Skip to content

Commit 96c251a

Browse files
committed
Update User Guide
1 parent 7e8c63a commit 96c251a

2 files changed

Lines changed: 2 additions & 1 deletion

File tree

changelogs/v4.7.1.html

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -345,6 +345,7 @@ <h2><a class="toc-backref" href="#id7" role="doc-backlink">Bugs Fixed</a><a clas
345345
<ul class="simple">
346346
<li><p><strong>ContentSecurityPolicy:</strong> Fixed a bug where custom CSP tags were not removed from generated HTML when CSP was disabled. The method now ensures that all custom CSP tags are removed from the generated HTML.</p></li>
347347
<li><p><strong>ContentSecurityPolicy:</strong> Fixed a bug where <code class="docutils literal notranslate"><span class="pre">generateNonces()</span></code> produces corrupted JSON responses by replacing CSP nonce placeholders with unescaped double quotes. The method now automatically JSON-escapes nonce attributes when the response Content-Type is JSON.</p></li>
348+
<li><p><strong>ContentSecurityPolicy:</strong> Fixed a bug where nonces generated by <code class="docutils literal notranslate"><span class="pre">getScriptNonce()</span></code> and <code class="docutils literal notranslate"><span class="pre">getStyleNonce()</span></code> were not added to the <code class="docutils literal notranslate"><span class="pre">script-src-elem</span></code> and <code class="docutils literal notranslate"><span class="pre">style-src-elem</span></code> directives, causing nonces to be silently ignored by browsers when those directives were present.</p></li>
348349
<li><p><strong>Database:</strong> Fixed a bug where <code class="docutils literal notranslate"><span class="pre">BaseConnection::callFunction()</span></code> could double-prefix already-prefixed function names.</p></li>
349350
<li><p><strong>Database:</strong> Fixed a bug where <code class="docutils literal notranslate"><span class="pre">BasePreparedQuery::prepare()</span></code> could mis-handle SQL containing colon syntax by over-broad named-placeholder replacement. It now preserves PostgreSQL cast syntax like <code class="docutils literal notranslate"><span class="pre">::timestamp</span></code>.</p></li>
350351
<li><p><strong>Model:</strong> Fixed a bug where <code class="docutils literal notranslate"><span class="pre">BaseModel::updateBatch()</span></code> threw an exception when <code class="docutils literal notranslate"><span class="pre">updateOnlyChanged</span></code> was <code class="docutils literal notranslate"><span class="pre">true</span></code> and the index field value did not change.</p></li>

searchindex.js

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)