the domain for session cookies
2017-02-17 19:33:05 +09:00
