From d9a4c50a73d9743ad9453ddb389aa6d549e864e2 Mon Sep 17 00:00:00 2001
From: Andy Butland <abutland73@gmail.com>
Date: Tue, 14 Dec 2021 09:23:55 +0100
Subject: [PATCH 01/81] Refactored message related methods to allow provision
 of an HttpContext, and used this in DistributedCacheBinder to ensure messages
 created are flushed from the same context.

---
 .../BatchedDatabaseServerMessenger.cs         | 27 ++++++++++----
 .../Cache/DistributedCacheBinder.cs           | 35 +++++++++++++++++--
 2 files changed, 53 insertions(+), 9 deletions(-)

diff --git a/src/Umbraco.Web/BatchedDatabaseServerMessenger.cs b/src/Umbraco.Web/BatchedDatabaseServerMessenger.cs
index f89f62eb3d..a02cd2c128 100644
--- a/src/Umbraco.Web/BatchedDatabaseServerMessenger.cs
+++ b/src/Umbraco.Web/BatchedDatabaseServerMessenger.cs
@@ -68,9 +68,11 @@ namespace Umbraco.Web
             BatchMessage(refresher, messageType, idsA, arrayType, json);
         }
 
-        public void FlushBatch()
+        public void FlushBatch() => FlushBatch(null);
+
+        internal void FlushBatch(HttpContextBase httpContext)
         {
-            var batch = GetBatch(false);
+            var batch = httpContext != null ? GetBatch(false, httpContext) : GetBatch(false);
             if (batch == null) return;
 
             var instructions = batch.SelectMany(x => x.Instructions).ToArray();
@@ -83,9 +85,9 @@ namespace Umbraco.Web
                 {
                     WriteInstructions(scope, instructionsBatch);
                 }
+
                 scope.Complete();
             }
-
         }
 
         private void WriteInstructions(IScope scope, IEnumerable<RefreshInstruction> instructions)
@@ -111,10 +113,15 @@ namespace Umbraco.Web
                 // the case if the asp.net synchronization context has kicked in
                 ?? (HttpContext.Current == null ? null : new HttpContextWrapper(HttpContext.Current));
 
-            // if no context was found, return null - we cannot not batch
+            // if no context was found, return null - we cannot batch
             if (httpContext == null) return null;
 
-            var key = typeof (BatchedDatabaseServerMessenger).Name;
+            return GetBatch(create, httpContext);
+        }
+
+        protected ICollection<RefreshInstructionEnvelope> GetBatch(bool create, HttpContextBase httpContext)
+        {
+            var key = typeof(BatchedDatabaseServerMessenger).Name;
 
             // no thread-safety here because it'll run in only 1 thread (request) at a time
             var batch = (ICollection<RefreshInstructionEnvelope>)httpContext.Items[key];
@@ -128,9 +135,17 @@ namespace Umbraco.Web
             MessageType messageType,
             IEnumerable<object> ids = null,
             Type idType = null,
+            string json = null) => BatchMessage(refresher, messageType, null, ids, idType, json);
+
+        protected void BatchMessage(
+            ICacheRefresher refresher,
+            MessageType messageType,
+            HttpContextBase httpContext,
+            IEnumerable<object> ids = null,
+            Type idType = null,
             string json = null)
         {
-            var batch = GetBatch(true);
+            var batch = httpContext != null ? GetBatch(true, httpContext) : GetBatch(true);
             var instructions = RefreshInstruction.GetInstructions(refresher, messageType, ids, idType, json);
 
             // batch if we can, else write to DB immediately
diff --git a/src/Umbraco.Web/Cache/DistributedCacheBinder.cs b/src/Umbraco.Web/Cache/DistributedCacheBinder.cs
index bfb1a01a69..5987d425a5 100644
--- a/src/Umbraco.Web/Cache/DistributedCacheBinder.cs
+++ b/src/Umbraco.Web/Cache/DistributedCacheBinder.cs
@@ -9,6 +9,7 @@ using Umbraco.Core.Logging;
 using Umbraco.Core.Models;
 using Umbraco.Core.Services;
 using Umbraco.Core.Services.Changes;
+using Umbraco.Core.Sync;
 
 namespace Umbraco.Web.Cache
 {
@@ -21,10 +22,12 @@ namespace Umbraco.Web.Cache
         private readonly DistributedCache _distributedCache;
         private readonly IUmbracoContextFactory _umbracoContextFactory;
         private readonly ILogger _logger;
+        private readonly BatchedDatabaseServerMessenger _serverMessenger;
 
         /// <summary>
         /// Initializes a new instance of the <see cref="DistributedCacheBinder"/> class.
         /// </summary>
+        [Obsolete("Please use the constructor accepting an instance of IServerMessenger.  This constructor will be removed in a future version.")]
         public DistributedCacheBinder(DistributedCache distributedCache, IUmbracoContextFactory umbracoContextFactory, ILogger logger)
         {
             _distributedCache = distributedCache;
@@ -32,6 +35,15 @@ namespace Umbraco.Web.Cache
             _umbracoContextFactory = umbracoContextFactory;
         }
 
+        /// <summary>
+        /// Initializes a new instance of the <see cref="DistributedCacheBinder"/> class.
+        /// </summary>
+        public DistributedCacheBinder(DistributedCache distributedCache, IUmbracoContextFactory umbracoContextFactory, ILogger logger, IServerMessenger serverMessenger)
+            : this(distributedCache, umbracoContextFactory, logger)
+        {
+            _serverMessenger = serverMessenger as BatchedDatabaseServerMessenger;
+        }
+
         // internal for tests
         internal static MethodInfo FindHandler(IEventDefinition eventDefinition)
         {
@@ -42,7 +54,6 @@ namespace Umbraco.Web.Cache
 
         private static readonly Lazy<MethodInfo[]> CandidateHandlers = new Lazy<MethodInfo[]>(() =>
         {
-
             return typeof(DistributedCacheBinder)
                 .GetMethods(BindingFlags.Instance | BindingFlags.Public | BindingFlags.NonPublic)
                 .Select(x =>
@@ -66,9 +77,9 @@ namespace Umbraco.Web.Cache
         {
             // Ensure we run with an UmbracoContext, because this may run in a background task,
             // yet developers may be using the 'current' UmbracoContext in the event handlers.
-            using (_umbracoContextFactory.EnsureUmbracoContext())
+            using (var umbracoContextReference = _umbracoContextFactory.EnsureUmbracoContext())
             {
-                // When it comes to content types types, a change to any single one will trigger a reload of the content and media caches.
+                // When it comes to content types, a change to any single one will trigger a reload of the content and media caches.
                 // We can reduce the impact of that by grouping the events to invoke just one per type, providing a collection of the individual arguments.
                 var groupedEvents = GetGroupedEventList(events);
                 foreach (var e in groupedEvents)
@@ -84,6 +95,24 @@ namespace Umbraco.Web.Cache
 
                     handler.Invoke(this, new[] { e.Sender, e.Args });
                 }
+
+                // Handled events may be triggering messages to be sent for load balanced servers to refresh their caches.
+                // When the state changes that initiate the events are handled outside of an Umbraco request and rather in a
+                // background task, we'll have ensured an Umbraco context, but using a newly created HttpContext.
+                //
+                // An example of this is when using an Umbraco Deploy content transfer operation
+                // (see: https://github.com/umbraco/Umbraco.Deploy.Issues/issues/90).
+                //
+                // This will be used in the event handlers, and when the methods on BatchedDatabaseServerMessenger are called,
+                // they'll be using this "ensured" HttpContext, populating a batch of message stored in HttpContext.Items.
+                // When the FlushBatch method is called on the end of an Umbraco request (via the event handler wired up in
+                // DatabaseServerRegistrarAndMessengerComponent), this will use the HttpContext associated with the request,
+                // which will be a different one, and so won't have the batch stored in it's HttpContext.Items.
+                //
+                // As such by making an explicit call here, and providing the ensured HttpContext that will have had it's
+                // Items dictionary populated with the batch of messages, we'll make sure the batch is flushed, and the
+                // database instructions written.
+                _serverMessenger?.FlushBatch(umbracoContextReference.UmbracoContext.HttpContext);
             }
         }
 

From 50da4a77def576aaa0b3b18367cd0983f184984b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=B8ren=20Kottal?= <sk@ecreo.dk>
Date: Wed, 17 Nov 2021 01:38:15 +0100
Subject: [PATCH 02/81] Adds support for simple markdown in property
 descriptions, and extended property descriptions (#11628)

* Adds support for simple markdown in property descriptions, and extended descriptions

* removes max-width for property descriptions (doesn't make sense to limit these IMO)

(cherry picked from commit 8393fdecfbb24f668accf921d44bccff36bd2079)
---
 .../property/umbproperty.directive.js         | 14 +++++++++++++
 .../common/filters/simpleMarkdown.filter.js   | 20 +++++++++++++++++++
 src/Umbraco.Web.UI.Client/src/less/main.less  |  1 -
 .../components/property/umb-property.html     | 15 +++++++++++++-
 4 files changed, 48 insertions(+), 2 deletions(-)
 create mode 100644 src/Umbraco.Web.UI.Client/src/common/filters/simpleMarkdown.filter.js

diff --git a/src/Umbraco.Web.UI.Client/src/common/directives/components/property/umbproperty.directive.js b/src/Umbraco.Web.UI.Client/src/common/directives/components/property/umbproperty.directive.js
index f4cfacbf70..25e55455db 100644
--- a/src/Umbraco.Web.UI.Client/src/common/directives/components/property/umbproperty.directive.js
+++ b/src/Umbraco.Web.UI.Client/src/common/directives/components/property/umbproperty.directive.js
@@ -75,7 +75,21 @@
                 // inheritance is (i.e.infinite editing)
                 var found = angularHelper.traverseScopeChain($scope, s => s && s.vm && s.vm.constructor.name === "UmbPropertyController");
                 vm.parentUmbProperty = found ? found.vm : null;
+          }
+
+          if (vm.property.description) {
+            // split by lines containing only '--'
+            var descriptionParts = vm.property.description.split(/^--$/gim);
+            if (descriptionParts.length > 1) {
+              // if more than one part, we have an extended description,
+              // combine to one extended description, and remove leading linebreak
+              vm.property.extendedDescription = descriptionParts.splice(1).join("--").substring(1);
+              vm.property.extendedDescriptionVisible = false;
+
+              // set propertydescription to first part, and remove trailing linebreak
+              vm.property.description = descriptionParts[0].slice(0, -1);
             }
+          }
         }
 
     }
diff --git a/src/Umbraco.Web.UI.Client/src/common/filters/simpleMarkdown.filter.js b/src/Umbraco.Web.UI.Client/src/common/filters/simpleMarkdown.filter.js
new file mode 100644
index 0000000000..58d5b0ed91
--- /dev/null
+++ b/src/Umbraco.Web.UI.Client/src/common/filters/simpleMarkdown.filter.js
@@ -0,0 +1,20 @@
+/**
+* @ngdoc filter
+* @name umbraco.filters.simpleMarkdown
+* @description 
+* Used when rendering a string as Markdown as HTML (i.e. with ng-bind-html). Allows use of **bold**, *italics*, ![images](url) and [links](url)
+**/
+angular.module("umbraco.filters").filter('simpleMarkdown', function () {
+  return function (text) {
+	if (!text) {
+		return '';
+    }
+
+    return text
+      .replace(/\*\*(.*)\*\*/gim, '<b>$1</b>')
+      .replace(/\*(.*)\*/gim, '<i>$1</i>')
+      .replace(/!\[(.*?)\]\((.*?)\)/gim, "<img alt='$1' src='$2' />")
+      .replace(/\[(.*?)\]\((.*?)\)/gim, "<a href='$2' target='_blank' rel='noopener' class='underline'>$1</a>")
+      .replace(/\n/g, '<br />').trim();
+  };
+});
diff --git a/src/Umbraco.Web.UI.Client/src/less/main.less b/src/Umbraco.Web.UI.Client/src/less/main.less
index 66afbfd73f..43911fccb1 100644
--- a/src/Umbraco.Web.UI.Client/src/less/main.less
+++ b/src/Umbraco.Web.UI.Client/src/less/main.less
@@ -237,7 +237,6 @@ umb-property:last-of-type .umb-control-group {
     }
 
     .control-description {
-        max-width:480px;// avoiding description becoming too wide when its placed on top of property.
         margin-bottom: 5px;
     }
 }
diff --git a/src/Umbraco.Web.UI.Client/src/views/components/property/umb-property.html b/src/Umbraco.Web.UI.Client/src/views/components/property/umb-property.html
index 650fd143c1..a037feaca2 100644
--- a/src/Umbraco.Web.UI.Client/src/views/components/property/umb-property.html
+++ b/src/Umbraco.Web.UI.Client/src/views/components/property/umb-property.html
@@ -24,7 +24,20 @@
 
                     <umb-property-actions ng-if="!vm.showInherit" actions="vm.propertyActions"></umb-property-actions>
 
-                    <small class="control-description" ng-if="vm.property.description" ng-bind-html="vm.property.description | preserveNewLineInHtml"></small>
+                    <small class="control-description" ng-if="vm.property.description" ng-bind-html="vm.property.description | simpleMarkdown"></small>
+
+                    <div ng-if="vm.property.extendedDescription">
+
+                      <div ng-if="vm.property.extendedDescriptionVisible">
+                        <small class="control-description" ng-bind-html="vm.property.extendedDescription | simpleMarkdown"></small>
+                      </div>
+
+                      <button type="button" class="btn btn-mini btn-link btn-link-reverse p0" ng-click="vm.property.extendedDescriptionVisible = !vm.property.extendedDescriptionVisible">
+                          <localize ng-if="!vm.property.extendedDescriptionVisible" key="general_readMore"></localize>
+                          <localize ng-if="vm.property.extendedDescriptionVisible" key="general_close"></localize>
+                      </button>
+
+                    </div>
                 </div>
 
                 <div class="controls" ng-transclude>

From 7006461ba27102597bc7d9b9c0fbf34ea5e2c180 Mon Sep 17 00:00:00 2001
From: Sebastiaan Janssen <sebastiaan@umbraco.com>
Date: Thu, 16 Dec 2021 16:30:18 +0100
Subject: [PATCH 03/81] Revert "Added notifications toggle to user groups
 (#10450)"

This reverts commit 4c6d4b9326c094f2e66f627083ccf875a01188a2.
---
 .../Migrations/Install/DatabaseDataCreator.cs |  6 ++---
 .../Migrations/Upgrade/UmbracoPlan.cs         |  5 +---
 .../AddDefaultForNotificationsToggle.cs       | 15 ------------
 src/Umbraco.Core/Umbraco.Core.csproj          |  1 -
 src/Umbraco.Web.UI/Umbraco/config/lang/da.xml |  1 -
 src/Umbraco.Web.UI/Umbraco/config/lang/en.xml |  1 -
 .../Umbraco/config/lang/en_us.xml             |  1 -
 src/Umbraco.Web/Actions/ActionNotify.cs       | 24 -------------------
 .../Trees/ContentTreeController.cs            |  7 +++++-
 src/Umbraco.Web/Umbraco.Web.csproj            |  1 -
 10 files changed, 10 insertions(+), 52 deletions(-)
 delete mode 100644 src/Umbraco.Core/Migrations/Upgrade/V_8_18_0/AddDefaultForNotificationsToggle.cs
 delete mode 100644 src/Umbraco.Web/Actions/ActionNotify.cs

diff --git a/src/Umbraco.Core/Migrations/Install/DatabaseDataCreator.cs b/src/Umbraco.Core/Migrations/Install/DatabaseDataCreator.cs
index d9cc22d26d..bd7a96f6e7 100644
--- a/src/Umbraco.Core/Migrations/Install/DatabaseDataCreator.cs
+++ b/src/Umbraco.Core/Migrations/Install/DatabaseDataCreator.cs
@@ -188,9 +188,9 @@ namespace Umbraco.Core.Migrations.Install
 
         private void CreateUserGroupData()
         {
-            _database.Insert(Constants.DatabaseSchema.Tables.UserGroup, "id", false, new UserGroupDto { Id = 1, StartMediaId = -1, StartContentId = -1, Alias = Constants.Security.AdminGroupAlias, Name = "Administrators", DefaultPermissions = "CADMOSKTPIURZ:5F7ïN", CreateDate = DateTime.Now, UpdateDate = DateTime.Now, Icon = "icon-medal" });
-            _database.Insert(Constants.DatabaseSchema.Tables.UserGroup, "id", false, new UserGroupDto { Id = 2, StartMediaId = -1, StartContentId = -1, Alias = Constants.Security.WriterGroupAlias, Name = "Writers", DefaultPermissions = "CAH:FN", CreateDate = DateTime.Now, UpdateDate = DateTime.Now, Icon = "icon-edit" });
-            _database.Insert(Constants.DatabaseSchema.Tables.UserGroup, "id", false, new UserGroupDto { Id = 3, StartMediaId = -1, StartContentId = -1, Alias = Constants.Security.EditorGroupAlias, Name = "Editors", DefaultPermissions = "CADMOSKTPUZ:5FïN", CreateDate = DateTime.Now, UpdateDate = DateTime.Now, Icon = "icon-tools" });
+            _database.Insert(Constants.DatabaseSchema.Tables.UserGroup, "id", false, new UserGroupDto { Id = 1, StartMediaId = -1, StartContentId = -1, Alias = Constants.Security.AdminGroupAlias, Name = "Administrators", DefaultPermissions = "CADMOSKTPIURZ:5F7ï", CreateDate = DateTime.Now, UpdateDate = DateTime.Now, Icon = "icon-medal" });
+            _database.Insert(Constants.DatabaseSchema.Tables.UserGroup, "id", false, new UserGroupDto { Id = 2, StartMediaId = -1, StartContentId = -1, Alias = Constants.Security.WriterGroupAlias, Name = "Writers", DefaultPermissions = "CAH:F", CreateDate = DateTime.Now, UpdateDate = DateTime.Now, Icon = "icon-edit" });
+            _database.Insert(Constants.DatabaseSchema.Tables.UserGroup, "id", false, new UserGroupDto { Id = 3, StartMediaId = -1, StartContentId = -1, Alias = Constants.Security.EditorGroupAlias, Name = "Editors", DefaultPermissions = "CADMOSKTPUZ:5Fï", CreateDate = DateTime.Now, UpdateDate = DateTime.Now, Icon = "icon-tools" });
             _database.Insert(Constants.DatabaseSchema.Tables.UserGroup, "id", false, new UserGroupDto { Id = 4, StartMediaId = -1, StartContentId = -1, Alias = Constants.Security.TranslatorGroupAlias, Name = "Translators", DefaultPermissions = "AF", CreateDate = DateTime.Now, UpdateDate = DateTime.Now, Icon = "icon-globe" });
             _database.Insert(Constants.DatabaseSchema.Tables.UserGroup, "id", false, new UserGroupDto { Id = 5, StartMediaId = -1, StartContentId = -1, Alias = Constants.Security.SensitiveDataGroupAlias, Name = "Sensitive data", DefaultPermissions = "", CreateDate = DateTime.Now, UpdateDate = DateTime.Now, Icon = "icon-lock" });
         }
diff --git a/src/Umbraco.Core/Migrations/Upgrade/UmbracoPlan.cs b/src/Umbraco.Core/Migrations/Upgrade/UmbracoPlan.cs
index 895fd1946b..a557c7e78a 100644
--- a/src/Umbraco.Core/Migrations/Upgrade/UmbracoPlan.cs
+++ b/src/Umbraco.Core/Migrations/Upgrade/UmbracoPlan.cs
@@ -211,11 +211,8 @@ namespace Umbraco.Core.Migrations.Upgrade
             // to 8.17.0
             To<AddPropertyTypeGroupColumns>("{153865E9-7332-4C2A-9F9D-F20AEE078EC7}");
 
-            // to 8.18.0
-            To<AddContentVersionCleanupFeature>("{8BAF5E6C-DCB7-41AE-824F-4215AE4F1F98}");
-            To<AddDefaultForNotificationsToggle>("{AD3D3B7F-8E74-45A4-85DB-7FFAD57F9243}");
-
             //FINAL
+            To<AddContentVersionCleanupFeature>("{8BAF5E6C-DCB7-41AE-824F-4215AE4F1F98}");
         }
     }
 }
diff --git a/src/Umbraco.Core/Migrations/Upgrade/V_8_18_0/AddDefaultForNotificationsToggle.cs b/src/Umbraco.Core/Migrations/Upgrade/V_8_18_0/AddDefaultForNotificationsToggle.cs
deleted file mode 100644
index 0173600584..0000000000
--- a/src/Umbraco.Core/Migrations/Upgrade/V_8_18_0/AddDefaultForNotificationsToggle.cs
+++ /dev/null
@@ -1,15 +0,0 @@
-namespace Umbraco.Core.Migrations.Upgrade.V_8_18_0
-{
-    public class AddDefaultForNotificationsToggle : MigrationBase
-    {
-        public AddDefaultForNotificationsToggle(IMigrationContext context) : base(context)
-        {
-        }
-
-        public override void Migrate()
-        {
-            var updateSQL = Sql($"UPDATE {Constants.DatabaseSchema.Tables.UserGroup} SET userGroupDefaultPermissions = userGroupDefaultPermissions + 'N' WHERE userGroupAlias IN ('admin', 'writer', 'editor')");
-            Execute.Sql(updateSQL.SQL).Do();
-        }
-    }
-}
diff --git a/src/Umbraco.Core/Umbraco.Core.csproj b/src/Umbraco.Core/Umbraco.Core.csproj
index e6012c9e97..632031a2e6 100755
--- a/src/Umbraco.Core/Umbraco.Core.csproj
+++ b/src/Umbraco.Core/Umbraco.Core.csproj
@@ -151,7 +151,6 @@
     <Compile Include="Migrations\Upgrade\V_8_10_0\AddPropertyTypeLabelOnTopColumn.cs" />
     <Compile Include="Migrations\Upgrade\V_8_17_0\AddPropertyTypeGroupColumns.cs" />
     <Compile Include="Migrations\Upgrade\V_8_18_0\AddContentVersionCleanupFeature.cs" />
-    <Compile Include="Migrations\Upgrade\V_8_18_0\AddDefaultForNotificationsToggle.cs" />
     <Compile Include="Migrations\Upgrade\V_8_9_0\ExternalLoginTableUserData.cs" />
     <Compile Include="Models\Blocks\BlockEditorDataConverter.cs" />
     <Compile Include="Models\Blocks\BlockEditorData.cs" />
diff --git a/src/Umbraco.Web.UI/Umbraco/config/lang/da.xml b/src/Umbraco.Web.UI/Umbraco/config/lang/da.xml
index 07752530fa..2dfec4523c 100644
--- a/src/Umbraco.Web.UI/Umbraco/config/lang/da.xml
+++ b/src/Umbraco.Web.UI/Umbraco/config/lang/da.xml
@@ -85,7 +85,6 @@
     <key alias="translate">Tillad adgang til at oversætte en node</key>
     <key alias="update">Tillad adgang til at gemme en node</key>
     <key alias="createblueprint">Tillad adgang til at oprette en indholdsskabelon</key>
-    <key alias="notify">Tillad adgang til at oprette notificeringer for noder</key>
   </area>
   <area alias="apps">
     <key alias="umbContent">Indhold</key>
diff --git a/src/Umbraco.Web.UI/Umbraco/config/lang/en.xml b/src/Umbraco.Web.UI/Umbraco/config/lang/en.xml
index 6d29c9adcd..ef63b4f292 100644
--- a/src/Umbraco.Web.UI/Umbraco/config/lang/en.xml
+++ b/src/Umbraco.Web.UI/Umbraco/config/lang/en.xml
@@ -82,7 +82,6 @@
     <key alias="translate">Allow access to translate a node</key>
     <key alias="update">Allow access to save a node</key>
     <key alias="createblueprint">Allow access to create a Content Template</key>
-    <key alias="notify">Allow access to setup notifications for content nodes</key>
   </area>
   <area alias="apps">
     <key alias="umbContent">Content</key>
diff --git a/src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml b/src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml
index 6c75d4e04a..e0560ec507 100644
--- a/src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml
+++ b/src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml
@@ -83,7 +83,6 @@
     <key alias="translate">Allow access to translate a node</key>
     <key alias="update">Allow access to save a node</key>
     <key alias="createblueprint">Allow access to create a Content Template</key>
-    <key alias="notify">Allow access to setup notifications for content nodes</key>
   </area>
   <area alias="apps">
     <key alias="umbContent">Content</key>
diff --git a/src/Umbraco.Web/Actions/ActionNotify.cs b/src/Umbraco.Web/Actions/ActionNotify.cs
deleted file mode 100644
index a8f6a4c2a2..0000000000
--- a/src/Umbraco.Web/Actions/ActionNotify.cs
+++ /dev/null
@@ -1,24 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Text;
-using System.Threading.Tasks;
-using Umbraco.Core;
-
-namespace Umbraco.Web.Actions
-{
-    public class ActionNotify : IAction
-    {
-        public char Letter => 'N';
-
-        public bool ShowInNotifier => false;
-
-        public bool CanBePermissionAssigned => true;
-
-        public string Icon => "megaphone";
-
-        public string Alias => "notify";
-
-        public string Category => Constants.Conventions.PermissionCategories.ContentCategory;
-    }
-}
diff --git a/src/Umbraco.Web/Trees/ContentTreeController.cs b/src/Umbraco.Web/Trees/ContentTreeController.cs
index e6b4f45d22..c2c938249e 100644
--- a/src/Umbraco.Web/Trees/ContentTreeController.cs
+++ b/src/Umbraco.Web/Trees/ContentTreeController.cs
@@ -242,7 +242,12 @@ namespace Umbraco.Web.Trees
 
             if (EmailSender.CanSendRequiredEmail)
             {
-                AddActionNode<ActionNotify>(item, menu, true, opensDialog: true);
+	            menu.Items.Add(new MenuItem("notify", Services.TextService)
+	            {
+	                Icon = "megaphone",
+	                SeparatorBefore = true,
+	                OpensDialog = true
+	            });
             }
 
             if((item is DocumentEntitySlim documentEntity && documentEntity.IsContainer) == false)
diff --git a/src/Umbraco.Web/Umbraco.Web.csproj b/src/Umbraco.Web/Umbraco.Web.csproj
index fb2ce5dfc1..5c84e65514 100644
--- a/src/Umbraco.Web/Umbraco.Web.csproj
+++ b/src/Umbraco.Web/Umbraco.Web.csproj
@@ -136,7 +136,6 @@
     <Compile Include="..\SolutionInfo.cs">
       <Link>Properties\SolutionInfo.cs</Link>
     </Compile>
-    <Compile Include="Actions\ActionNotify.cs" />
     <Compile Include="AppBuilderExtensions.cs" />
     <Compile Include="AreaRegistrationContextExtensions.cs" />
     <Compile Include="AspNetHttpContextAccessor.cs" />

From 4e6d09b6268da683f38755d6603ce1da7a9d6175 Mon Sep 17 00:00:00 2001
From: Elitsa Marinovska <elm@umbraco.dk>
Date: Mon, 20 Dec 2021 14:37:18 +0100
Subject: [PATCH 04/81] Adds a new Health Check

---
 .../Security/UmbracoApplicationUrlCheck.cs    | 101 ++++++++++++++++++
 src/Umbraco.Web/Umbraco.Web.csproj            |   1 +
 2 files changed, 102 insertions(+)
 create mode 100644 src/Umbraco.Web/HealthCheck/Checks/Security/UmbracoApplicationUrlCheck.cs

diff --git a/src/Umbraco.Web/HealthCheck/Checks/Security/UmbracoApplicationUrlCheck.cs b/src/Umbraco.Web/HealthCheck/Checks/Security/UmbracoApplicationUrlCheck.cs
new file mode 100644
index 0000000000..f5e571a86a
--- /dev/null
+++ b/src/Umbraco.Web/HealthCheck/Checks/Security/UmbracoApplicationUrlCheck.cs
@@ -0,0 +1,101 @@
+using System;
+using System.Collections.Generic;
+using Umbraco.Core;
+using Umbraco.Core.Configuration.UmbracoSettings;
+using Umbraco.Core.IO;
+using Umbraco.Core.Services;
+using Umbraco.Web.HealthCheck.Checks.Config;
+
+namespace Umbraco.Web.HealthCheck.Checks.Security
+{
+    [HealthCheck(
+        "6708CA45-E96E-40B8-A40A-0607C1CA7F28",
+        "Application URL Configuration",
+        Description = "Checks if the Umbraco application URL is configured for your site.",
+        Group = "Security")]
+    public class UmbracoApplicationUrlCheck : HealthCheck
+    {
+        private readonly ILocalizedTextService _textService;
+        private readonly IRuntimeState _runtime;
+        private readonly IUmbracoSettingsSection _settings;
+
+        private const string SetApplicationUrlAction = "setApplicationUrl";
+
+        public UmbracoApplicationUrlCheck(ILocalizedTextService textService, IRuntimeState runtime, IUmbracoSettingsSection settings)
+        {
+            _textService = textService;
+            _runtime = runtime;
+            _settings = settings;
+        }
+
+        /// <summary>
+        /// Executes the action and returns its status
+        /// </summary>
+        /// <param name="action"></param>
+        /// <returns></returns>
+        public override HealthCheckStatus ExecuteAction(HealthCheckAction action)
+        {
+            switch (action.Alias)
+            {
+                case SetApplicationUrlAction:
+                    return SetUmbracoApplicationUrl();
+                default:
+                    throw new InvalidOperationException("UmbracoApplicationUrlCheck action requested is either not executable or does not exist");
+            }
+        }
+
+        public override IEnumerable<HealthCheckStatus> GetStatus()
+        {
+            //return the statuses
+            return new[] { CheckUmbracoApplicationUrl() };
+        }
+
+        private HealthCheckStatus CheckUmbracoApplicationUrl()
+        {
+            var urlConfigured = !_settings.WebRouting.UmbracoApplicationUrl.IsNullOrWhiteSpace();
+            var actions = new List<HealthCheckAction>();
+
+            string resultMessage = _textService.Localize("healthcheck", "umbracoApplicationUrlCheckResult", new[] { urlConfigured ? string.Empty : "not" });
+            StatusResultType resultType = urlConfigured ? StatusResultType.Success : StatusResultType.Warning;
+
+            if (urlConfigured == false)
+            {
+                actions.Add(new HealthCheckAction(SetApplicationUrlAction, Id)
+                {
+                    Name = _textService.Localize("healthcheck", "umbracoApplicationUrlConfigureButton"),
+                    Description = _textService.Localize("healthcheck", "umbracoApplicationUrlConfigureDescription")
+                });
+            }
+
+            return new HealthCheckStatus(resultMessage)
+            {
+                ResultType = resultType,
+                Actions = actions
+            };
+        }
+
+        private HealthCheckStatus SetUmbracoApplicationUrl()
+        {
+            var configFilePath = IOHelper.MapPath("~/config/umbracoSettings.config");
+            const string xPath = "/settings/web.routing/@umbracoApplicationUrl";
+            var configurationService = new ConfigurationService(configFilePath, xPath, _textService);
+            var urlValue = _runtime.ApplicationUrl.ToString();
+            var updateConfigFile = configurationService.UpdateConfigFile(urlValue);
+
+            if (updateConfigFile.Success)
+            {
+                return
+                    new HealthCheckStatus(_textService.Localize("healthcheck", "umbracoApplicationUrlConfigureSuccess", new[] { urlValue }))
+                    {
+                        ResultType = StatusResultType.Success
+                    };
+            }
+
+            return
+               new HealthCheckStatus(_textService.Localize("healthcheck", "umbracoApplicationUrlConfigureError", new[] { updateConfigFile.Result }))
+               {
+                   ResultType = StatusResultType.Error
+               };
+        }
+    }
+}
diff --git a/src/Umbraco.Web/Umbraco.Web.csproj b/src/Umbraco.Web/Umbraco.Web.csproj
index 5c84e65514..89317e8f99 100644
--- a/src/Umbraco.Web/Umbraco.Web.csproj
+++ b/src/Umbraco.Web/Umbraco.Web.csproj
@@ -190,6 +190,7 @@
     <Compile Include="HealthCheck\Checks\Config\ProvidedValueValidation.cs" />
     <Compile Include="Editors\TinyMceController.cs" />
     <Compile Include="HealthCheck\Checks\Data\DatabaseIntegrityCheck.cs" />
+    <Compile Include="HealthCheck\Checks\Security\UmbracoApplicationUrlCheck.cs" />
     <Compile Include="ImageCropperTemplateCoreExtensions.cs" />
     <Compile Include="Install\InstallSteps\TelemetryIdentifierStep.cs" />
     <Compile Include="IUmbracoContextFactory.cs" />

From bcabf0599576b6397bbd7598391b2127c693c084 Mon Sep 17 00:00:00 2001
From: Elitsa Marinovska <elm@umbraco.dk>
Date: Mon, 20 Dec 2021 14:37:42 +0100
Subject: [PATCH 05/81] Adds new translation

---
 src/Umbraco.Web.UI/Umbraco/config/lang/en.xml    | 5 +++++
 src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/src/Umbraco.Web.UI/Umbraco/config/lang/en.xml b/src/Umbraco.Web.UI/Umbraco/config/lang/en.xml
index ef63b4f292..8b16c80a25 100644
--- a/src/Umbraco.Web.UI/Umbraco/config/lang/en.xml
+++ b/src/Umbraco.Web.UI/Umbraco/config/lang/en.xml
@@ -2182,6 +2182,11 @@ To manage your website, simply open the Umbraco backoffice and start adding cont
     <!-- The following keys get these tokens passed in:
 	    0: Comma delimitted list of failed folder paths
   	-->
+    <key alias="umbracoApplicationUrlCheckResult">The 'umbracoApplicationUrl' option is %0% set in your umbracoSettings.config file.</key>
+    <key alias="umbracoApplicationUrlConfigureButton">Set Umbraco application URL in Config</key>
+    <key alias="umbracoApplicationUrlConfigureDescription">Adds a value to the 'umbracoApplicationUrl' option of umbracoSettings.config to prevent configuring insecure endpoint as the hostname of your Umbraco application.</key>
+    <key alias="umbracoApplicationUrlConfigureSuccess"><![CDATA[The value of 'umbracoApplicationUrl' is now set to <strong>%0%</strong> in your umbracoSettings.config file.]]></key>
+    <key alias="umbracoApplicationUrlConfigureError">Could not update the value of 'umbracoApplicationUrl' option in your umbracoSettings.config file. Error: %0%</key>
     <key alias="requiredFilePermissionFailed"><![CDATA[The following files must be set up with write permissions but could not be acccessed: <strong>%0%</strong>.]]></key>
     <key alias="optionalFilePermissionFailed"><![CDATA[The following files must be set up with write permissions for certain Umbraco operations to function but could not be acccessed: <strong>%0%</strong>. If they aren't being written to no action need be taken.]]></key>
     <key alias="clickJackingCheckHeaderFound"><![CDATA[The header or meta-tag <strong>X-Frame-Options</strong> used to control whether a site can be IFRAMEd by another was found.]]></key>
diff --git a/src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml b/src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml
index e0560ec507..9ce74e904b 100644
--- a/src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml
+++ b/src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml
@@ -2219,6 +2219,11 @@ To manage your website, simply open the Umbraco backoffice and start adding cont
     <!-- The following keys get these tokens passed in:
 	    0: Comma delimitted list of failed folder paths
   	-->
+    <key alias="umbracoApplicationUrlCheckResult">The 'umbracoApplicationUrl' option is %0% set in your umbracoSettings.config file.</key>
+    <key alias="umbracoApplicationUrlConfigureButton">Set Umbraco application URL in Config</key>
+    <key alias="umbracoApplicationUrlConfigureDescription">Adds a value to the 'umbracoApplicationUrl' option of umbracoSettings.config to prevent configuring insecure endpoint as the hostname of your Umbraco application.</key>
+    <key alias="umbracoApplicationUrlConfigureSuccess"><![CDATA[The value of 'umbracoApplicationUrl' is now set to <strong>%0%</strong> in your umbracoSettings.config file.]]></key>
+    <key alias="umbracoApplicationUrlConfigureError">Could not update the value of 'umbracoApplicationUrl' option in your umbracoSettings.config file. Error: %0%</key>
     <key alias="requiredFilePermissionFailed"><![CDATA[The following files must be set up with write permissions but could not be acccessed: <strong>%0%</strong>.]]></key>
     <key alias="optionalFilePermissionFailed"><![CDATA[The following files must be set up with write permissions for certain Umbraco operations to function but could not be acccessed: <strong>%0%</strong>. If they aren't being written to no action need be taken.]]></key>
     <key alias="clickJackingCheckHeaderFound"><![CDATA[The header or meta-tag <strong>X-Frame-Options</strong> used to control whether a site can be IFRAMEd by another was found.]]></key>

From 68fdf6521e3caf8ef9d5dc3073ccf36d0c295a17 Mon Sep 17 00:00:00 2001
From: Elitsa Marinovska <elm@umbraco.dk>
Date: Mon, 20 Dec 2021 15:21:12 +0100
Subject: [PATCH 06/81] Being more descriptive

---
 src/Umbraco.Web.UI/Umbraco/config/lang/en.xml  |  3 ++-
 .../Umbraco/config/lang/en_us.xml              |  3 ++-
 .../Security/UmbracoApplicationUrlCheck.cs     | 18 +++++++++++++-----
 3 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/src/Umbraco.Web.UI/Umbraco/config/lang/en.xml b/src/Umbraco.Web.UI/Umbraco/config/lang/en.xml
index 8b16c80a25..2b62c6ba21 100644
--- a/src/Umbraco.Web.UI/Umbraco/config/lang/en.xml
+++ b/src/Umbraco.Web.UI/Umbraco/config/lang/en.xml
@@ -2182,7 +2182,8 @@ To manage your website, simply open the Umbraco backoffice and start adding cont
     <!-- The following keys get these tokens passed in:
 	    0: Comma delimitted list of failed folder paths
   	-->
-    <key alias="umbracoApplicationUrlCheckResult">The 'umbracoApplicationUrl' option is %0% set in your umbracoSettings.config file.</key>
+    <key alias="umbracoApplicationUrlCheckResultTrue"><![CDATA[The 'umbracoApplicationUrl' option is set to <strong>%0%</strong> in your umbracoSettings.config file.]]></key>
+    <key alias="umbracoApplicationUrlCheckResultFalse">The 'umbracoApplicationUrl' option is not set in your umbracoSettings.config file.</key>
     <key alias="umbracoApplicationUrlConfigureButton">Set Umbraco application URL in Config</key>
     <key alias="umbracoApplicationUrlConfigureDescription">Adds a value to the 'umbracoApplicationUrl' option of umbracoSettings.config to prevent configuring insecure endpoint as the hostname of your Umbraco application.</key>
     <key alias="umbracoApplicationUrlConfigureSuccess"><![CDATA[The value of 'umbracoApplicationUrl' is now set to <strong>%0%</strong> in your umbracoSettings.config file.]]></key>
diff --git a/src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml b/src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml
index 9ce74e904b..79121d015d 100644
--- a/src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml
+++ b/src/Umbraco.Web.UI/Umbraco/config/lang/en_us.xml
@@ -2219,7 +2219,8 @@ To manage your website, simply open the Umbraco backoffice and start adding cont
     <!-- The following keys get these tokens passed in:
 	    0: Comma delimitted list of failed folder paths
   	-->
-    <key alias="umbracoApplicationUrlCheckResult">The 'umbracoApplicationUrl' option is %0% set in your umbracoSettings.config file.</key>
+    <key alias="umbracoApplicationUrlCheckResultTrue"><![CDATA[The 'umbracoApplicationUrl' option is set to <strong>%0%</strong> in your umbracoSettings.config file.]]></key>
+    <key alias="umbracoApplicationUrlCheckResultFalse">The 'umbracoApplicationUrl' option is not set in your umbracoSettings.config file.</key>
     <key alias="umbracoApplicationUrlConfigureButton">Set Umbraco application URL in Config</key>
     <key alias="umbracoApplicationUrlConfigureDescription">Adds a value to the 'umbracoApplicationUrl' option of umbracoSettings.config to prevent configuring insecure endpoint as the hostname of your Umbraco application.</key>
     <key alias="umbracoApplicationUrlConfigureSuccess"><![CDATA[The value of 'umbracoApplicationUrl' is now set to <strong>%0%</strong> in your umbracoSettings.config file.]]></key>
diff --git a/src/Umbraco.Web/HealthCheck/Checks/Security/UmbracoApplicationUrlCheck.cs b/src/Umbraco.Web/HealthCheck/Checks/Security/UmbracoApplicationUrlCheck.cs
index f5e571a86a..bc14f43235 100644
--- a/src/Umbraco.Web/HealthCheck/Checks/Security/UmbracoApplicationUrlCheck.cs
+++ b/src/Umbraco.Web/HealthCheck/Checks/Security/UmbracoApplicationUrlCheck.cs
@@ -52,20 +52,28 @@ namespace Umbraco.Web.HealthCheck.Checks.Security
 
         private HealthCheckStatus CheckUmbracoApplicationUrl()
         {
-            var urlConfigured = !_settings.WebRouting.UmbracoApplicationUrl.IsNullOrWhiteSpace();
+            var url = _settings.WebRouting.UmbracoApplicationUrl;
+
+            string resultMessage;
+            StatusResultType resultType;
             var actions = new List<HealthCheckAction>();
 
-            string resultMessage = _textService.Localize("healthcheck", "umbracoApplicationUrlCheckResult", new[] { urlConfigured ? string.Empty : "not" });
-            StatusResultType resultType = urlConfigured ? StatusResultType.Success : StatusResultType.Warning;
-
-            if (urlConfigured == false)
+            if (url.IsNullOrWhiteSpace())
             {
+                resultMessage = _textService.Localize("healthcheck", "umbracoApplicationUrlCheckResultFalse");
+                resultType = StatusResultType.Warning;
+
                 actions.Add(new HealthCheckAction(SetApplicationUrlAction, Id)
                 {
                     Name = _textService.Localize("healthcheck", "umbracoApplicationUrlConfigureButton"),
                     Description = _textService.Localize("healthcheck", "umbracoApplicationUrlConfigureDescription")
                 });
             }
+            else
+            {
+                resultMessage = _textService.Localize("healthcheck", "umbracoApplicationUrlCheckResultTrue", new[] { url });
+                resultType = StatusResultType.Success;
+            }
 
             return new HealthCheckStatus(resultMessage)
             {

From 7a5f72b5eb0b5b2bf8ec40ddad3060263b2dc4da Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Tue, 21 Dec 2021 07:23:08 +0100
Subject: [PATCH 07/81] Use current request for emails (#11775)

* Use current request for emails

* Fix tests
---
 src/Umbraco.Core/Sync/ApplicationUrlHelper.cs | 17 ++++++++++
 .../AuthenticationControllerTests.cs          |  4 ++-
 .../Web/Controllers/UsersControllerTests.cs   | 13 ++++---
 .../Editors/AuthenticationController.cs       | 19 +++++++++--
 src/Umbraco.Web/Editors/UsersController.cs    | 34 +++++++++++++------
 5 files changed, 69 insertions(+), 18 deletions(-)

diff --git a/src/Umbraco.Core/Sync/ApplicationUrlHelper.cs b/src/Umbraco.Core/Sync/ApplicationUrlHelper.cs
index 52af734f1c..d934e24575 100644
--- a/src/Umbraco.Core/Sync/ApplicationUrlHelper.cs
+++ b/src/Umbraco.Core/Sync/ApplicationUrlHelper.cs
@@ -102,5 +102,22 @@ namespace Umbraco.Core.Sync
 
             return url.TrimEnd(Constants.CharArrays.ForwardSlash);
         }
+
+        /// <summary>
+        /// Will get the application URL from configuration, if none is specified will fall back to URL from request.
+        /// </summary>
+        /// <param name="request"></param>
+        /// <param name="umbracoSettingsSection"></param>
+        /// <param name="globalSettings"></param>
+        /// <returns></returns>
+        public static Uri GetApplicationUriUncached(
+            HttpRequestBase request,
+            IUmbracoSettingsSection umbracoSettingsSection)
+        {
+            var settingUrl = umbracoSettingsSection.WebRouting.UmbracoApplicationUrl;
+            return string.IsNullOrEmpty(settingUrl)
+                ? new Uri(request.Url, IOHelper.ResolveUrl(SystemDirectories.Umbraco))
+                : new Uri(settingUrl);
+        }
     }
 }
diff --git a/src/Umbraco.Tests/Web/Controllers/AuthenticationControllerTests.cs b/src/Umbraco.Tests/Web/Controllers/AuthenticationControllerTests.cs
index 3d264663b5..9bd9ee73ed 100644
--- a/src/Umbraco.Tests/Web/Controllers/AuthenticationControllerTests.cs
+++ b/src/Umbraco.Tests/Web/Controllers/AuthenticationControllerTests.cs
@@ -16,6 +16,7 @@ using Umbraco.Core;
 using Umbraco.Core.Cache;
 using Umbraco.Core.Composing;
 using Umbraco.Core.Configuration;
+using Umbraco.Core.Configuration.UmbracoSettings;
 using Umbraco.Core.IO;
 using Umbraco.Core.Logging;
 using Umbraco.Core.Persistence;
@@ -82,7 +83,8 @@ namespace Umbraco.Tests.Web.Controllers
                     Factory.GetInstance<AppCaches>(),
                     Factory.GetInstance<IProfilingLogger>(),
                     Factory.GetInstance<IRuntimeState>(),
-                    helper);
+                    helper,
+                    Factory.GetInstance<IUmbracoSettingsSection>());
                 return usersController;
             }
 
diff --git a/src/Umbraco.Tests/Web/Controllers/UsersControllerTests.cs b/src/Umbraco.Tests/Web/Controllers/UsersControllerTests.cs
index 85dd303432..b9289c1392 100644
--- a/src/Umbraco.Tests/Web/Controllers/UsersControllerTests.cs
+++ b/src/Umbraco.Tests/Web/Controllers/UsersControllerTests.cs
@@ -14,6 +14,7 @@ using Umbraco.Core;
 using Umbraco.Core.Cache;
 using Umbraco.Core.Composing;
 using Umbraco.Core.Configuration;
+using Umbraco.Core.Configuration.UmbracoSettings;
 using Umbraco.Core.Logging;
 using Umbraco.Core.Models;
 using Umbraco.Core.Models.Membership;
@@ -84,7 +85,8 @@ namespace Umbraco.Tests.Web.Controllers
                     Factory.GetInstance<AppCaches>(),
                     Factory.GetInstance<IProfilingLogger>(),
                     Factory.GetInstance<IRuntimeState>(),
-                    helper);
+                    helper,
+                    Factory.GetInstance<IUmbracoSettingsSection>());
                 return usersController;
             }
 
@@ -148,7 +150,8 @@ namespace Umbraco.Tests.Web.Controllers
                     Factory.GetInstance<AppCaches>(),
                     Factory.GetInstance<IProfilingLogger>(),
                     Factory.GetInstance<IRuntimeState>(),
-                    helper);
+                    helper,
+                    Factory.GetInstance<IUmbracoSettingsSection>());
                 return usersController;
             }
 
@@ -183,7 +186,8 @@ namespace Umbraco.Tests.Web.Controllers
                     Factory.GetInstance<AppCaches>(),
                     Factory.GetInstance<IProfilingLogger>(),
                     Factory.GetInstance<IRuntimeState>(),
-                    helper);
+                    helper,
+                    Factory.GetInstance<IUmbracoSettingsSection>());
                 return usersController;
             }
 
@@ -253,7 +257,8 @@ namespace Umbraco.Tests.Web.Controllers
                     Factory.GetInstance<AppCaches>(),
                     Factory.GetInstance<IProfilingLogger>(),
                     Factory.GetInstance<IRuntimeState>(),
-                    helper);
+                    helper,
+                    Factory.GetInstance<IUmbracoSettingsSection>());
                 return usersController;
             }
 
diff --git a/src/Umbraco.Web/Editors/AuthenticationController.cs b/src/Umbraco.Web/Editors/AuthenticationController.cs
index 3ecc6b64a4..54612377e0 100644
--- a/src/Umbraco.Web/Editors/AuthenticationController.cs
+++ b/src/Umbraco.Web/Editors/AuthenticationController.cs
@@ -27,6 +27,8 @@ using Umbraco.Web.Composing;
 using IUser = Umbraco.Core.Models.Membership.IUser;
 using Umbraco.Web.Editors.Filters;
 using Microsoft.Owin.Security;
+using Umbraco.Core.Configuration.UmbracoSettings;
+using Umbraco.Core.Sync;
 
 namespace Umbraco.Web.Editors
 {
@@ -40,12 +42,23 @@ namespace Umbraco.Web.Editors
     [DisableBrowserCache]
     public class AuthenticationController : UmbracoApiController
     {
+        private readonly IUmbracoSettingsSection _umbracoSettingsSection;
         private BackOfficeUserManager<BackOfficeIdentityUser> _userManager;
         private BackOfficeSignInManager _signInManager;
 
-        public AuthenticationController(IGlobalSettings globalSettings, IUmbracoContextAccessor umbracoContextAccessor, ISqlContext sqlContext, ServiceContext services, AppCaches appCaches, IProfilingLogger logger, IRuntimeState runtimeState, UmbracoHelper umbracoHelper)
+        public AuthenticationController(
+            IGlobalSettings globalSettings,
+            IUmbracoContextAccessor umbracoContextAccessor,
+            ISqlContext sqlContext,
+            ServiceContext services,
+            AppCaches appCaches,
+            IProfilingLogger logger,
+            IRuntimeState runtimeState,
+            UmbracoHelper umbracoHelper,
+            IUmbracoSettingsSection umbracoSettingsSection)
             : base(globalSettings, umbracoContextAccessor, sqlContext, services, appCaches, logger, runtimeState, umbracoHelper, Current.Mapper)
         {
+            _umbracoSettingsSection = umbracoSettingsSection;
         }
 
         protected BackOfficeUserManager<BackOfficeIdentityUser> UserManager => _userManager
@@ -552,8 +565,8 @@ namespace Umbraco.Web.Editors
                     r = code
                 });
 
-            // Construct full URL using configured application URL (which will fall back to request)
-            var applicationUri = Current.RuntimeState.ApplicationUrl;
+            // Construct full URL using configured application URL (which will fall back to current request)
+            var applicationUri = ApplicationUrlHelper.GetApplicationUriUncached(http.Request, _umbracoSettingsSection);
             var callbackUri = new Uri(applicationUri, action);
             return callbackUri.ToString();
         }
diff --git a/src/Umbraco.Web/Editors/UsersController.cs b/src/Umbraco.Web/Editors/UsersController.cs
index dda0dfc933..4bfd72854f 100644
--- a/src/Umbraco.Web/Editors/UsersController.cs
+++ b/src/Umbraco.Web/Editors/UsersController.cs
@@ -17,6 +17,7 @@ using Umbraco.Core;
 using Umbraco.Core.Cache;
 using Umbraco.Core.Composing;
 using Umbraco.Core.Configuration;
+using Umbraco.Core.Configuration.UmbracoSettings;
 using Umbraco.Core.IO;
 using Umbraco.Core.Logging;
 using Umbraco.Core.Models;
@@ -27,6 +28,7 @@ using Umbraco.Core.Persistence;
 using Umbraco.Core.Persistence.DatabaseModelDefinitions;
 using Umbraco.Core.Security;
 using Umbraco.Core.Services;
+using Umbraco.Core.Sync;
 using Umbraco.Web.Editors.Filters;
 using Umbraco.Web.Models;
 using Umbraco.Web.Models.ContentEditing;
@@ -46,9 +48,21 @@ namespace Umbraco.Web.Editors
     [IsCurrentUserModelFilter]
     public class UsersController : UmbracoAuthorizedJsonController
     {
-        public UsersController(IGlobalSettings globalSettings, IUmbracoContextAccessor umbracoContextAccessor, ISqlContext sqlContext, ServiceContext services, AppCaches appCaches, IProfilingLogger logger, IRuntimeState runtimeState, UmbracoHelper umbracoHelper)
+        private readonly IUmbracoSettingsSection _umbracoSettingsSection;
+
+        public UsersController(
+            IGlobalSettings globalSettings,
+            IUmbracoContextAccessor umbracoContextAccessor,
+            ISqlContext sqlContext,
+            ServiceContext services,
+            AppCaches appCaches,
+            IProfilingLogger logger,
+            IRuntimeState runtimeState,
+            UmbracoHelper umbracoHelper,
+            IUmbracoSettingsSection umbracoSettingsSection)
             : base(globalSettings, umbracoContextAccessor, sqlContext, services, appCaches, logger, runtimeState, umbracoHelper)
         {
+            _umbracoSettingsSection = umbracoSettingsSection;
         }
 
         /// <summary>
@@ -390,7 +404,7 @@ namespace Umbraco.Web.Editors
             user = CheckUniqueEmail(userSave.Email, u => u.LastLoginDate != default || u.EmailConfirmedDate.HasValue);
 
             var userMgr = TryGetOwinContext().Result.GetBackOfficeUserManager();
-            
+
             if (!EmailSender.CanSendRequiredEmail && !userMgr.HasSendingUserInviteEventHandler)
             {
                 throw new HttpResponseException(
@@ -462,12 +476,12 @@ namespace Umbraco.Web.Editors
                         Email = userSave.Email,
                         Username = userSave.Username
                     };
-                }                
+                }
             }
             else
             {
                 //send the email
-                await SendUserInviteEmailAsync(display, Security.CurrentUser.Name, Security.CurrentUser.Email, user, userSave.Message);                
+                await SendUserInviteEmailAsync(display, Security.CurrentUser.Name, Security.CurrentUser.Email, user, userSave.Message);
             }
 
             display.AddSuccessNotification(Services.TextService.Localize("speechBubbles", "resendInviteHeader"), Services.TextService.Localize("speechBubbles", "resendInviteSuccess", new[] { user.Name }));
@@ -525,9 +539,9 @@ namespace Umbraco.Web.Editors
                     invite = inviteToken
                 });
 
-            // Construct full URL using configured application URL (which will fall back to request)
-            var applicationUri = RuntimeState.ApplicationUrl;
-            var inviteUri = new Uri(applicationUri, action);
+            // Construct full URL will use the value in settings if specified, otherwise will use the current request URL
+            var requestUrl = ApplicationUrlHelper.GetApplicationUriUncached(http.Request, _umbracoSettingsSection);
+            var inviteUri = new Uri(requestUrl, action);
 
             var emailSubject = Services.TextService.Localize("user", "inviteEmailCopySubject",
                 //Ensure the culture of the found user is used for the email!
@@ -622,7 +636,7 @@ namespace Umbraco.Web.Editors
             if (Current.Configs.Settings().Security.UsernameIsEmail && found.Username == found.Email && userSave.Username != userSave.Email)
             {
                 userSave.Username = userSave.Email;
-            }          
+            }
 
             if (hasErrors)
                 throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState));
@@ -647,13 +661,13 @@ namespace Umbraco.Web.Editors
         }
 
         /// <summary>
-        /// 
+        ///
         /// </summary>
         /// <param name="changingPasswordModel"></param>
         /// <returns></returns>
         public async Task<ModelWithNotifications<string>> PostChangePassword(ChangingPasswordModel changingPasswordModel)
         {
-            changingPasswordModel = changingPasswordModel ?? throw new ArgumentNullException(nameof(changingPasswordModel));            
+            changingPasswordModel = changingPasswordModel ?? throw new ArgumentNullException(nameof(changingPasswordModel));
 
             if (ModelState.IsValid == false)
             {

From 421faf8d43237d93bfc9e2a77b64b902126998ae Mon Sep 17 00:00:00 2001
From: Nikolaj Geisle <70372949+Zeegaan@users.noreply.github.com>
Date: Mon, 3 Jan 2022 15:07:44 +0100
Subject: [PATCH 08/81] Fix assignDomain to handle case sensitive operating
 systems (#11784)

---
 src/Umbraco.Core/Actions/ActionAssignDomain.cs   | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/cs.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/cy.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/da.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/de.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/en.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/es.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/fr.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/he.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/it.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/ja.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/ko.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/nb.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/nl.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/pl.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/pt.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/ru.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/sv.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/tr.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/zh.xml    | 2 +-
 src/Umbraco.Web.UI/umbraco/config/lang/zh_tw.xml | 2 +-
 22 files changed, 22 insertions(+), 22 deletions(-)

diff --git a/src/Umbraco.Core/Actions/ActionAssignDomain.cs b/src/Umbraco.Core/Actions/ActionAssignDomain.cs
index e03e2de81c..6340a03082 100644
--- a/src/Umbraco.Core/Actions/ActionAssignDomain.cs
+++ b/src/Umbraco.Core/Actions/ActionAssignDomain.cs
@@ -8,7 +8,7 @@
         public const char ActionLetter = 'I';
 
         public char Letter => ActionLetter;
-        public string Alias => "assignDomain";
+        public string Alias => "assigndomain";
         public string Category => Constants.Conventions.PermissionCategories.AdministrationCategory;
         public string Icon => "home";
         public bool ShowInNotifier => false;
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/cs.xml b/src/Umbraco.Web.UI/umbraco/config/lang/cs.xml
index af701cd5e3..a90aa33355 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/cs.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/cs.xml
@@ -60,7 +60,7 @@
     <key alias="other">Ostatní</key>
   </area>
   <area alias="actionDescriptions">
-    <key alias="assignDomain">Povolit přístup k přiřazování kultury a názvů hostitelů</key>
+    <key alias="assigndomain">Povolit přístup k přiřazování kultury a názvů hostitelů</key>
     <key alias="auditTrail">Povolit přístup k zobrazení protokolu historie uzlu</key>
     <key alias="browse">Povolit přístup k zobrazení uzlu</key>
     <key alias="changeDocType">Povolit přístup ke změně typu dokumentu daného uzlu</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/cy.xml b/src/Umbraco.Web.UI/umbraco/config/lang/cy.xml
index 0692d01e7a..60ff3ffdb1 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/cy.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/cy.xml
@@ -5,7 +5,7 @@
     <link>https://www.method4.co.uk/</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">Diwylliannau ac Enwau Gwesteia</key>
+    <key alias="assigndomain">Diwylliannau ac Enwau Gwesteia</key>
     <key alias="auditTrail">Trywydd Archwilio</key>
     <key alias="browse">Dewis Nod</key>
     <key alias="changeDocType">Newid Math o Ddogfen</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/da.xml b/src/Umbraco.Web.UI/umbraco/config/lang/da.xml
index 27901846a9..1f6dcff88f 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/da.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/da.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">Tilføj domæne</key>
+    <key alias="assigndomain">Tilføj domæne</key>
     <key alias="auditTrail">Revisionsspor</key>
     <key alias="browse">Gennemse elementer</key>
     <key alias="changeDocType">Skift Dokument Type</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/de.xml b/src/Umbraco.Web.UI/umbraco/config/lang/de.xml
index 8f2ba350d0..0cabf29497 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/de.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/de.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">Kulturen und Hostnamen</key>
+    <key alias="assigndomain">Kulturen und Hostnamen</key>
     <key alias="auditTrail">Protokoll</key>
     <key alias="browse">Durchsuchen</key>
     <key alias="changeDocType">Dokumenttyp ändern</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/en.xml b/src/Umbraco.Web.UI/umbraco/config/lang/en.xml
index 4411209cd5..47c104b822 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/en.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/en.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">Culture and Hostnames</key>
+    <key alias="assigndomain">Culture and Hostnames</key>
     <key alias="auditTrail">Audit Trail</key>
     <key alias="browse">Browse Node</key>
     <key alias="changeDocType">Change Document Type</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml b/src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml
index 5a17eafbb2..e4d2784c8c 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">Culture and Hostnames</key>
+    <key alias="assigndomain">Culture and Hostnames</key>
     <key alias="auditTrail">Audit Trail</key>
     <key alias="browse">Browse Node</key>
     <key alias="changeDocType">Change Document Type</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/es.xml b/src/Umbraco.Web.UI/umbraco/config/lang/es.xml
index df78683aca..d99548f5c5 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/es.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/es.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">Administrar dominios</key>
+    <key alias="assigndomain">Administrar dominios</key>
     <key alias="auditTrail">Historial</key>
     <key alias="browse">Nodo de Exploración</key>
     <key alias="changeDocType">Cambiar tipo de documento</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/fr.xml b/src/Umbraco.Web.UI/umbraco/config/lang/fr.xml
index 4681818c47..68dc28c99b 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/fr.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/fr.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">Culture et noms d'hôte</key>
+    <key alias="assigndomain">Culture et noms d'hôte</key>
     <key alias="auditTrail">Informations d'audit</key>
     <key alias="browse">Parcourir</key>
     <key alias="changeDocType">Changer le type de document</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/he.xml b/src/Umbraco.Web.UI/umbraco/config/lang/he.xml
index 9ee8bbf014..b99890282e 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/he.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/he.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">נהל שמות מתחם</key>
+    <key alias="assigndomain">נהל שמות מתחם</key>
     <key alias="auditTrail">מעקב ביקורות</key>
     <key alias="browse">צפה בתוכן</key>
     <key alias="copy">העתק</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/it.xml b/src/Umbraco.Web.UI/umbraco/config/lang/it.xml
index a0d89bff2d..7e20c0b266 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/it.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/it.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">Gestisci hostnames</key>
+    <key alias="assigndomain">Gestisci hostnames</key>
     <key alias="auditTrail">Audit Trail</key>
     <key alias="browse">Sfoglia</key>
     <key alias="changeDocType">Cambia tipo di documento</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/ja.xml b/src/Umbraco.Web.UI/umbraco/config/lang/ja.xml
index 4b98adad26..142f7d055b 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/ja.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/ja.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">ドメインの割り当て</key>
+    <key alias="assigndomain">ドメインの割り当て</key>
     <key alias="auditTrail">動作記録</key>
     <key alias="browse">ノードの参照</key>
     <key alias="changeDocType">ドキュメントタイプの変更</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/ko.xml b/src/Umbraco.Web.UI/umbraco/config/lang/ko.xml
index 792dd6700c..c340f3f30a 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/ko.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/ko.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">호스트명 관리</key>
+    <key alias="assigndomain">호스트명 관리</key>
     <key alias="auditTrail">감사 추적</key>
     <key alias="browse">노드 탐색</key>
     <key alias="copy">복사</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/nb.xml b/src/Umbraco.Web.UI/umbraco/config/lang/nb.xml
index 1c47969189..44fad5d2ec 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/nb.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/nb.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">Angi domene</key>
+    <key alias="assigndomain">Angi domene</key>
     <key alias="auditTrail">Revisjoner</key>
     <key alias="browse">Bla gjennom</key>
     <key alias="changeDocType">Skift dokumenttype</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/nl.xml b/src/Umbraco.Web.UI/umbraco/config/lang/nl.xml
index f830c3368d..0c24b119c9 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/nl.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/nl.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">Beheer domeinnamen</key>
+    <key alias="assigndomain">Beheer domeinnamen</key>
     <key alias="auditTrail">Documentgeschiedenis</key>
     <key alias="browse">Node bekijken</key>
     <key alias="changeDocType">Documenttype wijzigen</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/pl.xml b/src/Umbraco.Web.UI/umbraco/config/lang/pl.xml
index dfbc324df6..712b695f77 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/pl.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/pl.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">Zarządzanie hostami</key>
+    <key alias="assigndomain">Zarządzanie hostami</key>
     <key alias="auditTrail">Historia zmian</key>
     <key alias="browse">Przeglądaj węzeł</key>
     <key alias="changeDocType">Zmień typ dokumentu</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/pt.xml b/src/Umbraco.Web.UI/umbraco/config/lang/pt.xml
index 542b03abc1..eac232e851 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/pt.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/pt.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">Gerenciar hostnames</key>
+    <key alias="assigndomain">Gerenciar hostnames</key>
     <key alias="auditTrail">Caminho de Auditoria</key>
     <key alias="browse">Navegar o Nó</key>
     <key alias="copy">Copiar</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/ru.xml b/src/Umbraco.Web.UI/umbraco/config/lang/ru.xml
index 9c1d9e12fb..5c18fbc682 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/ru.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/ru.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">Языки и домены</key>
+    <key alias="assigndomain">Языки и домены</key>
     <key alias="auditTrail">История исправлений</key>
     <key alias="browse">Просмотреть</key>
     <key alias="changeDocType">Изменить тип документа</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/sv.xml b/src/Umbraco.Web.UI/umbraco/config/lang/sv.xml
index e0e2235ae9..dda58366d8 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/sv.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/sv.xml
@@ -8,7 +8,7 @@
     <key alias="umbContent">Innehåll</key>
   </area>
   <area alias="actions">
-    <key alias="assignDomain">Hantera domännamn</key>
+    <key alias="assigndomain">Hantera domännamn</key>
     <key alias="auditTrail">Hantera versioner</key>
     <key alias="browse">Surfa på sidan</key>
     <key alias="changeDocType">Ändra dokumenttyp</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/tr.xml b/src/Umbraco.Web.UI/umbraco/config/lang/tr.xml
index 58c0f7f94b..66d097b1e9 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/tr.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/tr.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">Kültür ve Ana Bilgisayar Adları</key>
+    <key alias="assigndomain">Kültür ve Ana Bilgisayar Adları</key>
     <key alias="auditTrail">Denetim Yolu</key>
     <key alias="browse">Düğüme Göz At</key>
     <key alias="changeDocType">Belge Türünü Değiştir</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/zh.xml b/src/Umbraco.Web.UI/umbraco/config/lang/zh.xml
index ba51488f9f..8c78154b62 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/zh.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/zh.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">管理主机名</key>
+    <key alias="assigndomain">管理主机名</key>
     <key alias="auditTrail">跟踪审计</key>
     <key alias="browse">浏览节点</key>
     <key alias="changeDocType">改变文档类型</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/zh_tw.xml b/src/Umbraco.Web.UI/umbraco/config/lang/zh_tw.xml
index 8d5cf16de2..992a7ba55b 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/zh_tw.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/zh_tw.xml
@@ -5,7 +5,7 @@
     <link>https://our.umbraco.com/documentation/Extending-Umbraco/Language-Files</link>
   </creator>
   <area alias="actions">
-    <key alias="assignDomain">管理主機名稱</key>
+    <key alias="assigndomain">管理主機名稱</key>
     <key alias="auditTrail">跟蹤審計</key>
     <key alias="browse">流覽節點</key>
     <key alias="changeDocType">改變文檔類型</key>

From bbfa975096adf2f10bfdc7c661f316f934dfc602 Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Mon, 3 Jan 2022 15:36:52 +0100
Subject: [PATCH 09/81] Bump versions to non-rc

---
 build/templates/UmbracoPackage/.template.config/template.json | 2 +-
 build/templates/UmbracoProject/.template.config/template.json | 2 +-
 src/Directory.Build.props                                     | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/build/templates/UmbracoPackage/.template.config/template.json b/build/templates/UmbracoPackage/.template.config/template.json
index b69b63dd1c..6a6f0fb9ab 100644
--- a/build/templates/UmbracoPackage/.template.config/template.json
+++ b/build/templates/UmbracoPackage/.template.config/template.json
@@ -24,7 +24,7 @@
         "version": {
             "type": "parameter",
             "datatype": "string",
-            "defaultValue": "9.2.0-rc",
+            "defaultValue": "9.2.0",
             "description": "The version of Umbraco to load using NuGet",
             "replaces": "UMBRACO_VERSION_FROM_TEMPLATE"
         },
diff --git a/build/templates/UmbracoProject/.template.config/template.json b/build/templates/UmbracoProject/.template.config/template.json
index 6ec0babd70..d3c3d1a79f 100644
--- a/build/templates/UmbracoProject/.template.config/template.json
+++ b/build/templates/UmbracoProject/.template.config/template.json
@@ -57,7 +57,7 @@
         "version": {
             "type": "parameter",
             "datatype": "string",
-            "defaultValue": "9.2.0-rc",
+            "defaultValue": "9.2.0",
             "description": "The version of Umbraco to load using NuGet",
             "replaces": "UMBRACO_VERSION_FROM_TEMPLATE"
         },
diff --git a/src/Directory.Build.props b/src/Directory.Build.props
index fed70283e7..8d923733fa 100644
--- a/src/Directory.Build.props
+++ b/src/Directory.Build.props
@@ -5,7 +5,7 @@
   <PropertyGroup>
     <Version>9.2.0</Version>
     <AssemblyVersion>9.2.0</AssemblyVersion>
-    <InformationalVersion>9.2.0-rc</InformationalVersion>
+    <InformationalVersion>9.2.0</InformationalVersion>
     <FileVersion>9.2.0</FileVersion>
     <LangVersion Condition="'$(LangVersion)' == ''">9.0</LangVersion>
     <NeutralLanguage>en-US</NeutralLanguage>

From 65c0d8fceca475d8a77ffb9289c4217b2bfeb3a6 Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Tue, 21 Dec 2021 12:48:35 +0100
Subject: [PATCH 10/81] V9: Use current request for emails (#11778)

* Use request url for email

* Fixed potential null ref exceptions

Co-authored-by: Bjarke Berg <mail@bergmania.dk>
---
 .../Controllers/AuthenticationController.cs   | 56 ++++++++++-
 .../Controllers/UsersController.cs            | 92 ++++++++++++++++---
 .../Extensions/HttpRequestExtensions.cs       | 31 ++++++-
 3 files changed, 160 insertions(+), 19 deletions(-)

diff --git a/src/Umbraco.Web.BackOffice/Controllers/AuthenticationController.cs b/src/Umbraco.Web.BackOffice/Controllers/AuthenticationController.cs
index f159011d80..30ad3f75ae 100644
--- a/src/Umbraco.Web.BackOffice/Controllers/AuthenticationController.cs
+++ b/src/Umbraco.Web.BackOffice/Controllers/AuthenticationController.cs
@@ -9,6 +9,7 @@ using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Routing;
+using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using Umbraco.Cms.Core;
@@ -29,6 +30,7 @@ using Umbraco.Cms.Web.Common.ActionsResults;
 using Umbraco.Cms.Web.Common.Attributes;
 using Umbraco.Cms.Web.Common.Authorization;
 using Umbraco.Cms.Web.Common.Controllers;
+using Umbraco.Cms.Web.Common.DependencyInjection;
 using Umbraco.Cms.Web.Common.Filters;
 using Umbraco.Cms.Web.Common.Models;
 using Umbraco.Extensions;
@@ -71,9 +73,11 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
         private readonly LinkGenerator _linkGenerator;
         private readonly IBackOfficeExternalLoginProviders _externalAuthenticationOptions;
         private readonly IBackOfficeTwoFactorOptions _backOfficeTwoFactorOptions;
+        private readonly IHttpContextAccessor _httpContextAccessor;
+        private readonly WebRoutingSettings _webRoutingSettings;
 
         // TODO: We need to review all _userManager.Raise calls since many/most should be on the usermanager or signinmanager, very few should be here
-
+        [ActivatorUtilitiesConstructor]
         public AuthenticationController(
             IBackOfficeSecurityAccessor backofficeSecurityAccessor,
             IBackOfficeUserManager backOfficeUserManager,
@@ -91,7 +95,9 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
             IHostingEnvironment hostingEnvironment,
             LinkGenerator linkGenerator,
             IBackOfficeExternalLoginProviders externalAuthenticationOptions,
-            IBackOfficeTwoFactorOptions backOfficeTwoFactorOptions)
+            IBackOfficeTwoFactorOptions backOfficeTwoFactorOptions,
+            IHttpContextAccessor httpContextAccessor,
+            IOptions<WebRoutingSettings> webRoutingSettings)
         {
             _backofficeSecurityAccessor = backofficeSecurityAccessor;
             _userManager = backOfficeUserManager;
@@ -110,6 +116,50 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
             _linkGenerator = linkGenerator;
             _externalAuthenticationOptions = externalAuthenticationOptions;
             _backOfficeTwoFactorOptions = backOfficeTwoFactorOptions;
+            _httpContextAccessor = httpContextAccessor;
+            _webRoutingSettings = webRoutingSettings.Value;
+        }
+
+        [Obsolete("Use constructor that also takes IHttpAccessor and IOptions<WebRoutingSettings>, scheduled for removal in V11")]
+        public AuthenticationController(
+            IBackOfficeSecurityAccessor backofficeSecurityAccessor,
+            IBackOfficeUserManager backOfficeUserManager,
+            IBackOfficeSignInManager signInManager,
+            IUserService userService,
+            ILocalizedTextService textService,
+            IUmbracoMapper umbracoMapper,
+            IOptions<GlobalSettings> globalSettings,
+            IOptions<SecuritySettings> securitySettings,
+            ILogger<AuthenticationController> logger,
+            IIpResolver ipResolver,
+            IOptions<UserPasswordConfigurationSettings> passwordConfiguration,
+            IEmailSender emailSender,
+            ISmsSender smsSender,
+            IHostingEnvironment hostingEnvironment,
+            LinkGenerator linkGenerator,
+            IBackOfficeExternalLoginProviders externalAuthenticationOptions,
+            IBackOfficeTwoFactorOptions backOfficeTwoFactorOptions)
+            : this(
+                backofficeSecurityAccessor,
+                backOfficeUserManager,
+                signInManager,
+                userService,
+                textService,
+                umbracoMapper,
+                globalSettings,
+                securitySettings,
+                logger,
+                ipResolver,
+                passwordConfiguration,
+                emailSender,
+                smsSender,
+                hostingEnvironment,
+                linkGenerator,
+                externalAuthenticationOptions,
+                backOfficeTwoFactorOptions,
+                StaticServiceProvider.Instance.GetRequiredService<IHttpContextAccessor>(),
+                StaticServiceProvider.Instance.GetRequiredService<IOptions<WebRoutingSettings>>())
+        {
         }
 
         /// <summary>
@@ -629,7 +679,7 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
                 });
 
             // Construct full URL using configured application URL (which will fall back to request)
-            var applicationUri = _hostingEnvironment.ApplicationMainUrl;
+            Uri applicationUri = _httpContextAccessor.GetRequiredHttpContext().Request.GetApplicationUri(_webRoutingSettings);
             var callbackUri = new Uri(applicationUri, action);
             return callbackUri.ToString();
         }
diff --git a/src/Umbraco.Web.BackOffice/Controllers/UsersController.cs b/src/Umbraco.Web.BackOffice/Controllers/UsersController.cs
index 79e7838110..72377c0670 100644
--- a/src/Umbraco.Web.BackOffice/Controllers/UsersController.cs
+++ b/src/Umbraco.Web.BackOffice/Controllers/UsersController.cs
@@ -13,6 +13,7 @@ using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Routing;
+using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using MimeKit;
@@ -42,6 +43,7 @@ using Umbraco.Cms.Web.BackOffice.Security;
 using Umbraco.Cms.Web.Common.ActionsResults;
 using Umbraco.Cms.Web.Common.Attributes;
 using Umbraco.Cms.Web.Common.Authorization;
+using Umbraco.Cms.Web.Common.DependencyInjection;
 using Umbraco.Cms.Web.Common.Security;
 using Umbraco.Extensions;
 using Constants = Umbraco.Cms.Core.Constants;
@@ -75,7 +77,10 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
         private readonly UserEditorAuthorizationHelper _userEditorAuthorizationHelper;
         private readonly IPasswordChanger<BackOfficeIdentityUser> _passwordChanger;
         private readonly ILogger<UsersController> _logger;
+        private readonly IHttpContextAccessor _httpContextAccessor;
+        private readonly WebRoutingSettings _webRoutingSettings;
 
+        [ActivatorUtilitiesConstructor]
         public UsersController(
             MediaFileManager mediaFileManager,
             IOptions<ContentSettings> contentSettings,
@@ -96,7 +101,9 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
             LinkGenerator linkGenerator,
             IBackOfficeExternalLoginProviders externalLogins,
             UserEditorAuthorizationHelper userEditorAuthorizationHelper,
-            IPasswordChanger<BackOfficeIdentityUser> passwordChanger)
+            IPasswordChanger<BackOfficeIdentityUser> passwordChanger,
+            IHttpContextAccessor httpContextAccessor,
+            IOptions<WebRoutingSettings> webRoutingSettings)
         {
             _mediaFileManager = mediaFileManager;
             _contentSettings = contentSettings.Value;
@@ -119,6 +126,55 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
             _userEditorAuthorizationHelper = userEditorAuthorizationHelper;
             _passwordChanger = passwordChanger;
             _logger = _loggerFactory.CreateLogger<UsersController>();
+            _httpContextAccessor = httpContextAccessor;
+            _webRoutingSettings = webRoutingSettings.Value;
+        }
+
+        [Obsolete("Use constructor that also takes IHttpAccessor and IOptions<WebRoutingSettings>, scheduled for removal in V11")]
+        public UsersController(
+            MediaFileManager mediaFileManager,
+            IOptions<ContentSettings> contentSettings,
+            IHostingEnvironment hostingEnvironment,
+            ISqlContext sqlContext,
+            IImageUrlGenerator imageUrlGenerator,
+            IOptions<SecuritySettings> securitySettings,
+            IEmailSender emailSender,
+            IBackOfficeSecurityAccessor backofficeSecurityAccessor,
+            AppCaches appCaches,
+            IShortStringHelper shortStringHelper,
+            IUserService userService,
+            ILocalizedTextService localizedTextService,
+            IUmbracoMapper umbracoMapper,
+            IOptions<GlobalSettings> globalSettings,
+            IBackOfficeUserManager backOfficeUserManager,
+            ILoggerFactory loggerFactory,
+            LinkGenerator linkGenerator,
+            IBackOfficeExternalLoginProviders externalLogins,
+            UserEditorAuthorizationHelper userEditorAuthorizationHelper,
+            IPasswordChanger<BackOfficeIdentityUser> passwordChanger)
+            : this(mediaFileManager,
+                contentSettings,
+                hostingEnvironment,
+                sqlContext,
+                imageUrlGenerator,
+                securitySettings,
+                emailSender,
+                backofficeSecurityAccessor,
+                appCaches,
+                shortStringHelper,
+                userService,
+                localizedTextService,
+                umbracoMapper,
+                globalSettings,
+                backOfficeUserManager,
+                loggerFactory,
+                linkGenerator,
+                externalLogins,
+                userEditorAuthorizationHelper,
+                passwordChanger,
+                StaticServiceProvider.Instance.GetRequiredService<IHttpContextAccessor>(),
+                StaticServiceProvider.Instance.GetRequiredService<IOptions<WebRoutingSettings>>())
+        {
         }
 
         /// <summary>
@@ -421,20 +477,25 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
         /// </remarks>
         public async Task<ActionResult<UserDisplay>> PostInviteUser(UserInvite userSave)
         {
-            if (userSave == null) throw new ArgumentNullException("userSave");
+            if (userSave == null)
+            {
+                throw new ArgumentNullException("userSave");
+            }
 
             if (userSave.Message.IsNullOrWhiteSpace())
+            {
                 ModelState.AddModelError("Message", "Message cannot be empty");
+            }
 
             IUser user;
             if (_securitySettings.UsernameIsEmail)
             {
-                //ensure it's the same
+                // ensure it's the same
                 userSave.Username = userSave.Email;
             }
             else
             {
-                //first validate the username if we're showing it
+                // first validate the username if we're showing it
                 var userResult = CheckUniqueUsername(userSave.Username, u => u.LastLoginDate != default || u.EmailConfirmedDate.HasValue);
                 if (!(userResult.Result is null))
                 {
@@ -443,6 +504,7 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
 
                 user = userResult.Value;
             }
+
             user = CheckUniqueEmail(userSave.Email, u => u.LastLoginDate != default || u.EmailConfirmedDate.HasValue);
 
             if (ModelState.IsValid == false)
@@ -455,7 +517,7 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
                 return ValidationProblem("No Email server is configured");
             }
 
-            //Perform authorization here to see if the current user can actually save this user with the info being requested
+            // Perform authorization here to see if the current user can actually save this user with the info being requested
             var canSaveUser = _userEditorAuthorizationHelper.IsAuthorized(_backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser, user, null, null, userSave.UserGroups);
             if (canSaveUser == false)
             {
@@ -464,8 +526,8 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
 
             if (user == null)
             {
-                //we want to create the user with the UserManager, this ensures the 'empty' (special) password
-                //format is applied without us having to duplicate that logic
+                // we want to create the user with the UserManager, this ensures the 'empty' (special) password
+                // format is applied without us having to duplicate that logic
                 var identityUser = BackOfficeIdentityUser.CreateNew(_globalSettings, userSave.Username, userSave.Email, _globalSettings.DefaultUILanguage);
                 identityUser.Name = userSave.Name;
 
@@ -475,21 +537,21 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
                     return ValidationProblem(created.Errors.ToErrorMessage());
                 }
 
-                //now re-look the user back up
+                // now re-look the user back up
                 user = _userService.GetByEmail(userSave.Email);
             }
 
-            //map the save info over onto the user
+            // map the save info over onto the user
             user = _umbracoMapper.Map(userSave, user);
 
-            //ensure the invited date is set
+            // ensure the invited date is set
             user.InvitedDate = DateTime.Now;
 
-            //Save the updated user (which will process the user groups too)
+            // Save the updated user (which will process the user groups too)
             _userService.Save(user);
             var display = _umbracoMapper.Map<UserDisplay>(user);
 
-            //send the email
+            // send the email
             await SendUserInviteEmailAsync(display, _backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser.Name, _backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser.Email, user, userSave.Message);
 
             display.AddSuccessNotification(_localizedTextService.Localize("speechBubbles","resendInviteHeader"), _localizedTextService.Localize("speechBubbles","resendInviteSuccess", new[] { user.Name }));
@@ -544,14 +606,14 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
                 });
 
             // Construct full URL using configured application URL (which will fall back to request)
-            var applicationUri = _hostingEnvironment.ApplicationMainUrl;
+            Uri applicationUri = _httpContextAccessor.GetRequiredHttpContext().Request.GetApplicationUri(_webRoutingSettings);
             var inviteUri = new Uri(applicationUri, action);
 
             var emailSubject = _localizedTextService.Localize("user","inviteEmailCopySubject",
-                //Ensure the culture of the found user is used for the email!
+                // Ensure the culture of the found user is used for the email!
                 UmbracoUserExtensions.GetUserCulture(to.Language, _localizedTextService, _globalSettings));
             var emailBody = _localizedTextService.Localize("user","inviteEmailCopyFormat",
-                //Ensure the culture of the found user is used for the email!
+                // Ensure the culture of the found user is used for the email!
                 UmbracoUserExtensions.GetUserCulture(to.Language, _localizedTextService, _globalSettings),
                 new[] { userDisplay.Name, from, message, inviteUri.ToString(), senderEmail });
 
diff --git a/src/Umbraco.Web.Common/Extensions/HttpRequestExtensions.cs b/src/Umbraco.Web.Common/Extensions/HttpRequestExtensions.cs
index c7c2bb3115..2aeb2555eb 100644
--- a/src/Umbraco.Web.Common/Extensions/HttpRequestExtensions.cs
+++ b/src/Umbraco.Web.Common/Extensions/HttpRequestExtensions.cs
@@ -1,9 +1,12 @@
-using System.IO;
+using System;
+using System.IO;
 using System.Net;
 using System.Text;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Http.Extensions;
 using Microsoft.Extensions.DependencyInjection;
+using Umbraco.Cms.Core.Configuration.Models;
 using Umbraco.Cms.Core.Routing;
 
 namespace Umbraco.Extensions
@@ -107,5 +110,31 @@ namespace Umbraco.Extensions
                 return result;
             }
         }
+
+        /// <summary>
+        /// Gets the application URI, will use the one specified in settings if present
+        /// </summary>
+        public static Uri GetApplicationUri(this HttpRequest request, WebRoutingSettings routingSettings)
+        {
+            if (request == null)
+            {
+                throw new ArgumentNullException(nameof(request));
+            }
+
+            if (routingSettings == null)
+            {
+                throw new ArgumentNullException(nameof(routingSettings));
+            }
+
+            if (string.IsNullOrEmpty(routingSettings.UmbracoApplicationUrl))
+            {
+                var requestUri = new Uri(request.GetDisplayUrl());
+
+                // Create a new URI with the relative uri as /, this ensures that only the base path is returned.
+                return new Uri(requestUri, "/");
+            }
+
+            return new Uri(routingSettings.UmbracoApplicationUrl);
+        }
     }
 }

From 763cb70e677ac0c85557b19b5df09eccfa1b9dfb Mon Sep 17 00:00:00 2001
From: Ronald Barendse <ronald@barend.se>
Date: Mon, 20 Dec 2021 08:45:11 +0100
Subject: [PATCH 11/81] Move member properties to Member Content App (V9 merge
 regression) (#11768)

* Fix regression after merging to v9

* Update test to align with removed member properties
---
 .../Mapping/MemberTabsAndPropertiesMapper.cs  | 34 +++++--------------
 .../Controllers/MemberControllerUnitTests.cs  | 14 --------
 2 files changed, 9 insertions(+), 39 deletions(-)

diff --git a/src/Umbraco.Core/Models/Mapping/MemberTabsAndPropertiesMapper.cs b/src/Umbraco.Core/Models/Mapping/MemberTabsAndPropertiesMapper.cs
index d61e32d88a..d8ac8d635d 100644
--- a/src/Umbraco.Core/Models/Mapping/MemberTabsAndPropertiesMapper.cs
+++ b/src/Umbraco.Core/Models/Mapping/MemberTabsAndPropertiesMapper.cs
@@ -65,14 +65,11 @@ namespace Umbraco.Cms.Core.Models.Mapping
 
             var resolved = base.Map(source, context);
 
-            // This is kind of a hack because a developer is supposed to be allowed to set their property editor - would have been much easier
-            // if we just had all of the membership provider fields on the member table :(
-            // TODO: But is there a way to map the IMember.IsLockedOut to the property ? i dunno.
+            // IMember.IsLockedOut can't be set to true, so make it readonly when that's the case (you can only unlock)
             var isLockedOutProperty = resolved.SelectMany(x => x.Properties).FirstOrDefault(x => x.Alias == Constants.Conventions.Member.IsLockedOut);
             if (isLockedOutProperty?.Value != null && isLockedOutProperty.Value.ToString() != "1")
             {
-                isLockedOutProperty.View = "readonlyvalue";
-                isLockedOutProperty.Value = _localizedTextService.Localize("general", "no");
+                isLockedOutProperty.Readonly = true;
             }
 
             return resolved;
@@ -191,20 +188,6 @@ namespace Umbraco.Cms.Core.Models.Mapping
         {
             var properties = new List<ContentPropertyDisplay>
             {
-                new ContentPropertyDisplay
-                {
-                    Alias = $"{Constants.PropertyEditors.InternalGenericPropertiesPrefix}id",
-                    Label = _localizedTextService.Localize("general","id"),
-                    Value = new List<string> {member.Id.ToString(), member.Key.ToString()},
-                    View = "idwithguid"
-                },
-                new ContentPropertyDisplay
-                {
-                    Alias = $"{Constants.PropertyEditors.InternalGenericPropertiesPrefix}doctype",
-                    Label = _localizedTextService.Localize("content","membertype"),
-                    Value = _localizedTextService.UmbracoDictionaryTranslate(CultureDictionary, member.ContentType.Name),
-                    View = _propertyEditorCollection[Constants.PropertyEditors.Aliases.Label].GetValueEditor().View
-                },
                 GetLoginProperty(member, _localizedTextService),
                 new ContentPropertyDisplay
                 {
@@ -212,7 +195,7 @@ namespace Umbraco.Cms.Core.Models.Mapping
                     Label = _localizedTextService.Localize("general","email"),
                     Value = member.Email,
                     View = "email",
-                    Validation = {Mandatory = true}
+                    Validation = { Mandatory = true }
                 },
                 new ContentPropertyDisplay
                 {
@@ -221,12 +204,10 @@ namespace Umbraco.Cms.Core.Models.Mapping
                     Value = new Dictionary<string, object>
                     {
                         // TODO: why ignoreCase, what are we doing here?!
-                        {"newPassword", member.GetAdditionalDataValueIgnoreCase("NewPassword", null)},
+                        { "newPassword", member.GetAdditionalDataValueIgnoreCase("NewPassword", null) }
                     },
-                    // TODO: Hard coding this because the changepassword doesn't necessarily need to be a resolvable (real) property editor
                     View = "changepassword",
-                    // Initialize the dictionary with the configuration from the default membership provider
-                    Config = GetPasswordConfig(member)
+                    Config = GetPasswordConfig(member) // Initialize the dictionary with the configuration from the default membership provider
                 },
                 new ContentPropertyDisplay
                 {
@@ -234,7 +215,10 @@ namespace Umbraco.Cms.Core.Models.Mapping
                     Label = _localizedTextService.Localize("content","membergroup"),
                     Value = GetMemberGroupValue(member.Username),
                     View = "membergroups",
-                    Config = new Dictionary<string, object> {{"IsRequired", true}}
+                    Config = new Dictionary<string, object>
+                    {
+                        { "IsRequired", true }
+                    }
                 }
             };
 
diff --git a/tests/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Controllers/MemberControllerUnitTests.cs b/tests/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Controllers/MemberControllerUnitTests.cs
index da5175f272..069e94f732 100644
--- a/tests/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Controllers/MemberControllerUnitTests.cs
+++ b/tests/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Controllers/MemberControllerUnitTests.cs
@@ -618,20 +618,6 @@ namespace Umbraco.Cms.Tests.UnitTests.Umbraco.Web.BackOffice.Controllers
                         Id = 77,
                         Properties = new List<ContentPropertyDisplay>()
                         {
-                            new ContentPropertyDisplay()
-                            {
-                                Alias = "_umb_id",
-                                View = "idwithguid",
-                                Value = new []
-                                {
-                                    "123",
-                                    "guid"
-                                }
-                            },
-                            new ContentPropertyDisplay()
-                            {
-                                Alias = "_umb_doctype"
-                            },
                             new ContentPropertyDisplay()
                             {
                                 Alias = "_umb_login"

From a54c5bb21d4b9af4d984e1c7d0d45a20693ff3d4 Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Tue, 4 Jan 2022 10:11:34 +0100
Subject: [PATCH 12/81] V8: Merge package telemetry from V9 (#11785)

* Merge Telemetry classes from V9

* Use TelemetryService in ReportSiteTask

* Migrate tests
---
 .../CompositionExtensions/Services.cs         |  3 +
 src/Umbraco.Core/Manifest/ManifestParser.cs   |  2 +-
 src/Umbraco.Core/Manifest/PackageManifest.cs  | 35 ++++++++
 .../Telemetry/ITelemetryService.cs            | 15 ++++
 .../Telemetry/Models/PackageTelemetry.cs      | 28 +++++++
 .../Telemetry/Models/TelemetryReportData.cs   | 34 ++++++++
 .../Telemetry/TelemetryService.cs             | 81 +++++++++++++++++++
 src/Umbraco.Core/Umbraco.Core.csproj          |  4 +
 .../Manifest/ManifestParserTests.cs           | 22 +++++
 src/Umbraco.Web/Telemetry/ReportSiteTask.cs   | 34 +++-----
 .../Telemetry/TelemetryComponent.cs           |  9 ++-
 11 files changed, 239 insertions(+), 28 deletions(-)
 create mode 100644 src/Umbraco.Core/Telemetry/ITelemetryService.cs
 create mode 100644 src/Umbraco.Core/Telemetry/Models/PackageTelemetry.cs
 create mode 100644 src/Umbraco.Core/Telemetry/Models/TelemetryReportData.cs
 create mode 100644 src/Umbraco.Core/Telemetry/TelemetryService.cs

diff --git a/src/Umbraco.Core/Composing/CompositionExtensions/Services.cs b/src/Umbraco.Core/Composing/CompositionExtensions/Services.cs
index 4f9a953212..e912f7281c 100644
--- a/src/Umbraco.Core/Composing/CompositionExtensions/Services.cs
+++ b/src/Umbraco.Core/Composing/CompositionExtensions/Services.cs
@@ -8,6 +8,7 @@ using Umbraco.Core.Logging;
 using Umbraco.Core.Packaging;
 using Umbraco.Core.Services;
 using Umbraco.Core.Services.Implement;
+using Umbraco.Core.Telemetry;
 
 namespace Umbraco.Core.Composing.CompositionExtensions
 {
@@ -79,6 +80,8 @@ namespace Umbraco.Core.Composing.CompositionExtensions
                     factory.GetInstance<CompiledPackageXmlParser>(), factory.GetInstance<IPackageActionRunner>(),
                     new DirectoryInfo(IOHelper.GetRootDirectorySafe())));
 
+            composition.RegisterUnique<ITelemetryService, TelemetryService>();
+
             return composition;
         }
 
diff --git a/src/Umbraco.Core/Manifest/ManifestParser.cs b/src/Umbraco.Core/Manifest/ManifestParser.cs
index 9bbb0875d8..a9ce06e8da 100644
--- a/src/Umbraco.Core/Manifest/ManifestParser.cs
+++ b/src/Umbraco.Core/Manifest/ManifestParser.cs
@@ -67,7 +67,7 @@ namespace Umbraco.Core.Manifest
         /// <summary>
         /// Gets all manifests.
         /// </summary>
-        private IEnumerable<PackageManifest> GetManifests()
+        internal IEnumerable<PackageManifest> GetManifests()
         {
             var manifests = new List<PackageManifest>();
 
diff --git a/src/Umbraco.Core/Manifest/PackageManifest.cs b/src/Umbraco.Core/Manifest/PackageManifest.cs
index e50eb69467..cadd661e28 100644
--- a/src/Umbraco.Core/Manifest/PackageManifest.cs
+++ b/src/Umbraco.Core/Manifest/PackageManifest.cs
@@ -1,4 +1,5 @@
 using System;
+using System.IO;
 using Newtonsoft.Json;
 using Umbraco.Core.PropertyEditors;
 
@@ -9,6 +10,28 @@ namespace Umbraco.Core.Manifest
     /// </summary>
     public class PackageManifest
     {
+        private string _packageName;
+
+        [JsonProperty("name")]
+        public string PackageName
+        {
+            get
+            {
+                if (string.IsNullOrWhiteSpace(_packageName) is false)
+                {
+                    return _packageName;
+                }
+
+                if (string.IsNullOrWhiteSpace(Source) is false)
+                {
+                    _packageName = Path.GetFileName(Path.GetDirectoryName(Source));
+                }
+
+                return _packageName;
+            }
+            set => _packageName = value;
+        }
+
         /// <summary>
         /// Gets the source path of the manifest.
         /// </summary>
@@ -66,5 +89,17 @@ namespace Umbraco.Core.Manifest
         /// </summary>
         [JsonProperty("sections")]
         public ManifestSection[] Sections { get; set; } = Array.Empty<ManifestSection>();
+
+        /// <summary>
+        /// Gets or sets the version of the package
+        /// </summary>
+        [JsonProperty("version")]
+        public string Version { get; set; } = string.Empty;
+
+        /// <summary>
+        /// Gets or sets a value indicating whether telemetry is allowed
+        /// </summary>
+        [JsonProperty("allowPackageTelemetry")]
+        public bool AllowPackageTelemetry { get; set; } = true;
     }
 }
diff --git a/src/Umbraco.Core/Telemetry/ITelemetryService.cs b/src/Umbraco.Core/Telemetry/ITelemetryService.cs
new file mode 100644
index 0000000000..f4ca3736f6
--- /dev/null
+++ b/src/Umbraco.Core/Telemetry/ITelemetryService.cs
@@ -0,0 +1,15 @@
+using Umbraco.Core.Telemetry.Models;
+
+namespace Umbraco.Core.Telemetry
+{
+    /// <summary>
+    /// Service which gathers the data for telemetry reporting
+    /// </summary>
+    public interface ITelemetryService
+    {
+        /// <summary>
+        /// Try and get the <see cref="TelemetryReportData"/>
+        /// </summary>
+        bool TryGetTelemetryReportData(out TelemetryReportData telemetryReportData);
+    }
+}
diff --git a/src/Umbraco.Core/Telemetry/Models/PackageTelemetry.cs b/src/Umbraco.Core/Telemetry/Models/PackageTelemetry.cs
new file mode 100644
index 0000000000..a86c4c4fa2
--- /dev/null
+++ b/src/Umbraco.Core/Telemetry/Models/PackageTelemetry.cs
@@ -0,0 +1,28 @@
+using System;
+using System.Runtime.Serialization;
+
+namespace Umbraco.Core.Telemetry.Models
+{
+    /// <summary>
+    /// Serializable class containing information about an installed package.
+    /// </summary>
+    [Serializable]
+    [DataContract(Name = "packageTelemetry")]
+    public class PackageTelemetry
+    {
+        /// <summary>
+        /// Gets or sets the name of the installed package.
+        /// </summary>
+        [DataMember(Name = "name")]
+        public string Name { get; set; }
+
+        /// <summary>
+        /// Gets or sets the version of the installed package.
+        /// </summary>
+        /// <remarks>
+        /// This may be an empty string if no version is specified, or if package telemetry has been restricted.
+        /// </remarks>
+        [DataMember(Name = "version")]
+        public string Version { get; set; }
+    }
+}
diff --git a/src/Umbraco.Core/Telemetry/Models/TelemetryReportData.cs b/src/Umbraco.Core/Telemetry/Models/TelemetryReportData.cs
new file mode 100644
index 0000000000..560bd1dcfe
--- /dev/null
+++ b/src/Umbraco.Core/Telemetry/Models/TelemetryReportData.cs
@@ -0,0 +1,34 @@
+using System;
+using System.Collections.Generic;
+using System.Runtime.Serialization;
+
+namespace Umbraco.Core.Telemetry.Models
+{
+    /// <summary>
+    /// Serializable class containing telemetry information.
+    /// </summary>
+    [DataContract]
+    public class TelemetryReportData
+    {
+        /// <summary>
+        /// Gets or sets a random GUID to prevent an instance posting multiple times pr. day.
+        /// </summary>
+        [DataMember(Name = "id")]
+        public Guid Id { get; set; }
+
+        /// <summary>
+        /// Gets or sets the Umbraco CMS version.
+        /// </summary>
+        [DataMember(Name = "version")]
+        public string Version { get; set; }
+
+        /// <summary>
+        /// Gets or sets an enumerable containing information about packages.
+        /// </summary>
+        /// <remarks>
+        /// Contains only the name and version of the packages, unless no version is specified.
+        /// </remarks>
+        [DataMember(Name = "packages")]
+        public IEnumerable<PackageTelemetry> Packages { get; set; }
+    }
+}
diff --git a/src/Umbraco.Core/Telemetry/TelemetryService.cs b/src/Umbraco.Core/Telemetry/TelemetryService.cs
new file mode 100644
index 0000000000..a1b1f39ecd
--- /dev/null
+++ b/src/Umbraco.Core/Telemetry/TelemetryService.cs
@@ -0,0 +1,81 @@
+using System;
+using System.Collections.Generic;
+using Umbraco.Core.Configuration;
+using Umbraco.Core.Configuration.UmbracoSettings;
+using Umbraco.Core.Manifest;
+using Umbraco.Core.Telemetry.Models;
+
+namespace Umbraco.Core.Telemetry
+{
+    /// <inheritdoc/>
+    internal class TelemetryService : ITelemetryService
+    {
+        private readonly IUmbracoSettingsSection _settings;
+        private readonly ManifestParser _manifestParser;
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="TelemetryService"/> class.
+        /// </summary>
+        public TelemetryService(
+            ManifestParser manifestParser,
+            IUmbracoSettingsSection settings)
+        {
+            _manifestParser = manifestParser;
+            _settings = settings;
+        }
+
+        /// <inheritdoc/>
+        public bool TryGetTelemetryReportData(out TelemetryReportData telemetryReportData)
+        {
+            if (TryGetTelemetryId(out Guid telemetryId) is false)
+            {
+                telemetryReportData = null;
+                return false;
+            }
+
+            telemetryReportData = new TelemetryReportData
+            {
+                Id = telemetryId,
+                Version = UmbracoVersion.SemanticVersion.ToSemanticString(),
+                Packages = GetPackageTelemetry()
+            };
+            return true;
+        }
+
+        private bool TryGetTelemetryId(out Guid telemetryId)
+        {
+            // Parse telemetry string as a GUID & verify its a GUID and not some random string
+            // since users may have messed with or decided to empty the app setting or put in something random
+            if (Guid.TryParse(_settings.BackOffice.Id, out var parsedTelemetryId) is false)
+            {
+                telemetryId = Guid.Empty;
+                return false;
+            }
+
+            telemetryId = parsedTelemetryId;
+            return true;
+        }
+
+        private IEnumerable<PackageTelemetry> GetPackageTelemetry()
+        {
+            List<PackageTelemetry> packages = new ();
+            var manifests = _manifestParser.GetManifests();
+
+            foreach (var manifest in manifests)
+            {
+                if (manifest.AllowPackageTelemetry is false)
+                {
+                    continue;
+                }
+
+                packages.Add(new PackageTelemetry
+                {
+                    Name = manifest.PackageName,
+                    Version = manifest.Version ?? string.Empty
+                });
+            }
+
+            return packages;
+        }
+    }
+}
diff --git a/src/Umbraco.Core/Umbraco.Core.csproj b/src/Umbraco.Core/Umbraco.Core.csproj
index 632031a2e6..6729930174 100755
--- a/src/Umbraco.Core/Umbraco.Core.csproj
+++ b/src/Umbraco.Core/Umbraco.Core.csproj
@@ -396,6 +396,10 @@
     <Compile Include="Services\DateTypeServiceExtensions.cs" />
     <Compile Include="Services\PropertyValidationService.cs" />
     <Compile Include="Composing\TypeCollectionBuilderBase.cs" />
+    <Compile Include="Telemetry\ITelemetryService.cs" />
+    <Compile Include="Telemetry\Models\PackageTelemetry.cs" />
+    <Compile Include="Telemetry\Models\TelemetryReportData.cs" />
+    <Compile Include="Telemetry\TelemetryService.cs" />
     <Compile Include="TypeLoaderExtensions.cs" />
     <Compile Include="Composing\WeightAttribute.cs" />
     <Compile Include="Composing\WeightedCollectionBuilderBase.cs" />
diff --git a/src/Umbraco.Tests/Manifest/ManifestParserTests.cs b/src/Umbraco.Tests/Manifest/ManifestParserTests.cs
index 6b140e3757..26c031c7aa 100644
--- a/src/Umbraco.Tests/Manifest/ManifestParserTests.cs
+++ b/src/Umbraco.Tests/Manifest/ManifestParserTests.cs
@@ -443,5 +443,27 @@ javascript: ['~/test.js',/*** some note about stuff asd09823-4**09234*/ '~/test2
             Assert.AreEqual("Content", manifest.Sections[0].Name);
             Assert.AreEqual("World", manifest.Sections[1].Name);
         }
+
+        [Test]
+        public void CanParseManifest_Version()
+        {
+            const string json = @"{""name"": ""VersionPackage"", ""version"": ""1.0.0""}";
+            PackageManifest manifest = _parser.ParseManifest(json);
+
+            Assert.Multiple(() =>
+            {
+                Assert.AreEqual("VersionPackage", manifest.PackageName);
+                Assert.AreEqual("1.0.0", manifest.Version);
+            });
+        }
+
+        [Test]
+        public void CanParseManifest_TrackingAllowed()
+        {
+            const string json = @"{""allowPackageTelemetry"": false }";
+            PackageManifest manifest = _parser.ParseManifest(json);
+
+            Assert.IsFalse(manifest.AllowPackageTelemetry);
+        }
     }
 }
diff --git a/src/Umbraco.Web/Telemetry/ReportSiteTask.cs b/src/Umbraco.Web/Telemetry/ReportSiteTask.cs
index 24ac7cbf3a..78d4b24ab6 100644
--- a/src/Umbraco.Web/Telemetry/ReportSiteTask.cs
+++ b/src/Umbraco.Web/Telemetry/ReportSiteTask.cs
@@ -1,14 +1,11 @@
 using Newtonsoft.Json;
 using System;
 using System.Net.Http;
-using System.Runtime.Serialization;
 using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
-using Umbraco.Core;
-using Umbraco.Core.Configuration;
-using Umbraco.Core.Configuration.UmbracoSettings;
 using Umbraco.Core.Logging;
+using Umbraco.Core.Telemetry;
 using Umbraco.Web.Scheduling;
 
 namespace Umbraco.Web.Telemetry
@@ -17,14 +14,19 @@ namespace Umbraco.Web.Telemetry
     {
         private readonly IProfilingLogger _logger;
         private static HttpClient _httpClient;
-        private readonly IUmbracoSettingsSection _settings;
+        private readonly ITelemetryService _telemetryService;
 
-        public ReportSiteTask(IBackgroundTaskRunner<RecurringTaskBase> runner, int delayBeforeWeStart, int howOftenWeRepeat, IProfilingLogger logger, IUmbracoSettingsSection settings)
+        public ReportSiteTask(
+            IBackgroundTaskRunner<RecurringTaskBase> runner,
+            int delayBeforeWeStart,
+            int howOftenWeRepeat,
+            IProfilingLogger logger,
+            ITelemetryService telemetryService)
             : base(runner, delayBeforeWeStart, howOftenWeRepeat)
         {
             _logger = logger;
             _httpClient = new HttpClient();
-            _settings = settings;
+            _telemetryService = telemetryService;
         }
 
         /// <summary>
@@ -34,12 +36,9 @@ namespace Umbraco.Web.Telemetry
         /// <returns>A value indicating whether to repeat the task.</returns>
         public override async Task<bool> PerformRunAsync(CancellationToken token)
         {
-            // Try & get a value stored in umbracoSettings.config on the backoffice XML element ID attribute
-            var backofficeIdentifierRaw = _settings.BackOffice.Id;
-
             // Parse as a GUID & verify its a GUID and not some random string
             // In case of users may have messed or decided to empty the file contents or put in something random
-            if (Guid.TryParse(backofficeIdentifierRaw, out var telemetrySiteIdentifier) == false)
+            if (_telemetryService.TryGetTelemetryReportData(out var telemetryReportData) is false)
             {
                 // Some users may have decided to mess with the XML attribute and put in something else
                 // Stop repeating this task (no need to keep checking)
@@ -61,8 +60,7 @@ namespace Umbraco.Web.Telemetry
 
                 using (var request = new HttpRequestMessage(HttpMethod.Post, "installs/"))
                 {
-                    var postData = new TelemetryReportData { Id = telemetrySiteIdentifier, Version = UmbracoVersion.SemanticVersion.ToSemanticString() };
-                    request.Content = new StringContent(JsonConvert.SerializeObject(postData), Encoding.UTF8, "application/json"); //CONTENT-TYPE header
+                    request.Content = new StringContent(JsonConvert.SerializeObject(telemetryReportData), Encoding.UTF8, "application/json"); //CONTENT-TYPE header
 
                     // Set a low timeout - no need to use a larger default timeout for this POST request
                     _httpClient.Timeout = new TimeSpan(0, 0, 1);
@@ -86,15 +84,5 @@ namespace Umbraco.Web.Telemetry
         }
 
         public override bool IsAsync => true;
-
-        [DataContract]
-        private class TelemetryReportData
-        {
-            [DataMember(Name = "id")]
-            public Guid Id { get; set; }
-
-            [DataMember(Name = "version")]
-            public string Version { get; set; }
-        }
     }
 }
diff --git a/src/Umbraco.Web/Telemetry/TelemetryComponent.cs b/src/Umbraco.Web/Telemetry/TelemetryComponent.cs
index 1ae9ad9764..c3d29f72ca 100644
--- a/src/Umbraco.Web/Telemetry/TelemetryComponent.cs
+++ b/src/Umbraco.Web/Telemetry/TelemetryComponent.cs
@@ -1,6 +1,7 @@
 using Umbraco.Core.Composing;
 using Umbraco.Core.Configuration.UmbracoSettings;
 using Umbraco.Core.Logging;
+using Umbraco.Core.Telemetry;
 using Umbraco.Web.Scheduling;
 
 namespace Umbraco.Web.Telemetry
@@ -8,13 +9,13 @@ namespace Umbraco.Web.Telemetry
     public class TelemetryComponent : IComponent
     {
         private readonly IProfilingLogger _logger;
-        private readonly IUmbracoSettingsSection _settings;
+        private readonly ITelemetryService _telemetryService;
         private BackgroundTaskRunner<IBackgroundTask> _telemetryReporterRunner;
 
-        public TelemetryComponent(IProfilingLogger logger, IUmbracoSettingsSection settings)
+        public TelemetryComponent(IProfilingLogger logger, IUmbracoSettingsSection settings, ITelemetryService telemetryService)
         {
             _logger = logger;
-            _settings = settings;
+            _telemetryService = telemetryService;
         }
 
         public void Initialize()
@@ -26,7 +27,7 @@ namespace Umbraco.Web.Telemetry
             const int howOftenWeRepeat = 60 * 1000 * 60 * 24; // 60 * 1000 * 60 * 24 = 24hrs (86400000)
 
             // As soon as we add our task to the runner it will start to run (after its delay period)
-            var task = new ReportSiteTask(_telemetryReporterRunner, delayBeforeWeStart, howOftenWeRepeat, _logger, _settings);
+            var task = new ReportSiteTask(_telemetryReporterRunner, delayBeforeWeStart, howOftenWeRepeat, _logger, _telemetryService);
             _telemetryReporterRunner.TryAdd(task);
         }
 

From 75bb8051bff84e3cc2e9da2379d696f02d7a8845 Mon Sep 17 00:00:00 2001
From: Ronald Barendse <ronald@barend.se>
Date: Wed, 5 Jan 2022 11:11:27 +0100
Subject: [PATCH 13/81] Prune Image Cropper and Media Picker (v3) values
 (#11805)

* Clean up redundant/default Umbraco.ImageCropper data

* Fix ToString() and add HasCrops() method

* Re-use crop/focal point pruning for Umbraco.MediaPicker3

* Fix ImageCropperTest

Co-authored-by: Elitsa Marinovska <elm@umbraco.dk>
---
 .../ValueConverters/ImageCropperValue.cs      | 88 ++++++++++++++-----
 .../PropertyEditors/ImageCropperTest.cs       |  6 +-
 .../ImageCropperPropertyValueEditor.cs        | 39 +++++---
 .../MediaPicker3PropertyEditor.cs             | 81 ++++++++++++++++-
 4 files changed, 174 insertions(+), 40 deletions(-)

diff --git a/src/Umbraco.Core/PropertyEditors/ValueConverters/ImageCropperValue.cs b/src/Umbraco.Core/PropertyEditors/ValueConverters/ImageCropperValue.cs
index f2151778d9..555c198f7d 100644
--- a/src/Umbraco.Core/PropertyEditors/ValueConverters/ImageCropperValue.cs
+++ b/src/Umbraco.Core/PropertyEditors/ValueConverters/ImageCropperValue.cs
@@ -1,12 +1,11 @@
 using System;
 using System.Collections.Generic;
 using System.ComponentModel;
-using System.Globalization;
 using System.Linq;
 using System.Runtime.Serialization;
-using System.Text;
 using System.Web;
 using Newtonsoft.Json;
+using Newtonsoft.Json.Linq;
 using Umbraco.Core.Composing;
 using Umbraco.Core.Models;
 using Umbraco.Core.Serialization;
@@ -18,14 +17,14 @@ namespace Umbraco.Core.PropertyEditors.ValueConverters
     /// </summary>
     [JsonConverter(typeof(NoTypeConverterJsonConverter<ImageCropperValue>))]
     [TypeConverter(typeof(ImageCropperValueTypeConverter))]
-    [DataContract(Name="imageCropDataSet")]
+    [DataContract(Name = "imageCropDataSet")]
     public class ImageCropperValue : IHtmlString, IEquatable<ImageCropperValue>
     {
         /// <summary>
         /// Gets or sets the value source image.
         /// </summary>
-        [DataMember(Name="src")]
-        public string Src { get; set;}
+        [DataMember(Name = "src")]
+        public string Src { get; set; }
 
         /// <summary>
         /// Gets or sets the value focal point.
@@ -41,9 +40,7 @@ namespace Umbraco.Core.PropertyEditors.ValueConverters
 
         /// <inheritdoc />
         public override string ToString()
-        {
-            return Crops != null ? (Crops.Any() ? JsonConvert.SerializeObject(this) : Src) : string.Empty;
-        }
+            => HasCrops() || HasFocalPoint() ? JsonConvert.SerializeObject(this, Formatting.None) : Src;
 
         /// <inheritdoc />
         public string ToHtmlString() => Src;
@@ -134,13 +131,19 @@ namespace Umbraco.Core.PropertyEditors.ValueConverters
         /// </summary>
         /// <returns></returns>
         public bool HasFocalPoint()
-            => FocalPoint != null && (FocalPoint.Left != 0.5m || FocalPoint.Top != 0.5m);
+            => FocalPoint is ImageCropperFocalPoint focalPoint && (focalPoint.Left != 0.5m || focalPoint.Top != 0.5m);
+
+        /// <summary>
+        /// Determines whether the value has crops.
+        /// </summary>
+        public bool HasCrops()
+            => Crops is IEnumerable<ImageCropperCrop> crops && crops.Any();
 
         /// <summary>
         /// Determines whether the value has a specified crop.
         /// </summary>
         public bool HasCrop(string alias)
-            => Crops != null && Crops.Any(x => x.Alias == alias);
+            => Crops is IEnumerable<ImageCropperCrop> crops && crops.Any(x => x.Alias == alias);
 
         /// <summary>
         /// Determines whether the value has a source image.
@@ -179,6 +182,51 @@ namespace Umbraco.Core.PropertyEditors.ValueConverters
             };
         }
 
+        /// <summary>
+        /// Removes redundant crop data/default focal point.
+        /// </summary>
+        /// <param name="value">The image cropper value.</param>
+        /// <returns>
+        /// The cleaned up value.
+        /// </returns>
+        public static void Prune(JObject value)
+        {
+            if (value is null) throw new ArgumentNullException(nameof(value));
+
+            if (value.TryGetValue("crops", out var crops))
+            {
+                if (crops.HasValues)
+                {
+                    foreach (var crop in crops.Values<JObject>().ToList())
+                    {
+                        if (crop.TryGetValue("coordinates", out var coordinates) == false || coordinates.HasValues == false)
+                        {
+                            // Remove crop without coordinates
+                            crop.Remove();
+                            continue;
+                        }
+
+                        // Width/height are already stored in the crop configuration
+                        crop.Remove("width");
+                        crop.Remove("height");
+                    }
+                }
+
+                if (crops.HasValues == false)
+                {
+                    // Remove empty crops
+                    value.Remove("crops");
+                }
+            }
+
+            if (value.TryGetValue("focalPoint", out var focalPoint) &&
+                (focalPoint.HasValues == false || (focalPoint.Value<decimal>("top") == 0.5m && focalPoint.Value<decimal>("left") == 0.5m)))
+            {
+                // Remove empty/default focal point
+                value.Remove("focalPoint");
+            }
+        }
+
         #region IEquatable
 
         /// <inheritdoc />
@@ -212,8 +260,8 @@ namespace Umbraco.Core.PropertyEditors.ValueConverters
                 // properties are, practically, readonly
                 // ReSharper disable NonReadonlyMemberInGetHashCode
                 var hashCode = Src?.GetHashCode() ?? 0;
-                hashCode = (hashCode*397) ^ (FocalPoint?.GetHashCode() ?? 0);
-                hashCode = (hashCode*397) ^ (Crops?.GetHashCode() ?? 0);
+                hashCode = (hashCode * 397) ^ (FocalPoint?.GetHashCode() ?? 0);
+                hashCode = (hashCode * 397) ^ (Crops?.GetHashCode() ?? 0);
                 return hashCode;
                 // ReSharper restore NonReadonlyMemberInGetHashCode
             }
@@ -258,7 +306,7 @@ namespace Umbraco.Core.PropertyEditors.ValueConverters
                 {
                     // properties are, practically, readonly
                     // ReSharper disable NonReadonlyMemberInGetHashCode
-                    return (Left.GetHashCode()*397) ^ Top.GetHashCode();
+                    return (Left.GetHashCode() * 397) ^ Top.GetHashCode();
                     // ReSharper restore NonReadonlyMemberInGetHashCode
                 }
             }
@@ -312,9 +360,9 @@ namespace Umbraco.Core.PropertyEditors.ValueConverters
                     // properties are, practically, readonly
                     // ReSharper disable NonReadonlyMemberInGetHashCode
                     var hashCode = Alias?.GetHashCode() ?? 0;
-                    hashCode = (hashCode*397) ^ Width;
-                    hashCode = (hashCode*397) ^ Height;
-                    hashCode = (hashCode*397) ^ (Coordinates?.GetHashCode() ?? 0);
+                    hashCode = (hashCode * 397) ^ Width;
+                    hashCode = (hashCode * 397) ^ Height;
+                    hashCode = (hashCode * 397) ^ (Coordinates?.GetHashCode() ?? 0);
                     return hashCode;
                     // ReSharper restore NonReadonlyMemberInGetHashCode
                 }
@@ -339,7 +387,7 @@ namespace Umbraco.Core.PropertyEditors.ValueConverters
             public decimal Y2 { get; set; }
 
             #region IEquatable
-            
+
             /// <inheritdoc />
             public bool Equals(ImageCropperCropCoordinates other)
                 => ReferenceEquals(this, other) || Equals(this, other);
@@ -369,9 +417,9 @@ namespace Umbraco.Core.PropertyEditors.ValueConverters
                     // properties are, practically, readonly
                     // ReSharper disable NonReadonlyMemberInGetHashCode
                     var hashCode = X1.GetHashCode();
-                    hashCode = (hashCode*397) ^ Y1.GetHashCode();
-                    hashCode = (hashCode*397) ^ X2.GetHashCode();
-                    hashCode = (hashCode*397) ^ Y2.GetHashCode();
+                    hashCode = (hashCode * 397) ^ Y1.GetHashCode();
+                    hashCode = (hashCode * 397) ^ X2.GetHashCode();
+                    hashCode = (hashCode * 397) ^ Y2.GetHashCode();
                     return hashCode;
                     // ReSharper restore NonReadonlyMemberInGetHashCode
                 }
diff --git a/src/Umbraco.Tests/PropertyEditors/ImageCropperTest.cs b/src/Umbraco.Tests/PropertyEditors/ImageCropperTest.cs
index c40708770e..eed45b0d27 100644
--- a/src/Umbraco.Tests/PropertyEditors/ImageCropperTest.cs
+++ b/src/Umbraco.Tests/PropertyEditors/ImageCropperTest.cs
@@ -29,13 +29,13 @@ namespace Umbraco.Tests.PropertyEditors
     {
         private const string CropperJson1 = "{\"focalPoint\": {\"left\": 0.96,\"top\": 0.80827067669172936},\"src\": \"/media/1005/img_0671.jpg\",\"crops\": [{\"alias\":\"thumb\",\"width\": 100,\"height\": 100,\"coordinates\": {\"x1\": 0.58729977382575338,\"y1\": 0.055768992440203169,\"x2\": 0,\"y2\": 0.32457553600198386}}]}";
         private const string CropperJson2 = "{\"focalPoint\": {\"left\": 0.98,\"top\": 0.80827067669172936},\"src\": \"/media/1005/img_0672.jpg\",\"crops\": [{\"alias\":\"thumb\",\"width\": 100,\"height\": 100,\"coordinates\": {\"x1\": 0.58729977382575338,\"y1\": 0.055768992440203169,\"x2\": 0,\"y2\": 0.32457553600198386}}]}";
-        private const string CropperJson3 = "{\"focalPoint\": {\"left\": 0.98,\"top\": 0.80827067669172936},\"src\": \"/media/1005/img_0672.jpg\",\"crops\": []}";
+        private const string CropperJson3 = "{\"focalPoint\": {\"left\": 0.5,\"top\": 0.5},\"src\": \"/media/1005/img_0672.jpg\",\"crops\": []}";
         private const string MediaPath = "/media/1005/img_0671.jpg";
 
         [Test]
         public void CanConvertImageCropperDataSetSrcToString()
         {
-            //cropperJson3 - has not crops
+            //cropperJson3 - has no crops
             var cropperValue = CropperJson3.DeserializeImageCropperValue();
             var serialized = cropperValue.TryConvertTo<string>();
             Assert.IsTrue(serialized.Success);
@@ -45,7 +45,7 @@ namespace Umbraco.Tests.PropertyEditors
         [Test]
         public void CanConvertImageCropperDataSetJObject()
         {
-            //cropperJson3 - has not crops
+            //cropperJson3 - has no crops
             var cropperValue = CropperJson3.DeserializeImageCropperValue();
             var serialized = cropperValue.TryConvertTo<JObject>();
             Assert.IsTrue(serialized.Success);
diff --git a/src/Umbraco.Web/PropertyEditors/ImageCropperPropertyValueEditor.cs b/src/Umbraco.Web/PropertyEditors/ImageCropperPropertyValueEditor.cs
index 4aac8f54aa..8e13d1bb5a 100644
--- a/src/Umbraco.Web/PropertyEditors/ImageCropperPropertyValueEditor.cs
+++ b/src/Umbraco.Web/PropertyEditors/ImageCropperPropertyValueEditor.cs
@@ -1,6 +1,6 @@
-using Newtonsoft.Json.Linq;
-using System;
+using System;
 using Newtonsoft.Json;
+using Newtonsoft.Json.Linq;
 using Umbraco.Core;
 using Umbraco.Core.IO;
 using Umbraco.Core.Logging;
@@ -66,31 +66,42 @@ namespace Umbraco.Web.PropertyEditors
         /// </remarks>
         public override object FromEditor(ContentPropertyData editorValue, object currentValue)
         {
-            // get the current path
+            // Get the current path
             var currentPath = string.Empty;
             try
             {
                 var svalue = currentValue as string;
                 var currentJson = string.IsNullOrWhiteSpace(svalue) ? null : JObject.Parse(svalue);
-                if (currentJson != null && currentJson["src"] != null)
-                    currentPath = currentJson["src"].Value<string>();
+                if (currentJson != null && currentJson.TryGetValue("src", out var src))
+                {
+                    currentPath = src.Value<string>();
+                }
             }
             catch (Exception ex)
             {
-                // for some reason the value is invalid so continue as if there was no value there
+                // For some reason the value is invalid, so continue as if there was no value there
                 _logger.Warn<ImageCropperPropertyValueEditor>(ex, "Could not parse current db value to a JObject.");
             }
+
             if (string.IsNullOrWhiteSpace(currentPath) == false)
                 currentPath = _mediaFileSystem.GetRelativePath(currentPath);
 
-            // get the new json and path
-            JObject editorJson = null;
+            // Get the new JSON and file path
             var editorFile = string.Empty;
-            if (editorValue.Value != null)
+            if (editorValue.Value is JObject editorJson)
             {
-                editorJson = editorValue.Value as JObject;
-                if (editorJson != null && editorJson["src"] != null)
+                // Populate current file
+                if (editorJson["src"] != null)
+                {
                     editorFile = editorJson["src"].Value<string>();
+                }
+
+                // Clean up redundant/default data
+                ImageCropperValue.Prune(editorJson);
+            }
+            else
+            {
+                editorJson = null;
             }
 
             // ensure we have the required guids
@@ -118,7 +129,7 @@ namespace Umbraco.Web.PropertyEditors
                     return null; // clear
                 }
 
-                return editorJson?.ToString(); // unchanged
+                return editorJson?.ToString(Formatting.None); // unchanged
             }
 
             // process the file
@@ -135,7 +146,8 @@ namespace Umbraco.Web.PropertyEditors
             // update json and return
             if (editorJson == null) return null;
             editorJson["src"] = filepath == null ? string.Empty : _mediaFileSystem.GetUrl(filepath);
-            return editorJson.ToString();
+
+            return editorJson.ToString(Formatting.None);
         }
 
         private string ProcessFile(ContentPropertyData editorValue, ContentPropertyFile file, string currentPath, Guid cuid, Guid puid)
@@ -160,7 +172,6 @@ namespace Umbraco.Web.PropertyEditors
             return filepath;
         }
 
-
         public override string ConvertDbToString(PropertyType propertyType, object value, IDataTypeService dataTypeService)
         {
             if (value == null || string.IsNullOrEmpty(value.ToString()))
diff --git a/src/Umbraco.Web/PropertyEditors/MediaPicker3PropertyEditor.cs b/src/Umbraco.Web/PropertyEditors/MediaPicker3PropertyEditor.cs
index 43d190e173..5f1b319e01 100644
--- a/src/Umbraco.Web/PropertyEditors/MediaPicker3PropertyEditor.cs
+++ b/src/Umbraco.Web/PropertyEditors/MediaPicker3PropertyEditor.cs
@@ -1,8 +1,9 @@
-using Newtonsoft.Json;
-using System;
+using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Runtime.Serialization;
+using Newtonsoft.Json;
+using Newtonsoft.Json.Linq;
 using Umbraco.Core;
 using Umbraco.Core.Logging;
 using Umbraco.Core.Models;
@@ -50,7 +51,36 @@ namespace Umbraco.Web.PropertyEditors
             {
                 var value = property.GetValue(culture, segment);
 
-                return Deserialize(value);
+                var dtos = Deserialize(value).ToList();
+
+                var dataType = dataTypeService.GetDataType(property.PropertyType.DataTypeId);
+                if (dataType?.Configuration != null)
+                {
+                    var configuration = dataType.ConfigurationAs<MediaPicker3Configuration>();
+
+                    foreach (var dto in dtos)
+                    {
+                        dto.ApplyConfiguration(configuration);
+                    }
+                }
+
+                return dtos;
+            }
+
+            public override object FromEditor(ContentPropertyData editorValue, object currentValue)
+            {
+                if (editorValue.Value is JArray dtos)
+                {
+                    // Clean up redundant/default data
+                    foreach (var dto in dtos.Values<JObject>())
+                    {
+                        MediaWithCropsDto.Prune(dto);
+                    }
+
+                    return dtos.ToString(Formatting.None);
+                }
+
+                return base.FromEditor(editorValue, currentValue);
             }
 
             public IEnumerable<UmbracoEntityReference> GetReferences(object value)
@@ -117,6 +147,51 @@ namespace Umbraco.Web.PropertyEditors
 
                 [DataMember(Name = "focalPoint")]
                 public ImageCropperValue.ImageCropperFocalPoint FocalPoint { get; set; }
+
+                /// <summary>
+                /// Applies the configuration to ensure only valid crops are kept and have the correct width/height.
+                /// </summary>
+                /// <param name="configuration">The configuration.</param>
+                public void ApplyConfiguration(MediaPicker3Configuration configuration)
+                {
+                    var crops = new List<ImageCropperValue.ImageCropperCrop>();
+
+                    var configuredCrops = configuration?.Crops;
+                    if (configuredCrops != null)
+                    {
+                        foreach (var configuredCrop in configuredCrops)
+                        {
+                            var crop = Crops?.FirstOrDefault(x => x.Alias == configuredCrop.Alias);
+
+                            crops.Add(new ImageCropperValue.ImageCropperCrop
+                            {
+                                Alias = configuredCrop.Alias,
+                                Width = configuredCrop.Width,
+                                Height = configuredCrop.Height,
+                                Coordinates = crop?.Coordinates
+                            });
+                        }
+                    }
+
+                    Crops = crops;
+
+                    if (configuration?.EnableLocalFocalPoint == false)
+                    {
+                        FocalPoint = null;
+                    }
+                }
+
+                /// <summary>
+                /// Removes redundant crop data/default focal point.
+                /// </summary>
+                /// <param name="value">The media with crops DTO.</param>
+                /// <returns>
+                /// The cleaned up value.
+                /// </returns>
+                /// <remarks>
+                /// Because the DTO uses the same JSON keys as the image cropper value for crops and focal point, we can re-use the prune method.
+                /// </remarks>
+                public static void Prune(JObject value) => ImageCropperValue.Prune(value);
             }
         }
     }

From dfc3e56eb79965117c4ebfb489d9e71779878b39 Mon Sep 17 00:00:00 2001
From: Nikolaj Geisle <70372949+Zeegaan@users.noreply.github.com>
Date: Wed, 5 Jan 2022 13:16:07 +0100
Subject: [PATCH 14/81] Check if we're in debug and set IncludeErrorPolicy
 accordingly

---
 src/Umbraco.Web/WebApi/EnableDetailedErrorsAttribute.cs | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/Umbraco.Web/WebApi/EnableDetailedErrorsAttribute.cs b/src/Umbraco.Web/WebApi/EnableDetailedErrorsAttribute.cs
index a62df6b5e4..3df6ffb47b 100644
--- a/src/Umbraco.Web/WebApi/EnableDetailedErrorsAttribute.cs
+++ b/src/Umbraco.Web/WebApi/EnableDetailedErrorsAttribute.cs
@@ -1,4 +1,5 @@
-using System.Web.Http;
+using System.Web;
+using System.Web.Http;
 using System.Web.Http.Controllers;
 using System.Web.Http.Filters;
 
@@ -11,7 +12,7 @@ namespace Umbraco.Web.WebApi
     {
         public override void OnActionExecuting(HttpActionContext actionContext)
         {
-            actionContext.ControllerContext.Configuration.IncludeErrorDetailPolicy = IncludeErrorDetailPolicy.Always;
+            actionContext.ControllerContext.Configuration.IncludeErrorDetailPolicy = HttpContext.Current.IsDebuggingEnabled ? IncludeErrorDetailPolicy.Always : IncludeErrorDetailPolicy.Default;
         }
     }
 }

From 2155062678e5366d26330ab20262dd11f6ab02af Mon Sep 17 00:00:00 2001
From: Ronald Barendse <ronald@barend.se>
Date: Mon, 10 Jan 2022 09:32:29 +0100
Subject: [PATCH 15/81] Prune/remove indentation from JSON property values
 (#11806)

* Use Formatting.None for JSON property data in default value editor

* Use Formatting.None for JSON property data in custom value editors

* Use Formatting.None for JSON property data in Nested Content and Block List

* Use Formatting.None for JSON property tags

* Use Formatting.None for JSON configuration data

* Use Formatting.None in custom JSON converter

* Ensure empty tags and complex editor values are not stored

* Fix NestedContentPropertyComponentTests

* Do not store empty property data

* Use Formatting.None and don't store configured crops (without coordinates)

* Fix JSON deserialization of tags value
---
 .../Models/PropertyTagsExtensions.cs          |  19 +-
 ...omplexPropertyEditorContentEventHandler.cs |   8 +-
 .../PropertyEditors/ConfigurationEditor.cs    |   2 +
 .../PropertyEditors/DataValueEditor.cs        |  16 +-
 .../Serialization/JsonToStringConverter.cs    |   3 +-
 .../BlockEditorComponentTests.cs              |   3 +-
 .../NestedContentPropertyComponentTests.cs    | 417 +++++++++---------
 .../Compose/BlockEditorComponent.cs           |   2 +-
 .../Compose/NestedContentPropertyComponent.cs |  10 +-
 .../BlockEditorPropertyEditor.cs              |   2 +-
 .../ColorPickerConfigurationEditor.cs         |   2 +-
 .../PropertyEditors/GridPropertyEditor.cs     |   2 +-
 .../ImageCropperPropertyEditor.cs             |  23 +-
 .../ImageCropperPropertyValueEditor.cs        |   4 +
 .../MultiUrlPickerValueEditor.cs              |  14 +-
 .../MultipleTextStringPropertyEditor.cs       |   2 +-
 .../PropertyEditors/MultipleValueEditor.cs    |   8 +-
 .../NestedContentPropertyEditor.cs            |   9 +-
 .../PropertyEditors/RichTextPropertyEditor.cs |   2 +-
 .../PropertyEditors/TagsPropertyEditor.cs     |   2 +-
 20 files changed, 281 insertions(+), 269 deletions(-)

diff --git a/src/Umbraco.Core/Models/PropertyTagsExtensions.cs b/src/Umbraco.Core/Models/PropertyTagsExtensions.cs
index 63cf870221..c97bf4c66a 100644
--- a/src/Umbraco.Core/Models/PropertyTagsExtensions.cs
+++ b/src/Umbraco.Core/Models/PropertyTagsExtensions.cs
@@ -68,11 +68,13 @@ namespace Umbraco.Core.Models
                 switch (storageType)
                 {
                     case TagsStorageType.Csv:
-                        property.SetValue(string.Join(delimiter.ToString(), currentTags.Union(trimmedTags)), culture); // csv string
+                        property.SetValue(string.Join(delimiter.ToString(), currentTags.Union(trimmedTags)).NullOrWhiteSpaceAsNull(), culture); // csv string
                         break;
 
                     case TagsStorageType.Json:
-                        property.SetValue(JsonConvert.SerializeObject(currentTags.Union(trimmedTags).ToArray()), culture); // json array
+                        var updatedTags = currentTags.Union(trimmedTags).ToArray();
+                        var updatedValue = updatedTags.Length == 0 ? null : JsonConvert.SerializeObject(updatedTags, Formatting.None);
+                        property.SetValue(updatedValue, culture); // json array
                         break;
                 }
             }
@@ -81,11 +83,12 @@ namespace Umbraco.Core.Models
                 switch (storageType)
                 {
                     case TagsStorageType.Csv:
-                        property.SetValue(string.Join(delimiter.ToString(), trimmedTags), culture); // csv string
+                        property.SetValue(string.Join(delimiter.ToString(), trimmedTags).NullOrWhiteSpaceAsNull(), culture); // csv string
                         break;
 
                     case TagsStorageType.Json:
-                        property.SetValue(JsonConvert.SerializeObject(trimmedTags), culture); // json array
+                        var updatedValue = trimmedTags.Length == 0 ? null : JsonConvert.SerializeObject(trimmedTags, Formatting.None);
+                        property.SetValue(updatedValue, culture); // json array
                         break;
                 }
             }
@@ -121,11 +124,13 @@ namespace Umbraco.Core.Models
             switch (storageType)
             {
                 case TagsStorageType.Csv:
-                    property.SetValue(string.Join(delimiter.ToString(), currentTags.Except(trimmedTags)), culture); // csv string
+                    property.SetValue(string.Join(delimiter.ToString(), currentTags.Except(trimmedTags)).NullOrWhiteSpaceAsNull(), culture); // csv string
                     break;
 
                 case TagsStorageType.Json:
-                    property.SetValue(JsonConvert.SerializeObject(currentTags.Except(trimmedTags).ToArray()), culture); // json array
+                    var updatedTags = currentTags.Except(trimmedTags).ToArray();
+                    var updatedValue = updatedTags.Length == 0 ? null : JsonConvert.SerializeObject(updatedTags, Formatting.None);
+                    property.SetValue(updatedValue, culture); // json array
                     break;
             }
         }
@@ -157,7 +162,7 @@ namespace Umbraco.Core.Models
                 case TagsStorageType.Json:
                     try
                     {
-                        return JsonConvert.DeserializeObject<JArray>(value).Select(x => x.ToString().Trim());
+                        return JsonConvert.DeserializeObject<string[]>(value).Select(x => x.Trim());
                     }
                     catch (JsonException)
                     {
diff --git a/src/Umbraco.Core/PropertyEditors/ComplexPropertyEditorContentEventHandler.cs b/src/Umbraco.Core/PropertyEditors/ComplexPropertyEditorContentEventHandler.cs
index 2b819d4555..f0876acb9b 100644
--- a/src/Umbraco.Core/PropertyEditors/ComplexPropertyEditorContentEventHandler.cs
+++ b/src/Umbraco.Core/PropertyEditors/ComplexPropertyEditorContentEventHandler.cs
@@ -1,5 +1,7 @@
 using System;
 using System.Collections.Generic;
+using Newtonsoft.Json;
+using Newtonsoft.Json.Linq;
 using Umbraco.Core.Events;
 using Umbraco.Core.Models;
 using Umbraco.Core.Services;
@@ -59,11 +61,13 @@ namespace Umbraco.Core.PropertyEditors
                 foreach (var cultureVal in propVals)
                 {
                     // Remove keys from published value & any nested properties
-                    var updatedPublishedVal = _formatPropertyValue(cultureVal.PublishedValue?.ToString(), onlyMissingKeys);
+                    var publishedValue = cultureVal.PublishedValue is JToken jsonPublishedValue ? jsonPublishedValue.ToString(Formatting.None) : cultureVal.PublishedValue?.ToString();
+                    var updatedPublishedVal = _formatPropertyValue(publishedValue, onlyMissingKeys).NullOrWhiteSpaceAsNull();
                     cultureVal.PublishedValue = updatedPublishedVal;
 
                     // Remove keys from edited/draft value & any nested properties
-                    var updatedEditedVal = _formatPropertyValue(cultureVal.EditedValue?.ToString(), onlyMissingKeys);
+                    var editedValue = cultureVal.EditedValue is JToken jsonEditedValue ? jsonEditedValue.ToString(Formatting.None) : cultureVal.EditedValue?.ToString();
+                    var updatedEditedVal = _formatPropertyValue(editedValue, onlyMissingKeys).NullOrWhiteSpaceAsNull();
                     cultureVal.EditedValue = updatedEditedVal;
                 }
             }
diff --git a/src/Umbraco.Core/PropertyEditors/ConfigurationEditor.cs b/src/Umbraco.Core/PropertyEditors/ConfigurationEditor.cs
index 8151753a43..82a23847a3 100644
--- a/src/Umbraco.Core/PropertyEditors/ConfigurationEditor.cs
+++ b/src/Umbraco.Core/PropertyEditors/ConfigurationEditor.cs
@@ -126,6 +126,8 @@ namespace Umbraco.Core.PropertyEditors
         /// </summary>
         public static JsonSerializerSettings ConfigurationJsonSettings { get; } = new JsonSerializerSettings
         {
+            Formatting = Formatting.None,
+            NullValueHandling = NullValueHandling.Ignore,
             ContractResolver = new ConfigurationCustomContractResolver(),
             Converters = new List<JsonConverter>(new[]{new FuzzyBooleanConverter()})
         };
diff --git a/src/Umbraco.Core/PropertyEditors/DataValueEditor.cs b/src/Umbraco.Core/PropertyEditors/DataValueEditor.cs
index fbcd5ec440..2484e8f830 100644
--- a/src/Umbraco.Core/PropertyEditors/DataValueEditor.cs
+++ b/src/Umbraco.Core/PropertyEditors/DataValueEditor.cs
@@ -145,8 +145,18 @@ namespace Umbraco.Core.PropertyEditors
         /// <returns></returns>
         internal Attempt<object> TryConvertValueToCrlType(object value)
         {
-            if (value is JValue)
-                value = value.ToString();
+            if (value is JToken jsonValue)
+            {
+                if (jsonValue is JContainer && jsonValue.HasValues == false)
+                {
+                    // Empty JSON array/object
+                    value = null;
+                }
+                else
+                {
+                    value = jsonValue.ToString(Formatting.None);
+                }
+            }
 
             //this is a custom check to avoid any errors, if it's a string and it's empty just make it null
             if (value is string s && string.IsNullOrWhiteSpace(s))
@@ -187,6 +197,7 @@ namespace Umbraco.Core.PropertyEditors
                 default:
                     throw new ArgumentOutOfRangeException();
             }
+
             return value.TryConvertTo(valueType);
         }
 
@@ -222,6 +233,7 @@ namespace Umbraco.Core.PropertyEditors
                 Current.Logger.Warn<DataValueEditor,object,ValueStorageType>("The value {EditorValue} cannot be converted to the type {StorageTypeValue}", editorValue.Value, ValueTypes.ToStorageType(ValueType));
                 return null;
             }
+
             return result.Result;
         }
 
diff --git a/src/Umbraco.Core/Serialization/JsonToStringConverter.cs b/src/Umbraco.Core/Serialization/JsonToStringConverter.cs
index 08c9a44d00..26d73b60ef 100644
--- a/src/Umbraco.Core/Serialization/JsonToStringConverter.cs
+++ b/src/Umbraco.Core/Serialization/JsonToStringConverter.cs
@@ -20,9 +20,10 @@ namespace Umbraco.Core.Serialization
             {
                 return reader.Value;
             }
+
             // Load JObject from stream
             JObject jObject = JObject.Load(reader);
-            return jObject.ToString();
+            return jObject.ToString(Formatting.None);
         }
 
         public override bool CanConvert(Type objectType)
diff --git a/src/Umbraco.Tests/PropertyEditors/BlockEditorComponentTests.cs b/src/Umbraco.Tests/PropertyEditors/BlockEditorComponentTests.cs
index bfd8b8c77b..3fce47b718 100644
--- a/src/Umbraco.Tests/PropertyEditors/BlockEditorComponentTests.cs
+++ b/src/Umbraco.Tests/PropertyEditors/BlockEditorComponentTests.cs
@@ -14,8 +14,7 @@ namespace Umbraco.Tests.PropertyEditors
         private readonly JsonSerializerSettings _serializerSettings = new JsonSerializerSettings
         {
             Formatting = Formatting.None,
-            NullValueHandling = NullValueHandling.Ignore,
-            
+            NullValueHandling = NullValueHandling.Ignore
         };
 
         private const string _contentGuid1 = "036ce82586a64dfba2d523a99ed80f58";
diff --git a/src/Umbraco.Tests/PropertyEditors/NestedContentPropertyComponentTests.cs b/src/Umbraco.Tests/PropertyEditors/NestedContentPropertyComponentTests.cs
index 5b7e220123..75c4403e2b 100644
--- a/src/Umbraco.Tests/PropertyEditors/NestedContentPropertyComponentTests.cs
+++ b/src/Umbraco.Tests/PropertyEditors/NestedContentPropertyComponentTests.cs
@@ -1,10 +1,7 @@
-using Newtonsoft.Json;
+using System;
+using Newtonsoft.Json;
+using Newtonsoft.Json.Linq;
 using NUnit.Framework;
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Text;
-using System.Threading.Tasks;
 using Umbraco.Web.Compose;
 
 namespace Umbraco.Tests.PropertyEditors
@@ -13,6 +10,11 @@ namespace Umbraco.Tests.PropertyEditors
     [TestFixture]
     public class NestedContentPropertyComponentTests
     {
+        private static void AreEqualJson(string expected, string actual)
+        {
+            Assert.AreEqual(JToken.Parse(expected), JToken.Parse(actual));
+        }
+
         [Test]
         public void Invalid_Json()
         {
@@ -29,17 +31,18 @@ namespace Umbraco.Tests.PropertyEditors
             Func<Guid> guidFactory = () => guids[guidCounter++];
 
             var json = @"[
-  {""key"":""04a6dba8-813c-4144-8aca-86a3f24ebf08"",""name"":""Item 1"",""ncContentTypeAlias"":""nested"",""text"":""woot""},
-  {""key"":""d8e214d8-c5a5-4b45-9b51-4050dd47f5fa"",""name"":""Item 2"",""ncContentTypeAlias"":""nested"",""text"":""zoot""}
-]";
+              {""key"":""04a6dba8-813c-4144-8aca-86a3f24ebf08"",""name"":""Item 1"",""ncContentTypeAlias"":""nested"",""text"":""woot""},
+              {""key"":""d8e214d8-c5a5-4b45-9b51-4050dd47f5fa"",""name"":""Item 2"",""ncContentTypeAlias"":""nested"",""text"":""zoot""}
+            ]";
+
             var expected = json
                 .Replace("04a6dba8-813c-4144-8aca-86a3f24ebf08", guids[0].ToString())
                 .Replace("d8e214d8-c5a5-4b45-9b51-4050dd47f5fa", guids[1].ToString());
 
             var component = new NestedContentPropertyComponent();
-            var result = component.CreateNestedContentKeys(json, false, guidFactory);
+            var actual = component.CreateNestedContentKeys(json, false, guidFactory);
 
-            Assert.AreEqual(JsonConvert.DeserializeObject(expected).ToString(), JsonConvert.DeserializeObject(result).ToString());
+            AreEqualJson(expected, actual);
         }
 
         [Test]
@@ -50,29 +53,27 @@ namespace Umbraco.Tests.PropertyEditors
             Func<Guid> guidFactory = () => guids[guidCounter++];
 
             var json = @"[{
-		""key"": ""04a6dba8-813c-4144-8aca-86a3f24ebf08"",
-		""name"": ""Item 1"",
-		""ncContentTypeAlias"": ""text"",
-		""text"": ""woot""
-	}, {
-		""key"": ""d8e214d8-c5a5-4b45-9b51-4050dd47f5fa"",
-		""name"": ""Item 2"",
-		""ncContentTypeAlias"": ""list"",
-		""text"": ""zoot"",
-		""subItems"": [{
-				""key"": ""dccf550c-3a05-469e-95e1-a8f560f788c2"",
-				""name"": ""Item 1"",
-				""ncContentTypeAlias"": ""text"",
-				""text"": ""woot""
-			}, {
-				""key"": ""fbde4288-8382-4e13-8933-ed9c160de050"",
-				""name"": ""Item 2"",
-				""ncContentTypeAlias"": ""text"",
-				""text"": ""zoot""
-			}
-		]
-	}
-]";
+		        ""key"": ""04a6dba8-813c-4144-8aca-86a3f24ebf08"",
+		        ""name"": ""Item 1"",
+		        ""ncContentTypeAlias"": ""text"",
+		        ""text"": ""woot""
+	        }, {
+		        ""key"": ""d8e214d8-c5a5-4b45-9b51-4050dd47f5fa"",
+		        ""name"": ""Item 2"",
+		        ""ncContentTypeAlias"": ""list"",
+		        ""text"": ""zoot"",
+		        ""subItems"": [{
+				    ""key"": ""dccf550c-3a05-469e-95e1-a8f560f788c2"",
+				    ""name"": ""Item 1"",
+				    ""ncContentTypeAlias"": ""text"",
+				    ""text"": ""woot""
+			    }, {
+				    ""key"": ""fbde4288-8382-4e13-8933-ed9c160de050"",
+				    ""name"": ""Item 2"",
+				    ""ncContentTypeAlias"": ""text"",
+				    ""text"": ""zoot""
+			    }]
+	        }]";
 
             var expected = json
                 .Replace("04a6dba8-813c-4144-8aca-86a3f24ebf08", guids[0].ToString())
@@ -81,9 +82,9 @@ namespace Umbraco.Tests.PropertyEditors
                 .Replace("fbde4288-8382-4e13-8933-ed9c160de050", guids[3].ToString());
 
             var component = new NestedContentPropertyComponent();
-            var result = component.CreateNestedContentKeys(json, false, guidFactory);
+            var actual = component.CreateNestedContentKeys(json, false, guidFactory);
 
-            Assert.AreEqual(JsonConvert.DeserializeObject(expected).ToString(), JsonConvert.DeserializeObject(result).ToString());
+            AreEqualJson(expected, actual);
         }
 
         [Test]
@@ -95,7 +96,8 @@ namespace Umbraco.Tests.PropertyEditors
 
             // we need to ensure the escaped json is consistent with how it will be re-escaped after parsing
             // and this is how to do that, the result will also include quotes around it.
-            var subJsonEscaped = JsonConvert.ToString(JsonConvert.DeserializeObject(@"[{
+            var subJsonEscaped = JsonConvert.ToString(JToken.Parse(@"
+            [{
 				""key"": ""dccf550c-3a05-469e-95e1-a8f560f788c2"",
 				""name"": ""Item 1"",
 				""ncContentTypeAlias"": ""text"",
@@ -105,22 +107,20 @@ namespace Umbraco.Tests.PropertyEditors
 				""name"": ""Item 2"",
 				""ncContentTypeAlias"": ""text"",
 				""text"": ""zoot""
-			}
-		]").ToString());
+			}]").ToString(Formatting.None));
 
             var json = @"[{
-		""key"": ""04a6dba8-813c-4144-8aca-86a3f24ebf08"",
-		""name"": ""Item 1"",
-		""ncContentTypeAlias"": ""text"",
-		""text"": ""woot""
-	}, {
-		""key"": ""d8e214d8-c5a5-4b45-9b51-4050dd47f5fa"",
-		""name"": ""Item 2"",
-		""ncContentTypeAlias"": ""list"",
-		""text"": ""zoot"",
-		""subItems"":" + subJsonEscaped + @"
-	}
-]";
+		        ""key"": ""04a6dba8-813c-4144-8aca-86a3f24ebf08"",
+		        ""name"": ""Item 1"",
+		        ""ncContentTypeAlias"": ""text"",
+		        ""text"": ""woot""
+	        }, {
+		        ""key"": ""d8e214d8-c5a5-4b45-9b51-4050dd47f5fa"",
+		        ""name"": ""Item 2"",
+		        ""ncContentTypeAlias"": ""list"",
+		        ""text"": ""zoot"",
+		        ""subItems"":" + subJsonEscaped + @"
+	        }]";
 
             var expected = json
                 .Replace("04a6dba8-813c-4144-8aca-86a3f24ebf08", guids[0].ToString())
@@ -129,9 +129,9 @@ namespace Umbraco.Tests.PropertyEditors
                 .Replace("fbde4288-8382-4e13-8933-ed9c160de050", guids[3].ToString());
 
             var component = new NestedContentPropertyComponent();
-            var result = component.CreateNestedContentKeys(json, false, guidFactory);
+            var actual = component.CreateNestedContentKeys(json, false, guidFactory);
 
-            Assert.AreEqual(JsonConvert.DeserializeObject(expected).ToString(), JsonConvert.DeserializeObject(result).ToString());
+            AreEqualJson(expected, actual);
         }
 
         [Test]
@@ -143,7 +143,7 @@ namespace Umbraco.Tests.PropertyEditors
 
             // we need to ensure the escaped json is consistent with how it will be re-escaped after parsing
             // and this is how to do that, the result will also include quotes around it.
-            var subJsonEscaped = JsonConvert.ToString(JsonConvert.DeserializeObject(@"[{
+            var subJsonEscaped = JsonConvert.ToString(JToken.Parse(@"[{
 				""key"": ""dccf550c-3a05-469e-95e1-a8f560f788c2"",
 				""name"": ""Item 1"",
 				""ncContentTypeAlias"": ""text"",
@@ -153,79 +153,74 @@ namespace Umbraco.Tests.PropertyEditors
 				""name"": ""Item 2"",
 				""ncContentTypeAlias"": ""text"",
 				""text"": ""zoot""
-			}
-		]").ToString());
+			}]").ToString(Formatting.None));
 
             // Complex editor such as the grid
             var complexEditorJsonEscaped = @"{
-  ""name"": ""1 column layout"",
-  ""sections"": [
-    {
-        ""grid"": ""12"",
-        ""rows"": [
-        {
-            ""name"": ""Article"",
-            ""id"": ""b4f6f651-0de3-ef46-e66a-464f4aaa9c57"",
-            ""areas"": [
-            {
-                ""grid"": ""4"",
-                ""controls"": [
+                ""name"": ""1 column layout"",
+                ""sections"": [
                 {
-                    ""value"": ""I am quote"",
-                    ""editor"": {
-                        ""alias"": ""quote"",
-                        ""view"": ""textstring""
-                    },
-                    ""styles"": null,
-                    ""config"": null
-                }],
-                ""styles"": null,
-                ""config"": null
-            },
-            {
-                ""grid"": ""8"",
-                ""controls"": [
-                {
-                    ""value"": ""Header"",
-                    ""editor"": {
-                        ""alias"": ""headline"",
-                        ""view"": ""textstring""
-                    },
-                    ""styles"": null,
-                    ""config"": null
-                },
-                {
-                    ""value"": " + subJsonEscaped + @",
-                    ""editor"": {
-                        ""alias"": ""madeUpNestedContent"",
-                        ""view"": ""madeUpNestedContentInGrid""
-                    },
-                    ""styles"": null,
-                    ""config"": null
-                }],
-                ""styles"": null,
-                ""config"": null
-            }],
-            ""styles"": null,
-            ""config"": null
-        }]
-    }]
-}";
-
+                    ""grid"": ""12"",
+                    ""rows"": [
+                    {
+                        ""name"": ""Article"",
+                        ""id"": ""b4f6f651-0de3-ef46-e66a-464f4aaa9c57"",
+                        ""areas"": [
+                        {
+                            ""grid"": ""4"",
+                            ""controls"": [{
+                                ""value"": ""I am quote"",
+                                ""editor"": {
+                                    ""alias"": ""quote"",
+                                    ""view"": ""textstring""
+                                },
+                                ""styles"": null,
+                                ""config"": null
+                            }],
+                            ""styles"": null,
+                            ""config"": null
+                        },
+                        {
+                            ""grid"": ""8"",
+                            ""controls"": [{
+                                ""value"": ""Header"",
+                                ""editor"": {
+                                    ""alias"": ""headline"",
+                                    ""view"": ""textstring""
+                                },
+                                ""styles"": null,
+                                ""config"": null
+                            },
+                            {
+                                ""value"": " + subJsonEscaped + @",
+                                ""editor"": {
+                                    ""alias"": ""madeUpNestedContent"",
+                                    ""view"": ""madeUpNestedContentInGrid""
+                                },
+                                ""styles"": null,
+                                ""config"": null
+                            }],
+                            ""styles"": null,
+                            ""config"": null
+                        }],
+                        ""styles"": null,
+                        ""config"": null
+                    }]
+                }]
+            }";
 
             var json = @"[{
-		""key"": ""04a6dba8-813c-4144-8aca-86a3f24ebf08"",
-		""name"": ""Item 1"",
-		""ncContentTypeAlias"": ""text"",
-		""text"": ""woot""
-	}, {
-		""key"": ""d8e214d8-c5a5-4b45-9b51-4050dd47f5fa"",
-		""name"": ""Item 2"",
-		""ncContentTypeAlias"": ""list"",
-		""text"": ""zoot"",
-		""subItems"":" + complexEditorJsonEscaped + @"
-	}
-]";
+		        ""key"": ""04a6dba8-813c-4144-8aca-86a3f24ebf08"",
+		        ""name"": ""Item 1"",
+		        ""ncContentTypeAlias"": ""text"",
+		        ""text"": ""woot""
+	        }, {
+		        ""key"": ""d8e214d8-c5a5-4b45-9b51-4050dd47f5fa"",
+		        ""name"": ""Item 2"",
+		        ""ncContentTypeAlias"": ""list"",
+		        ""text"": ""zoot"",
+		        ""subItems"":" + complexEditorJsonEscaped + @"
+	        }]";
 
             var expected = json
                 .Replace("04a6dba8-813c-4144-8aca-86a3f24ebf08", guids[0].ToString())
@@ -234,12 +229,11 @@ namespace Umbraco.Tests.PropertyEditors
                 .Replace("fbde4288-8382-4e13-8933-ed9c160de050", guids[3].ToString());
 
             var component = new NestedContentPropertyComponent();
-            var result = component.CreateNestedContentKeys(json, false, guidFactory);
+            var actual = component.CreateNestedContentKeys(json, false, guidFactory);
 
-            Assert.AreEqual(JsonConvert.DeserializeObject(expected).ToString(), JsonConvert.DeserializeObject(result).ToString());
+            AreEqualJson(expected, actual);
         }
 
-
         [Test]
         public void No_Nesting_Generates_Keys_For_Missing_Items()
         {
@@ -248,18 +242,18 @@ namespace Umbraco.Tests.PropertyEditors
             Func<Guid> guidFactory = () => guids[guidCounter++];
 
             var json = @"[
-  {""key"":""04a6dba8-813c-4144-8aca-86a3f24ebf08"",""name"":""Item 1 my key wont change"",""ncContentTypeAlias"":""nested"",""text"":""woot""},
-  {""name"":""Item 2 was copied and has no key prop"",""ncContentTypeAlias"":""nested"",""text"":""zoot""}
-]";
+              {""key"":""04a6dba8-813c-4144-8aca-86a3f24ebf08"",""name"":""Item 1 my key wont change"",""ncContentTypeAlias"":""nested"",""text"":""woot""},
+              {""name"":""Item 2 was copied and has no key prop"",""ncContentTypeAlias"":""nested"",""text"":""zoot""}
+            ]";
 
             var component = new NestedContentPropertyComponent();
             var result = component.CreateNestedContentKeys(json, true, guidFactory);
 
             // Ensure the new GUID is put in a key into the JSON
-            Assert.IsTrue(JsonConvert.DeserializeObject(result).ToString().Contains(guids[0].ToString()));
+            Assert.IsTrue(result.Contains(guids[0].ToString()));
 
             // Ensure that the original key is NOT changed/modified & still exists
-            Assert.IsTrue(JsonConvert.DeserializeObject(result).ToString().Contains("04a6dba8-813c-4144-8aca-86a3f24ebf08"));
+            Assert.IsTrue(result.Contains("04a6dba8-813c-4144-8aca-86a3f24ebf08"));
         }
 
         [Test]
@@ -271,7 +265,7 @@ namespace Umbraco.Tests.PropertyEditors
 
             // we need to ensure the escaped json is consistent with how it will be re-escaped after parsing
             // and this is how to do that, the result will also include quotes around it.
-            var subJsonEscaped = JsonConvert.ToString(JsonConvert.DeserializeObject(@"[{
+            var subJsonEscaped = JsonConvert.ToString(JToken.Parse(@"[{
 				""name"": ""Item 1"",
 				""ncContentTypeAlias"": ""text"",
 				""text"": ""woot""
@@ -279,29 +273,27 @@ namespace Umbraco.Tests.PropertyEditors
 				""name"": ""Nested Item 2 was copied and has no key"",
 				""ncContentTypeAlias"": ""text"",
 				""text"": ""zoot""
-			}
-		]").ToString());
+			}]").ToString(Formatting.None));
 
             var json = @"[{
-		""name"": ""Item 1 was copied and has no key"",
-		""ncContentTypeAlias"": ""text"",
-		""text"": ""woot""
-	}, {
-		""key"": ""d8e214d8-c5a5-4b45-9b51-4050dd47f5fa"",
-		""name"": ""Item 2"",
-		""ncContentTypeAlias"": ""list"",
-		""text"": ""zoot"",
-		""subItems"":" + subJsonEscaped + @"
-	}
-]";
+		        ""name"": ""Item 1 was copied and has no key"",
+		        ""ncContentTypeAlias"": ""text"",
+		        ""text"": ""woot""
+	        }, {
+		        ""key"": ""d8e214d8-c5a5-4b45-9b51-4050dd47f5fa"",
+		        ""name"": ""Item 2"",
+		        ""ncContentTypeAlias"": ""list"",
+		        ""text"": ""zoot"",
+		        ""subItems"":" + subJsonEscaped + @"
+	        }]";
 
             var component = new NestedContentPropertyComponent();
             var result = component.CreateNestedContentKeys(json, true, guidFactory);
 
             // Ensure the new GUID is put in a key into the JSON for each item
-            Assert.IsTrue(JsonConvert.DeserializeObject(result).ToString().Contains(guids[0].ToString()));
-            Assert.IsTrue(JsonConvert.DeserializeObject(result).ToString().Contains(guids[1].ToString()));
-            Assert.IsTrue(JsonConvert.DeserializeObject(result).ToString().Contains(guids[2].ToString()));
+            Assert.IsTrue(result.Contains(guids[0].ToString()));
+            Assert.IsTrue(result.Contains(guids[1].ToString()));
+            Assert.IsTrue(result.Contains(guids[2].ToString()));
         }
 
         [Test]
@@ -313,7 +305,7 @@ namespace Umbraco.Tests.PropertyEditors
 
             // we need to ensure the escaped json is consistent with how it will be re-escaped after parsing
             // and this is how to do that, the result will also include quotes around it.
-            var subJsonEscaped = JsonConvert.ToString(JsonConvert.DeserializeObject(@"[{
+            var subJsonEscaped = JsonConvert.ToString(JToken.Parse(@"[{
 				""key"": ""dccf550c-3a05-469e-95e1-a8f560f788c2"",
 				""name"": ""Item 1"",
 				""ncContentTypeAlias"": ""text"",
@@ -322,85 +314,80 @@ namespace Umbraco.Tests.PropertyEditors
 				""name"": ""Nested Item 2 was copied and has no key"",
 				""ncContentTypeAlias"": ""text"",
 				""text"": ""zoot""
-			}
-		]").ToString());
+			}]").ToString(Formatting.None));
 
             // Complex editor such as the grid
             var complexEditorJsonEscaped = @"{
-  ""name"": ""1 column layout"",
-  ""sections"": [
-    {
-        ""grid"": ""12"",
-        ""rows"": [
-        {
-            ""name"": ""Article"",
-            ""id"": ""b4f6f651-0de3-ef46-e66a-464f4aaa9c57"",
-            ""areas"": [
-            {
-                ""grid"": ""4"",
-                ""controls"": [
+                ""name"": ""1 column layout"",
+                ""sections"": [
                 {
-                    ""value"": ""I am quote"",
-                    ""editor"": {
-                        ""alias"": ""quote"",
-                        ""view"": ""textstring""
-                    },
-                    ""styles"": null,
-                    ""config"": null
-                }],
-                ""styles"": null,
-                ""config"": null
-            },
-            {
-                ""grid"": ""8"",
-                ""controls"": [
-                {
-                    ""value"": ""Header"",
-                    ""editor"": {
-                        ""alias"": ""headline"",
-                        ""view"": ""textstring""
-                    },
-                    ""styles"": null,
-                    ""config"": null
-                },
-                {
-                    ""value"": " + subJsonEscaped + @",
-                    ""editor"": {
-                        ""alias"": ""madeUpNestedContent"",
-                        ""view"": ""madeUpNestedContentInGrid""
-                    },
-                    ""styles"": null,
-                    ""config"": null
-                }],
-                ""styles"": null,
-                ""config"": null
-            }],
-            ""styles"": null,
-            ""config"": null
-        }]
-    }]
-}";
-
+                    ""grid"": ""12"",
+                    ""rows"": [
+                    {
+                        ""name"": ""Article"",
+                        ""id"": ""b4f6f651-0de3-ef46-e66a-464f4aaa9c57"",
+                        ""areas"": [
+                        {
+                            ""grid"": ""4"",
+                            ""controls"": [{
+                                ""value"": ""I am quote"",
+                                ""editor"": {
+                                    ""alias"": ""quote"",
+                                    ""view"": ""textstring""
+                                },
+                                ""styles"": null,
+                                ""config"": null
+                            }],
+                            ""styles"": null,
+                            ""config"": null
+                        },
+                        {
+                            ""grid"": ""8"",
+                            ""controls"": [{
+                                ""value"": ""Header"",
+                                ""editor"": {
+                                    ""alias"": ""headline"",
+                                    ""view"": ""textstring""
+                                },
+                                ""styles"": null,
+                                ""config"": null
+                            },
+                            {
+                                ""value"": " + subJsonEscaped + @",
+                                ""editor"": {
+                                    ""alias"": ""madeUpNestedContent"",
+                                    ""view"": ""madeUpNestedContentInGrid""
+                                },
+                                ""styles"": null,
+                                ""config"": null
+                            }],
+                            ""styles"": null,
+                            ""config"": null
+                        }],
+                        ""styles"": null,
+                        ""config"": null
+                    }]
+                }]
+            }";
 
             var json = @"[{
-		""key"": ""04a6dba8-813c-4144-8aca-86a3f24ebf08"",
-		""name"": ""Item 1"",
-		""ncContentTypeAlias"": ""text"",
-		""text"": ""woot""
-	}, {
-		""name"": ""Item 2 was copied and has no key"",
-		""ncContentTypeAlias"": ""list"",
-		""text"": ""zoot"",
-		""subItems"":" + complexEditorJsonEscaped + @"
-	}
-]";
+		        ""key"": ""04a6dba8-813c-4144-8aca-86a3f24ebf08"",
+		        ""name"": ""Item 1"",
+		        ""ncContentTypeAlias"": ""text"",
+		        ""text"": ""woot""
+	        }, {
+		        ""name"": ""Item 2 was copied and has no key"",
+		        ""ncContentTypeAlias"": ""list"",
+		        ""text"": ""zoot"",
+		        ""subItems"":" + complexEditorJsonEscaped + @"
+	        }]";
 
             var component = new NestedContentPropertyComponent();
             var result = component.CreateNestedContentKeys(json, true, guidFactory);
 
             // Ensure the new GUID is put in a key into the JSON for each item
-            Assert.IsTrue(JsonConvert.DeserializeObject(result).ToString().Contains(guids[0].ToString()));
-            Assert.IsTrue(JsonConvert.DeserializeObject(result).ToString().Contains(guids[1].ToString()));
+            Assert.IsTrue(result.Contains(guids[0].ToString()));
+            Assert.IsTrue(result.Contains(guids[1].ToString()));
         }
     }
 }
diff --git a/src/Umbraco.Web/Compose/BlockEditorComponent.cs b/src/Umbraco.Web/Compose/BlockEditorComponent.cs
index ac92aa6918..a2dd772cf7 100644
--- a/src/Umbraco.Web/Compose/BlockEditorComponent.cs
+++ b/src/Umbraco.Web/Compose/BlockEditorComponent.cs
@@ -63,7 +63,7 @@ namespace Umbraco.Web.Compose
 
             UpdateBlockListRecursively(blockListValue, createGuid);
 
-            return JsonConvert.SerializeObject(blockListValue.BlockValue);
+            return JsonConvert.SerializeObject(blockListValue.BlockValue, Formatting.None);
         }
 
         private void UpdateBlockListRecursively(BlockEditorData blockListData, Func<Guid> createGuid)
diff --git a/src/Umbraco.Web/Compose/NestedContentPropertyComponent.cs b/src/Umbraco.Web/Compose/NestedContentPropertyComponent.cs
index 633e814bd9..3abf962f4d 100644
--- a/src/Umbraco.Web/Compose/NestedContentPropertyComponent.cs
+++ b/src/Umbraco.Web/Compose/NestedContentPropertyComponent.cs
@@ -1,14 +1,10 @@
 using System;
-using System.Collections.Generic;
 using System.Linq;
+using Newtonsoft.Json;
 using Newtonsoft.Json.Linq;
 using Umbraco.Core;
 using Umbraco.Core.Composing;
-using Umbraco.Core.Events;
-using Umbraco.Core.Models;
 using Umbraco.Core.PropertyEditors;
-using Umbraco.Core.Services;
-using Umbraco.Core.Services.Implement;
 using Umbraco.Web.PropertyEditors;
 
 namespace Umbraco.Web.Compose
@@ -47,7 +43,7 @@ namespace Umbraco.Web.Compose
 
             UpdateNestedContentKeysRecursively(complexEditorValue, onlyMissingKeys, createGuid);
 
-            return complexEditorValue.ToString();
+            return complexEditorValue.ToString(Formatting.None);
         }
 
         private void UpdateNestedContentKeysRecursively(JToken json, bool onlyMissingKeys, Func<Guid> createGuid)
@@ -80,7 +76,7 @@ namespace Umbraco.Web.Compose
                         var parsed = JToken.Parse(propVal);
                         UpdateNestedContentKeysRecursively(parsed, onlyMissingKeys, createGuid);
                         // set the value to the updated one
-                        prop.Value = parsed.ToString();
+                        prop.Value = parsed.ToString(Formatting.None);
                     }
                 }
             }
diff --git a/src/Umbraco.Web/PropertyEditors/BlockEditorPropertyEditor.cs b/src/Umbraco.Web/PropertyEditors/BlockEditorPropertyEditor.cs
index 8d50792b71..fab0115d70 100644
--- a/src/Umbraco.Web/PropertyEditors/BlockEditorPropertyEditor.cs
+++ b/src/Umbraco.Web/PropertyEditors/BlockEditorPropertyEditor.cs
@@ -234,7 +234,7 @@ namespace Umbraco.Web.PropertyEditors
                 MapBlockItemData(blockEditorData.BlockValue.SettingsData);
 
                 // return json
-                return JsonConvert.SerializeObject(blockEditorData.BlockValue);
+                return JsonConvert.SerializeObject(blockEditorData.BlockValue, Formatting.None);
             }
 
             #endregion
diff --git a/src/Umbraco.Web/PropertyEditors/ColorPickerConfigurationEditor.cs b/src/Umbraco.Web/PropertyEditors/ColorPickerConfigurationEditor.cs
index a4d894c551..f163fa898c 100644
--- a/src/Umbraco.Web/PropertyEditors/ColorPickerConfigurationEditor.cs
+++ b/src/Umbraco.Web/PropertyEditors/ColorPickerConfigurationEditor.cs
@@ -130,7 +130,7 @@ namespace Umbraco.Web.PropertyEditors
                 if (id >= nextId) nextId = id + 1;
 
                 var label = item.Property("label")?.Value?.Value<string>();
-                value = JsonConvert.SerializeObject(new { value, label });
+                value = JsonConvert.SerializeObject(new { value, label }, Formatting.None);
 
                 output.Items.Add(new ValueListConfiguration.ValueListItem { Id = id, Value = value });
             }
diff --git a/src/Umbraco.Web/PropertyEditors/GridPropertyEditor.cs b/src/Umbraco.Web/PropertyEditors/GridPropertyEditor.cs
index f9eacd9e73..6f919868f7 100644
--- a/src/Umbraco.Web/PropertyEditors/GridPropertyEditor.cs
+++ b/src/Umbraco.Web/PropertyEditors/GridPropertyEditor.cs
@@ -142,7 +142,7 @@ namespace Umbraco.Web.PropertyEditors
                 }
 
                 // Convert back to raw JSON for persisting
-                return JsonConvert.SerializeObject(grid);
+                return JsonConvert.SerializeObject(grid, Formatting.None);
             }
 
             /// <summary>
diff --git a/src/Umbraco.Web/PropertyEditors/ImageCropperPropertyEditor.cs b/src/Umbraco.Web/PropertyEditors/ImageCropperPropertyEditor.cs
index e66af480f8..0c70bae0c5 100644
--- a/src/Umbraco.Web/PropertyEditors/ImageCropperPropertyEditor.cs
+++ b/src/Umbraco.Web/PropertyEditors/ImageCropperPropertyEditor.cs
@@ -1,16 +1,14 @@
-using Newtonsoft.Json;
-using Newtonsoft.Json.Linq;
-using System;
+using System;
 using System.Collections.Generic;
 using System.Linq;
+using Newtonsoft.Json;
+using Newtonsoft.Json.Linq;
 using Umbraco.Core;
 using Umbraco.Core.Configuration.UmbracoSettings;
 using Umbraco.Core.IO;
 using Umbraco.Core.Logging;
-using Umbraco.Core.Media;
 using Umbraco.Core.Models;
 using Umbraco.Core.PropertyEditors;
-using Umbraco.Core.PropertyEditors.ValueConverters;
 using Umbraco.Core.Services;
 using Umbraco.Web.Media;
 
@@ -170,7 +168,7 @@ namespace Umbraco.Web.PropertyEditors
                     var sourcePath = _mediaFileSystem.GetRelativePath(src);
                     var copyPath = _mediaFileSystem.CopyFile(args.Copy, property.PropertyType, sourcePath);
                     jo["src"] = _mediaFileSystem.GetUrl(copyPath);
-                    args.Copy.SetValue(property.Alias, jo.ToString(), propertyValue.Culture, propertyValue.Segment);
+                    args.Copy.SetValue(property.Alias, jo.ToString(Formatting.None), propertyValue.Culture, propertyValue.Segment);
                     isUpdated = true;
                 }
             }
@@ -241,17 +239,12 @@ namespace Umbraco.Web.PropertyEditors
                             // it can happen when an image is uploaded via the folder browser, in which case
                             // the property value will be the file source eg '/media/23454/hello.jpg' and we
                             // are fixing that anomaly here - does not make any sense at all but... bah...
-
-                            var dt = _dataTypeService.GetDataType(property.PropertyType.DataTypeId);
-                            var config = dt?.ConfigurationAs<ImageCropperConfiguration>();
                             src = svalue;
-                            var json = new
-                            {
-                                src = svalue,
-                                crops = config == null ? Array.Empty<ImageCropperConfiguration.Crop>() : config.Crops
-                            };
 
-                            property.SetValue(JsonConvert.SerializeObject(json), pvalue.Culture, pvalue.Segment);
+                            property.SetValue(JsonConvert.SerializeObject(new
+                            {
+                                src = svalue
+                            }, Formatting.None), pvalue.Culture, pvalue.Segment);
                         }
                         else
                         {
diff --git a/src/Umbraco.Web/PropertyEditors/ImageCropperPropertyValueEditor.cs b/src/Umbraco.Web/PropertyEditors/ImageCropperPropertyValueEditor.cs
index 8e13d1bb5a..e6c6040325 100644
--- a/src/Umbraco.Web/PropertyEditors/ImageCropperPropertyValueEditor.cs
+++ b/src/Umbraco.Web/PropertyEditors/ImageCropperPropertyValueEditor.cs
@@ -190,6 +190,10 @@ namespace Umbraco.Web.PropertyEditors
             {
                 src = val,
                 crops = crops
+            }, new JsonSerializerSettings()
+            {
+                Formatting = Formatting.None,
+                NullValueHandling = NullValueHandling.Ignore
             });
         }
     }
diff --git a/src/Umbraco.Web/PropertyEditors/MultiUrlPickerValueEditor.cs b/src/Umbraco.Web/PropertyEditors/MultiUrlPickerValueEditor.cs
index aae691f624..69c8b26c6f 100644
--- a/src/Umbraco.Web/PropertyEditors/MultiUrlPickerValueEditor.cs
+++ b/src/Umbraco.Web/PropertyEditors/MultiUrlPickerValueEditor.cs
@@ -123,22 +123,26 @@ namespace Umbraco.Web.PropertyEditors
 
         private static readonly JsonSerializerSettings LinkDisplayJsonSerializerSettings = new JsonSerializerSettings
         {
+            Formatting = Formatting.None,
             NullValueHandling = NullValueHandling.Ignore
         };
 
         public override object FromEditor(ContentPropertyData editorValue, object currentValue)
         {
             var value = editorValue.Value?.ToString();
-
             if (string.IsNullOrEmpty(value))
             {
-                return string.Empty;
+                return null;
             }
 
             try
             {
+                var links = JsonConvert.DeserializeObject<List<LinkDisplay>>(value);
+                if (links.Count == 0)
+                    return null;
+
                 return JsonConvert.SerializeObject(
-                    from link in JsonConvert.DeserializeObject<List<LinkDisplay>>(value)
+                    from link in links
                     select new MultiUrlPickerValueEditor.LinkDto
                     {
                         Name = link.Name,
@@ -146,8 +150,8 @@ namespace Umbraco.Web.PropertyEditors
                         Target = link.Target,
                         Udi = link.Udi,
                         Url = link.Udi == null ? link.Url : null, // only save the URL for external links
-                    }, LinkDisplayJsonSerializerSettings
-                    );
+                    },
+                    LinkDisplayJsonSerializerSettings);
             }
             catch (Exception ex)
             {
diff --git a/src/Umbraco.Web/PropertyEditors/MultipleTextStringPropertyEditor.cs b/src/Umbraco.Web/PropertyEditors/MultipleTextStringPropertyEditor.cs
index fa82bc555c..99a57500cc 100644
--- a/src/Umbraco.Web/PropertyEditors/MultipleTextStringPropertyEditor.cs
+++ b/src/Umbraco.Web/PropertyEditors/MultipleTextStringPropertyEditor.cs
@@ -60,7 +60,7 @@ namespace Umbraco.Web.PropertyEditors
             public override object FromEditor(ContentPropertyData editorValue, object currentValue)
             {
                 var asArray = editorValue.Value as JArray;
-                if (asArray == null)
+                if (asArray == null || asArray.HasValues == false)
                 {
                     return null;
                 }
diff --git a/src/Umbraco.Web/PropertyEditors/MultipleValueEditor.cs b/src/Umbraco.Web/PropertyEditors/MultipleValueEditor.cs
index bbeaff184e..e7123b2147 100644
--- a/src/Umbraco.Web/PropertyEditors/MultipleValueEditor.cs
+++ b/src/Umbraco.Web/PropertyEditors/MultipleValueEditor.cs
@@ -49,14 +49,18 @@ namespace Umbraco.Web.PropertyEditors
         public override object FromEditor(Core.Models.Editors.ContentPropertyData editorValue, object currentValue)
         {
             var json = editorValue.Value as JArray;
-            if (json == null)
+            if (json == null || json.HasValues == false)
             {
                 return null;
             }
 
             var values = json.Select(item => item.Value<string>()).ToArray();
+            if (values.Length == 0)
+            {
+                return null;
+            }
 
-            return JsonConvert.SerializeObject(values);
+            return JsonConvert.SerializeObject(values, Formatting.None);
         }
     }
 }
diff --git a/src/Umbraco.Web/PropertyEditors/NestedContentPropertyEditor.cs b/src/Umbraco.Web/PropertyEditors/NestedContentPropertyEditor.cs
index b0eeacacd9..2569ab5688 100644
--- a/src/Umbraco.Web/PropertyEditors/NestedContentPropertyEditor.cs
+++ b/src/Umbraco.Web/PropertyEditors/NestedContentPropertyEditor.cs
@@ -103,7 +103,7 @@ namespace Umbraco.Web.PropertyEditors
                 var rows = _nestedContentValues.GetPropertyValues(propertyValue);
 
                 if (rows.Count == 0)
-                    return string.Empty;
+                    return null;
 
                 foreach (var row in rows.ToList())
                 {
@@ -134,7 +134,7 @@ namespace Umbraco.Web.PropertyEditors
                     }
                 }
 
-                return JsonConvert.SerializeObject(rows).ToXmlString<string>();
+                return JsonConvert.SerializeObject(rows, Formatting.None).ToXmlString<string>();
             }
 
             #endregion
@@ -229,7 +229,7 @@ namespace Umbraco.Web.PropertyEditors
                 var rows = _nestedContentValues.GetPropertyValues(editorValue.Value);
 
                 if (rows.Count == 0)
-                    return string.Empty;
+                    return null;
 
                 foreach (var row in rows.ToList())
                 {
@@ -254,8 +254,9 @@ namespace Umbraco.Web.PropertyEditors
                 }
 
                 // return json
-                return JsonConvert.SerializeObject(rows);
+                return JsonConvert.SerializeObject(rows, Formatting.None);
             }
+
             #endregion
 
             public IEnumerable<UmbracoEntityReference> GetReferences(object value)
diff --git a/src/Umbraco.Web/PropertyEditors/RichTextPropertyEditor.cs b/src/Umbraco.Web/PropertyEditors/RichTextPropertyEditor.cs
index 42777f11ad..2d698835b0 100644
--- a/src/Umbraco.Web/PropertyEditors/RichTextPropertyEditor.cs
+++ b/src/Umbraco.Web/PropertyEditors/RichTextPropertyEditor.cs
@@ -142,7 +142,7 @@ namespace Umbraco.Web.PropertyEditors
                 var editorValueWithMediaUrlsRemoved = _imageSourceParser.RemoveImageSources(parseAndSavedTempImages);
                 var parsed = MacroTagParser.FormatRichTextContentForPersistence(editorValueWithMediaUrlsRemoved);
 
-                return parsed;
+                return parsed.NullOrWhiteSpaceAsNull();
             }
 
             /// <summary>
diff --git a/src/Umbraco.Web/PropertyEditors/TagsPropertyEditor.cs b/src/Umbraco.Web/PropertyEditors/TagsPropertyEditor.cs
index 6066bf7dfb..41e22541c8 100644
--- a/src/Umbraco.Web/PropertyEditors/TagsPropertyEditor.cs
+++ b/src/Umbraco.Web/PropertyEditors/TagsPropertyEditor.cs
@@ -52,7 +52,7 @@ namespace Umbraco.Web.PropertyEditors
 
                 if (editorValue.Value is JArray json)
                 {
-                    return json.Select(x => x.Value<string>());
+                    return json.HasValues ? json.Select(x => x.Value<string>()) : null;
                 }
 
                 if (string.IsNullOrWhiteSpace(value) == false)

From 0eed6412359f9359f42b3cc0725d4764bb4429dc Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Thu, 13 Jan 2022 13:12:44 +0100
Subject: [PATCH 16/81] Delete temp document type file if validation fails
 (#11836)

Co-authored-by: Elitsa Marinovska <elm@umbraco.dk>
---
 .../Editors/ContentTypeController.cs          | 24 +++++++++++--------
 1 file changed, 14 insertions(+), 10 deletions(-)

diff --git a/src/Umbraco.Web/Editors/ContentTypeController.cs b/src/Umbraco.Web/Editors/ContentTypeController.cs
index 62787fbedb..f425599d99 100644
--- a/src/Umbraco.Web/Editors/ContentTypeController.cs
+++ b/src/Umbraco.Web/Editors/ContentTypeController.cs
@@ -284,9 +284,9 @@ namespace Umbraco.Web.Editors
 
         public DocumentTypeDisplay PostSave(DocumentTypeSave contentTypeSave)
         {
-            //Before we send this model into this saving/mapping pipeline, we need to do some cleanup on variations.	
-            //If the doc type does not allow content variations, we need to update all of it's property types to not allow this either	
-            //else we may end up with ysods. I'm unsure if the service level handles this but we'll make sure it is updated here	
+            //Before we send this model into this saving/mapping pipeline, we need to do some cleanup on variations.
+            //If the doc type does not allow content variations, we need to update all of it's property types to not allow this either
+            //else we may end up with ysods. I'm unsure if the service level handles this but we'll make sure it is updated here
             if (!contentTypeSave.AllowCultureVariant)
             {
                 foreach (var prop in contentTypeSave.Groups.SelectMany(x => x.Properties))
@@ -301,16 +301,16 @@ namespace Umbraco.Web.Editors
                 saveContentType: type => Services.ContentTypeService.Save(type),
                 beforeCreateNew: ctSave =>
                 {
-                    //create a default template if it doesn't exist -but only if default template is == to the content type	
+                    //create a default template if it doesn't exist -but only if default template is == to the content type
                     if (ctSave.DefaultTemplate.IsNullOrWhiteSpace() == false && ctSave.DefaultTemplate == ctSave.Alias)
                     {
                         var template = CreateTemplateForContentType(ctSave.Alias, ctSave.Name);
 
-                        // If the alias has been manually updated before the first save,	
-                        // make sure to also update the first allowed template, as the	
-                        // name will come back as a SafeAlias of the document type name,	
-                        // not as the actual document type alias.	
-                        // For more info: http://issues.umbraco.org/issue/U4-11059	
+                        // If the alias has been manually updated before the first save,
+                        // make sure to also update the first allowed template, as the
+                        // name will come back as a SafeAlias of the document type name,
+                        // not as the actual document type alias.
+                        // For more info: http://issues.umbraco.org/issue/U4-11059
                         if (ctSave.DefaultTemplate != template.Alias)
                         {
                             var allowedTemplates = ctSave.AllowedTemplates.ToArray();
@@ -319,7 +319,7 @@ namespace Umbraco.Web.Editors
                             ctSave.AllowedTemplates = allowedTemplates;
                         }
 
-                        //make sure the template alias is set on the default and allowed template so we can map it back	
+                        //make sure the template alias is set on the default and allowed template so we can map it back
                         ctSave.DefaultTemplate = template.Alias;
 
                     }
@@ -611,6 +611,8 @@ namespace Umbraco.Web.Editors
                 }
                 else
                 {
+                    // Cleanup the temp file
+                    System.IO.File.Delete(destFileName);
                     model.Notifications.Add(new Notification(
                         Services.TextService.Localize("speechBubbles", "operationFailedHeader"),
                         Services.TextService.Localize("media", "disallowedFileType"),
@@ -619,6 +621,8 @@ namespace Umbraco.Web.Editors
             }
             else
             {
+                // Cleanup the temp file
+                System.IO.File.Delete(result.FileData[0].LocalFileName);
                 model.Notifications.Add(new Notification(
                                         Services.TextService.Localize("speechBubbles", "operationFailedHeader"),
                                         Services.TextService.Localize("media", "invalidFileName"),

From 0e9525d216ea66ea4eaf2528ca25717e5e7b9cc1 Mon Sep 17 00:00:00 2001
From: Nikolaj Geisle <70372949+Zeegaan@users.noreply.github.com>
Date: Mon, 17 Jan 2022 08:32:13 +0100
Subject: [PATCH 17/81] Added null check

---
 src/Umbraco.Web/WebApi/EnableDetailedErrorsAttribute.cs | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/Umbraco.Web/WebApi/EnableDetailedErrorsAttribute.cs b/src/Umbraco.Web/WebApi/EnableDetailedErrorsAttribute.cs
index 3df6ffb47b..5d6d53ab52 100644
--- a/src/Umbraco.Web/WebApi/EnableDetailedErrorsAttribute.cs
+++ b/src/Umbraco.Web/WebApi/EnableDetailedErrorsAttribute.cs
@@ -12,7 +12,12 @@ namespace Umbraco.Web.WebApi
     {
         public override void OnActionExecuting(HttpActionContext actionContext)
         {
-            actionContext.ControllerContext.Configuration.IncludeErrorDetailPolicy = HttpContext.Current.IsDebuggingEnabled ? IncludeErrorDetailPolicy.Always : IncludeErrorDetailPolicy.Default;
+            if (HttpContext.Current?.IsDebuggingEnabled ?? false)
+            {
+                actionContext.ControllerContext.Configuration.IncludeErrorDetailPolicy = IncludeErrorDetailPolicy.Always;
+            }
+
+            actionContext.ControllerContext.Configuration.IncludeErrorDetailPolicy = IncludeErrorDetailPolicy.Default;
         }
     }
 }

From 366a8ba56501bf49ff641852200ced7155bbf548 Mon Sep 17 00:00:00 2001
From: Paul Johnson <pmj@umbraco.com>
Date: Mon, 17 Jan 2022 10:38:34 +0000
Subject: [PATCH 18/81] Prevent issues for those who wish use
 ServiceBasedControllerActivator.

Adds registration for CurrentUserController which has ambiguous constructors.
Register our controllers so that issues are visible during dev/test.
---
 .../UmbracoBuilderExtensions.cs               | 20 +++++-
 .../ControllersAsServicesComposer.cs          | 61 +++++++++++++++++++
 2 files changed, 80 insertions(+), 1 deletion(-)
 create mode 100644 src/Umbraco.Web.UI/Composers/ControllersAsServicesComposer.cs

diff --git a/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilderExtensions.cs b/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilderExtensions.cs
index 2c801e963b..46002a6c8d 100644
--- a/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilderExtensions.cs
+++ b/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilderExtensions.cs
@@ -1,6 +1,7 @@
 using System;
 using System.Linq;
 using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.DependencyInjection.Extensions;
 using Microsoft.Extensions.Logging;
 using Umbraco.Cms.Core.Cache;
 using Umbraco.Cms.Core.DependencyInjection;
@@ -54,7 +55,8 @@ namespace Umbraco.Extensions
                 .AddCoreNotifications()
                 .AddLogViewer()
                 .AddExamine()
-                .AddExamineIndexes();
+                .AddExamineIndexes()
+                .AddControllersWithAmbiguousConstructors();
 
         public static IUmbracoBuilder AddUnattendedInstallInstallCreateUser(this IUmbracoBuilder builder)
         {
@@ -119,5 +121,21 @@ namespace Umbraco.Extensions
 
             return builder;
         }
+
+        /// <summary>
+        /// Adds explicit registrations for controllers with ambiguous constructors to prevent downstream issues for
+        /// users who wish to use <see cref="Microsoft.AspNetCore.Mvc.Controllers.ServiceBasedControllerActivator"/>
+        /// </summary>
+        public static IUmbracoBuilder AddControllersWithAmbiguousConstructors(
+            this IUmbracoBuilder builder)
+        {
+            builder.Services.TryAddTransient(sp =>
+            {
+                IUserDataService userDataService = sp.GetRequiredService<IUserDataService>();
+                return ActivatorUtilities.CreateInstance<CurrentUserController>(sp, userDataService);
+            });
+
+            return builder;
+        }
     }
 }
diff --git a/src/Umbraco.Web.UI/Composers/ControllersAsServicesComposer.cs b/src/Umbraco.Web.UI/Composers/ControllersAsServicesComposer.cs
new file mode 100644
index 0000000000..042343df67
--- /dev/null
+++ b/src/Umbraco.Web.UI/Composers/ControllersAsServicesComposer.cs
@@ -0,0 +1,61 @@
+using System;
+using System.Linq;
+using Microsoft.AspNetCore.Mvc.Controllers;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.DependencyInjection.Extensions;
+using Umbraco.Cms.Core.Composing;
+using Umbraco.Cms.Core.DependencyInjection;
+
+namespace Umbraco.Cms.Web.UI.Composers
+{
+    /// <summary>
+    /// Adds controllers to the service collection.
+    /// </summary>
+    /// <remarks>
+    /// <para>
+    /// Umbraco 9 out of the box, makes use of <see cref="DefaultControllerActivator"/> which doesn't resolve controller
+    /// instances from the IOC container, instead it resolves the required dependencies of the controller and constructs an instance
+    /// of the controller.
+    /// </para>
+    /// <para>
+    /// Some users may wish to switch to <see cref="ServiceBasedControllerActivator"/> (perhaps to make use of interception/decoration).
+    /// </para>
+    /// <para>
+    /// This composer exists to help us detect ambiguous constructors in the CMS such that we do not cause unnecessary effort downstream.
+    /// </para>
+    /// <para>
+    /// This Composer is not shipped by the Umbraco.Templates package.
+    /// </para>
+    /// </remarks>
+    public class ControllersAsServicesComposer : IComposer
+    {
+        /// <inheritdoc />
+        public void Compose(IUmbracoBuilder builder) => builder.Services
+            .AddMvc()
+            .AddControllersAsServicesWithoutChangingActivator();
+    }
+
+    internal static class MvcBuilderExtensions
+    {
+        /// <summary>
+        /// <see cref="MvcCoreMvcBuilderExtensions.AddControllersAsServices"/> but without the replacement of
+        /// <see cref="DefaultControllerActivator"/>.
+        /// </summary>
+        /// <remarks>
+        /// We don't need to opt in to <see cref="ServiceBasedControllerActivator"/> to ensure container validation
+        /// passes.
+        /// </remarks>
+        public static IMvcBuilder AddControllersAsServicesWithoutChangingActivator(this IMvcBuilder builder)
+        {
+            var feature = new ControllerFeature();
+            builder.PartManager.PopulateFeature(feature);
+
+            foreach (Type controller in feature.Controllers.Select(c => c.AsType()))
+            {
+                builder.Services.TryAddTransient(controller, controller);
+            }
+
+            return builder;
+        }
+    }
+}

From 72f30eb937c63433c83eefb35e534eacb0f77df4 Mon Sep 17 00:00:00 2001
From: Elitsa Marinovska <elm@umbraco.dk>
Date: Tue, 18 Jan 2022 15:19:05 +0100
Subject: [PATCH 19/81] Adding else case

---
 src/Umbraco.Web/WebApi/EnableDetailedErrorsAttribute.cs | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/Umbraco.Web/WebApi/EnableDetailedErrorsAttribute.cs b/src/Umbraco.Web/WebApi/EnableDetailedErrorsAttribute.cs
index 5d6d53ab52..ef07dfcb79 100644
--- a/src/Umbraco.Web/WebApi/EnableDetailedErrorsAttribute.cs
+++ b/src/Umbraco.Web/WebApi/EnableDetailedErrorsAttribute.cs
@@ -16,8 +16,10 @@ namespace Umbraco.Web.WebApi
             {
                 actionContext.ControllerContext.Configuration.IncludeErrorDetailPolicy = IncludeErrorDetailPolicy.Always;
             }
-
-            actionContext.ControllerContext.Configuration.IncludeErrorDetailPolicy = IncludeErrorDetailPolicy.Default;
+            else
+            {
+                actionContext.ControllerContext.Configuration.IncludeErrorDetailPolicy = IncludeErrorDetailPolicy.Default;
+            }
         }
     }
 }

From 24519f6dad121e846395d58179804647688291f4 Mon Sep 17 00:00:00 2001
From: Elitsa Marinovska <21998037+elit0451@users.noreply.github.com>
Date: Tue, 18 Jan 2022 15:38:03 +0100
Subject: [PATCH 20/81] Allowlisting remote URLs for displaying content on the
 content dashboard (#11822)

* Implement allowlisting of urls when fetching data for the content dashboard

* Adding a new setting in the config & removing inexistent one

* Adding description

* Adding description

* Tidy up code
---
 src/Umbraco.Core/Constants-AppSettings.cs     |  5 +++
 .../Dashboards/ContentDashboardSettings.cs    | 11 ++++++-
 .../Dashboards/IContentDashboardSettings.cs   |  6 ++++
 src/Umbraco.Web.UI/web.Template.config        |  2 +-
 .../Editors/DashboardController.cs            | 31 ++++++++++++++++++-
 5 files changed, 52 insertions(+), 3 deletions(-)

diff --git a/src/Umbraco.Core/Constants-AppSettings.cs b/src/Umbraco.Core/Constants-AppSettings.cs
index de7799c165..4e5619813e 100644
--- a/src/Umbraco.Core/Constants-AppSettings.cs
+++ b/src/Umbraco.Core/Constants-AppSettings.cs
@@ -120,6 +120,11 @@ namespace Umbraco.Core
             /// </summary>
             public const string ContentDashboardPath = "Umbraco.Core.ContentDashboardPath";
 
+            /// <summary>
+            /// A list of allowed addresses to fetch content for the content dashboard.
+            /// </summary>
+            public const string ContentDashboardUrlAllowlist = "Umbraco.Core.ContentDashboardUrl-Allowlist";
+
             /// <summary>
             /// TODO: FILL ME IN
             /// </summary>
diff --git a/src/Umbraco.Core/Dashboards/ContentDashboardSettings.cs b/src/Umbraco.Core/Dashboards/ContentDashboardSettings.cs
index b370f93eca..24daecf0b8 100644
--- a/src/Umbraco.Core/Dashboards/ContentDashboardSettings.cs
+++ b/src/Umbraco.Core/Dashboards/ContentDashboardSettings.cs
@@ -2,7 +2,7 @@
 
 namespace Umbraco.Core.Dashboards
 {
-    public class ContentDashboardSettings: IContentDashboardSettings
+    public class ContentDashboardSettings : IContentDashboardSettings
     {
         private const string DefaultContentDashboardPath = "cms";
 
@@ -30,5 +30,14 @@ namespace Umbraco.Core.Dashboards
             ConfigurationManager.AppSettings.ContainsKey(Constants.AppSettings.ContentDashboardPath)
                 ? ConfigurationManager.AppSettings[Constants.AppSettings.ContentDashboardPath]
                 : DefaultContentDashboardPath;
+
+        /// <summary>
+        /// Gets the allowed addresses to retrieve data for the content dashboard.
+        /// </summary>
+        /// <value>The URLs.</value>
+        public string ContentDashboardUrlAllowlist =>
+            ConfigurationManager.AppSettings.ContainsKey(Constants.AppSettings.ContentDashboardUrlAllowlist)
+                ? ConfigurationManager.AppSettings[Constants.AppSettings.ContentDashboardUrlAllowlist]
+                : null;
     }
 }
diff --git a/src/Umbraco.Core/Dashboards/IContentDashboardSettings.cs b/src/Umbraco.Core/Dashboards/IContentDashboardSettings.cs
index f5c4e3da78..518a217bf8 100644
--- a/src/Umbraco.Core/Dashboards/IContentDashboardSettings.cs
+++ b/src/Umbraco.Core/Dashboards/IContentDashboardSettings.cs
@@ -16,5 +16,11 @@
         /// </summary>
         /// <value>The URL path.</value>
         string ContentDashboardPath { get; }
+
+        /// <summary>
+        /// Gets the allowed addresses to retrieve data for the content dashboard.
+        /// </summary>
+        /// <value>The URLs.</value>
+        string ContentDashboardUrlAllowlist { get; }
     }
 }
diff --git a/src/Umbraco.Web.UI/web.Template.config b/src/Umbraco.Web.UI/web.Template.config
index f19ab5d3b6..e4e3e19bcb 100644
--- a/src/Umbraco.Web.UI/web.Template.config
+++ b/src/Umbraco.Web.UI/web.Template.config
@@ -38,7 +38,7 @@
         <add key="Umbraco.Core.DefaultUILanguage" value="en-US" />
         <add key="Umbraco.Core.UseHttps" value="false" />
         <add key="Umbraco.Core.AllowContentDashboardAccessToAllUsers" value="true"/>
-        <add key="Umbraco.Core.ContentDashboardBaseUrl" value=""/>
+        <add key="Umbraco.Core.ContentDashboardUrl-Allowlist" value=""/>
 
         <add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
         <add key="webpages:Enabled" value="false" />
diff --git a/src/Umbraco.Web/Editors/DashboardController.cs b/src/Umbraco.Web/Editors/DashboardController.cs
index cf56cc4be8..1073bef413 100644
--- a/src/Umbraco.Web/Editors/DashboardController.cs
+++ b/src/Umbraco.Web/Editors/DashboardController.cs
@@ -17,9 +17,9 @@ using Umbraco.Core.Logging;
 using Umbraco.Core.Persistence;
 using Umbraco.Core.Services;
 using Umbraco.Core.Dashboards;
-using Umbraco.Core.IO;
 using Umbraco.Core.Models;
 using Umbraco.Web.Services;
+using System.Web.Http;
 
 namespace Umbraco.Web.Editors
 {
@@ -61,6 +61,8 @@ namespace Umbraco.Web.Editors
             var version = UmbracoVersion.SemanticVersion.ToSemanticString();
             var isAdmin = user.IsAdmin();
 
+            VerifyDashboardSource(baseUrl);
+
             var url = string.Format("{0}{1}?section={2}&allowed={3}&lang={4}&version={5}&admin={6}",
                 baseUrl,
                 _dashboardSettings.ContentDashboardPath,
@@ -103,6 +105,8 @@ namespace Umbraco.Web.Editors
 
         public async Task<HttpResponseMessage> GetRemoteDashboardCss(string section, string baseUrl = "https://dashboard.umbraco.org/")
         {
+            VerifyDashboardSource(baseUrl);
+
             var url = string.Format(baseUrl + "css/dashboard.css?section={0}", section);
             var key = "umbraco-dynamic-dashboard-css-" + section;
 
@@ -144,6 +148,8 @@ namespace Umbraco.Web.Editors
 
         public async Task<HttpResponseMessage> GetRemoteXml(string site, string url)
         {
+            VerifyDashboardSource(url);
+
             // This is used in place of the old feedproxy.config
             // Which was used to grab data from our.umbraco.com, umbraco.com or umbraco.tv
             // for certain dashboards or the help drawer
@@ -228,5 +234,28 @@ namespace Umbraco.Web.Editors
                 })
             }).ToList();
         }
+
+        // Checks if the passed URL is part of the configured allowlist of addresses
+        private bool IsAllowedUrl(string url)
+        {
+            // No addresses specified indicates that any URL is allowed
+            if (string.IsNullOrEmpty(_dashboardSettings.ContentDashboardUrlAllowlist) || _dashboardSettings.ContentDashboardUrlAllowlist.Contains(url))
+            {
+                return true;
+            }
+            else
+            {
+                return false;
+            }
+        }
+
+        private void VerifyDashboardSource(string url)
+        {
+            if(!IsAllowedUrl(url))
+            {
+                Logger.Error<DashboardController>($"The following URL is not listed in the allowlist for ContentDashboardUrl in the Web.config: {url}");
+                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Dashboard source not permitted"));
+            }
+        }
     }
 }

From c60d8c8ab8836f21369a11ce5496f643db7a1556 Mon Sep 17 00:00:00 2001
From: Paul Johnson <pmj@umbraco.com>
Date: Wed, 19 Jan 2022 07:32:33 +0000
Subject: [PATCH 21/81] Added EntityController.GetUrlsByIds support for int &
 guid + update MNTP (#11680)

Fixes issue with MNTP (for 8.18) in a partial view macro - GH #11631

Renamed GetUrlsByUdis to match, don't do this in v9 as it would be
breaking there, instead mark it obsolete.

TODO: v9 ensure integration test coverage, more painful here as no
WebApplicationFactory.
---
 .../common/mocks/resources/entity.mocks.js    |   6 +-
 .../src/common/resources/entity.resource.js   |  10 +-
 .../contentpicker/contentpicker.controller.js |   2 +-
 src/Umbraco.Web/Editors/EntityController.cs   | 141 +++++++++++++++---
 4 files changed, 130 insertions(+), 29 deletions(-)

diff --git a/src/Umbraco.Web.UI.Client/src/common/mocks/resources/entity.mocks.js b/src/Umbraco.Web.UI.Client/src/common/mocks/resources/entity.mocks.js
index 05594115e1..08c28fcbd1 100644
--- a/src/Umbraco.Web.UI.Client/src/common/mocks/resources/entity.mocks.js
+++ b/src/Umbraco.Web.UI.Client/src/common/mocks/resources/entity.mocks.js
@@ -34,7 +34,7 @@ angular.module('umbraco.mocks').
           return [200, nodes, null];
       }
 
-      function returnUrlsbyUdis(status, data, headers) {
+      function returnUrlsByIds(status, data, headers) {
 
           if (!mocksUtils.checkAuth()) {
               return [401, null, null];
@@ -83,8 +83,8 @@ angular.module('umbraco.mocks').
                   .respond(returnEntitybyIdsPost);
 
               $httpBackend
-                  .whenPOST(mocksUtils.urlRegex('/umbraco/UmbracoApi/Entity/GetUrlsByUdis'))
-                  .respond(returnUrlsbyUdis);
+                  .whenPOST(mocksUtils.urlRegex('/umbraco/UmbracoApi/Entity/GetUrlsByIds'))
+                  .respond(returnUrlsByIds);
 
               $httpBackend
                   .whenGET(mocksUtils.urlRegex('/umbraco/UmbracoApi/Entity/GetAncestors'))
diff --git a/src/Umbraco.Web.UI.Client/src/common/resources/entity.resource.js b/src/Umbraco.Web.UI.Client/src/common/resources/entity.resource.js
index 44be85b8fd..6e7ace9a8d 100644
--- a/src/Umbraco.Web.UI.Client/src/common/resources/entity.resource.js
+++ b/src/Umbraco.Web.UI.Client/src/common/resources/entity.resource.js
@@ -127,19 +127,19 @@ function entityResource($q, $http, umbRequestHelper) {
                'Failed to retrieve url for id:' + id);
         },
 
-        getUrlsByUdis: function(udis, culture) {
-          var query = "culture=" + (culture || "");
+        getUrlsByIds: function(ids, type, culture) {
+          var query = `type=${type}&culture=${culture || ""}`;
 
           return umbRequestHelper.resourcePromise(
              $http.post(
                  umbRequestHelper.getApiUrl(
                      "entityApiBaseUrl",
-                     "GetUrlsByUdis",
+                     "GetUrlsByIds",
                      query),
                  {
-                     udis: udis
+                     ids: ids
                  }),
-             'Failed to retrieve url map for udis ' + udis);
+             'Failed to retrieve url map for ids ' + ids);
         },
 
         getUrlByUdi: function (udi, culture) {
diff --git a/src/Umbraco.Web.UI.Client/src/views/propertyeditors/contentpicker/contentpicker.controller.js b/src/Umbraco.Web.UI.Client/src/views/propertyeditors/contentpicker/contentpicker.controller.js
index 1ecd6bdf26..d2a1710e49 100644
--- a/src/Umbraco.Web.UI.Client/src/views/propertyeditors/contentpicker/contentpicker.controller.js
+++ b/src/Umbraco.Web.UI.Client/src/views/propertyeditors/contentpicker/contentpicker.controller.js
@@ -421,7 +421,7 @@ function contentPickerController($scope, $q, $routeParams, $location, entityReso
 
                 var requests = [
                     entityResource.getByIds(missingIds, entityType),
-                    entityResource.getUrlsByUdis(missingIds)
+                    entityResource.getUrlsByIds(missingIds, entityType)
                 ];
 
                 return $q.all(requests).then(function ([data, urlMap]) {
diff --git a/src/Umbraco.Web/Editors/EntityController.cs b/src/Umbraco.Web/Editors/EntityController.cs
index 573246e1f0..c0535bf787 100644
--- a/src/Umbraco.Web/Editors/EntityController.cs
+++ b/src/Umbraco.Web/Editors/EntityController.cs
@@ -76,7 +76,8 @@ namespace Umbraco.Web.Editors
                     new ParameterSwapControllerActionSelector.ParameterSwapInfo("GetPath", "id", typeof(int), typeof(Guid), typeof(Udi)),
                     new ParameterSwapControllerActionSelector.ParameterSwapInfo("GetUrlAndAnchors", "id", typeof(int), typeof(Guid), typeof(Udi)),
                     new ParameterSwapControllerActionSelector.ParameterSwapInfo("GetById", "id", typeof(int), typeof(Guid), typeof(Udi)),
-                    new ParameterSwapControllerActionSelector.ParameterSwapInfo("GetByIds", "ids", typeof(int[]), typeof(Guid[]), typeof(Udi[]))));
+                    new ParameterSwapControllerActionSelector.ParameterSwapInfo("GetByIds", "ids", typeof(int[]), typeof(Guid[]), typeof(Udi[])),
+                    new ParameterSwapControllerActionSelector.ParameterSwapInfo("GetUrlsByIds", "ids", typeof(int[]), typeof(Guid[]), typeof(Udi[]))));
             }
         }
 
@@ -236,47 +237,147 @@ namespace Umbraco.Web.Editors
         }
 
         /// <summary>
-        /// Get entity URLs by UDIs
+        /// Get entity URLs by IDs
         /// </summary>
-        /// <param name="udis">
-        /// A list of UDIs to lookup items by
+        /// <param name="ids">
+        /// A list of IDs to lookup items by
         /// </param>
-        /// <param name="culture">The culture to fetch the URL for</param>
+        /// <param name="type">The entity type to look for.</param>
+        /// <param name="culture">The culture to fetch the URL for.</param>
         /// <returns>Dictionary mapping Udi -> Url</returns>
         /// <remarks>
         /// We allow for POST because there could be quite a lot of Ids.
         /// </remarks>
         [HttpGet]
         [HttpPost]
-        public IDictionary<Udi, string> GetUrlsByUdis([FromJsonPath] Udi[] udis, string culture = null)
+        public IDictionary<int, string> GetUrlsByIds([FromJsonPath] int[] ids, [FromUri] UmbracoEntityTypes type, [FromUri] string culture = null)
         {
-            if (udis == null || udis.Length == 0)
+            if (ids == null || !ids.Any())
+            {
+                return new Dictionary<int, string>();
+            }
+
+            string MediaOrDocumentUrl(int id)
+            {
+                switch (type)
+                {
+                    case UmbracoEntityTypes.Document:
+                        return UmbracoContext.UrlProvider.GetUrl(id, culture: culture ?? ClientCulture());
+                    case UmbracoEntityTypes.Media: {
+                        var media = UmbracoContext.Media.GetById(id);
+                        // NOTE: If culture is passed here we get an empty string rather than a media item URL.
+                        return UmbracoContext.UrlProvider.GetMediaUrl(media, culture: null);
+                    }
+                    default:
+                        return null;
+                }
+            }
+
+            return ids
+                .Distinct()
+                .Select(id => new {
+                    Id = id,
+                    Url = MediaOrDocumentUrl(id)
+                }).ToDictionary(x => x.Id, x => x.Url);
+        }
+
+        /// <summary>
+        /// Get entity URLs by IDs
+        /// </summary>
+        /// <param name="ids">
+        /// A list of IDs to lookup items by
+        /// </param>
+        /// <param name="type">The entity type to look for.</param>
+        /// <param name="culture">The culture to fetch the URL for.</param>
+        /// <returns>Dictionary mapping Udi -> Url</returns>
+        /// <remarks>
+        /// We allow for POST because there could be quite a lot of Ids.
+        /// </remarks>
+        [HttpGet]
+        [HttpPost]
+        public IDictionary<Guid, string> GetUrlsByIds([FromJsonPath] Guid[] ids, [FromUri] UmbracoEntityTypes type, [FromUri] string culture = null)
+        {
+            if (ids == null || !ids.Any())
+            {
+                return new Dictionary<Guid, string>();
+            }
+
+            string MediaOrDocumentUrl(Guid id)
+            {
+                switch (type)
+                {
+                    case UmbracoEntityTypes.Document:
+                        return UmbracoContext.UrlProvider.GetUrl(id, culture: culture ?? ClientCulture());
+                    case UmbracoEntityTypes.Media:
+                    {
+                        var media = UmbracoContext.Media.GetById(id);
+                        // NOTE: If culture is passed here we get an empty string rather than a media item URL.
+                        return UmbracoContext.UrlProvider.GetMediaUrl(media, culture: null);
+                    }
+                    default:
+                        return null;
+                }
+            }
+
+            return ids
+                .Distinct()
+                .Select(id => new {
+                    Id = id,
+                    Url = MediaOrDocumentUrl(id)
+                }).ToDictionary(x => x.Id, x => x.Url);
+        }
+
+        /// <summary>
+        /// Get entity URLs by IDs
+        /// </summary>
+        /// <param name="ids">
+        /// A list of IDs to lookup items by
+        /// </param>
+        /// <param name="type">The entity type to look for.</param>
+        /// <param name="culture">The culture to fetch the URL for.</param>
+        /// <returns>Dictionary mapping Udi -> Url</returns>
+        /// <remarks>
+        /// We allow for POST because there could be quite a lot of Ids.
+        /// </remarks>
+        [HttpGet]
+        [HttpPost]
+        // NOTE: V9 - can't rename GetUrlsByUdis in v9 as it's already released, it's OK to do here as 8.18 isn't out yet.
+        public IDictionary<Udi, string> GetUrlsByIds([FromJsonPath] Udi[] ids, [FromUri] UmbracoEntityTypes type, [FromUri] string culture = null)
+        {
+            if (ids == null || !ids.Any())
             {
                 return new Dictionary<Udi, string>();
             }
 
             // TODO: PMJ 2021-09-27 - Should GetUrl(Udi) exist as an extension method on UrlProvider/IUrlProvider (in v9)
-            string MediaOrDocumentUrl(Udi udi)
+            string MediaOrDocumentUrl(Udi id)
             {
-                if (udi is not GuidUdi guidUdi)
+                if (id is not GuidUdi guidUdi)
                 {
                     return null;
                 }
 
-                return guidUdi.EntityType switch
+                switch (type)
                 {
-                    Constants.UdiEntityType.Document => UmbracoContext.UrlProvider.GetUrl(guidUdi.Guid, culture: culture ?? ClientCulture()),
-                    // NOTE: If culture is passed here we get an empty string rather than a media item URL WAT
-                    Constants.UdiEntityType.Media => UmbracoContext.UrlProvider.GetMediaUrl(guidUdi.Guid, culture: null),
-                    _ => null
-                };
+                    case UmbracoEntityTypes.Document:
+                        return UmbracoContext.UrlProvider.GetUrl(guidUdi.Guid, culture: culture ?? ClientCulture());
+                    case UmbracoEntityTypes.Media:
+                        {
+                            var media = UmbracoContext.Media.GetById(id);
+                            // NOTE: If culture is passed here we get an empty string rather than a media item URL.
+                            return UmbracoContext.UrlProvider.GetMediaUrl(media, culture: null);
+                        }
+                    default:
+                        return null;
+                }
             }
 
-            return udis
-                .Select(udi => new {
-                    Udi = udi,
-                    Url = MediaOrDocumentUrl(udi)
-                }).ToDictionary(x => x.Udi, x => x.Url);
+            return ids
+                .Distinct()
+                .Select(id => new {
+                    Id = id,
+                    Url = MediaOrDocumentUrl(id)
+                }).ToDictionary(x => x.Id, x => x.Url);
         }
 
         /// <summary>

From 12abd883a9fc10bcb38f2272cbd143ebe7d7eac2 Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Fri, 21 Jan 2022 13:10:34 +0100
Subject: [PATCH 22/81] Member 2FA (#11889)

* Bugfix - Take ufprt from form data if the request has form content type, otherwise fallback to use the query

* External linking for members

* Changed migration to reuse old table

* removed unnecessary web.config files

* Cleanup

* Extracted class to own file

* Clean up

* Rollback changes to Umbraco.Web.UI.csproj

* Fixed migration for SqlCE

* Added 2fa for members

* Change notification handler to be on deleted

* Update src/Umbraco.Infrastructure/Security/MemberUserStore.cs

Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>

* updated snippets

* Fixed issue with errors not shown on member linking

* fixed issue with errors

* clean up

* Fix issue where external logins could not be used to upgrade Umbraco, because the externalLogin table was expected to look different. (Like after the migration)

* Fixed issue in Ignore legacy column now using result column.

* Updated 2fa for members + publish notification when 2fa is requested.

* Changed so only Members out of box supports 2fa

* Cleanup

* rollback of csproj file, that should not have been changed

* Removed confirmed flag from db. It was not used.

Handle case where a user is signed up for 2fa, but the provider do not exist anymore. Then it is just ignored until it shows up again

Reintroduced ProviderName on interface, to ensure the class can be renamed safely

* Bugfix

* Registering DeleteTwoFactorLoginsOnMemberDeletedHandler

* Rollback nuget packages added by mistake

* Update src/Umbraco.Infrastructure/Services/Implement/TwoFactorLoginService.cs

Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>

* Update src/Umbraco.Infrastructure/Persistence/Repositories/Implement/TwoFactorLoginRepository.cs

Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>

* Added providername to snippet

Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>
---
 src/Umbraco.Core/Models/ITwoFactorLogin.cs    |  12 ++
 src/Umbraco.Core/Models/TwoFactorLogin.cs     |  13 ++
 .../MemberTwoFactorRequestedNotification.cs   |  14 ++
 .../Persistence/Constants-DatabaseSchema.cs   |   1 +
 .../Repositories/ITwoFactorLoginRepository.cs |  16 ++
 .../Services/ITwoFactorLoginService.cs        |  28 +++
 .../UmbracoBuilder.Repositories.cs            |   2 +
 .../UmbracoBuilder.Services.cs                |   1 +
 .../Install/DatabaseSchemaCreator.cs          |   1 +
 .../Migrations/Upgrade/UmbracoPlan.cs         |   1 +
 .../Upgrade/V_9_3_0/AddTwoFactorLoginTable.cs |  24 +++
 .../Persistence/Dtos/TwoFactorLoginDto.cs     |  33 ++++
 .../Implement/TwoFactorLoginRepository.cs     | 137 +++++++++++++++
 .../Security/BackOfficeIdentityUser.cs        |  19 +++
 ...teTwoFactorLoginsOnMemberDeletedHandler.cs |  33 ++++
 .../Security/ITwoFactorProvider.cs            |  22 +++
 .../Security/MemberIdentityBuilder.cs         |  63 +++++++
 .../Security/MemberUserStore.cs               |  44 ++++-
 .../Security/UmbracoUserManager.cs            |   8 +
 .../Implement/TwoFactorLoginService.cs        | 118 +++++++++++++
 .../UmbracoBuilder.MembersIdentity.cs         |   4 +-
 .../Extensions/IdentityBuilderExtensions.cs   |  10 ++
 .../UmbracoApplicationBuilder.Identity.cs     |  28 +++
 .../Extensions/ViewDataExtensions.cs          |  14 ++
 .../IMemberSignInManagerExternalLogins.cs     |   3 +
 .../Security/MemberManager.cs                 |   3 +
 .../Security/MemberSignInManager.cs           |  59 ++++---
 .../Security/TwoFactorValidationProvider.cs   |  91 ++++++++++
 .../Templates/EditProfile.cshtml              |   4 +-
 .../PartialViewMacros/Templates/Login.cshtml  |  31 ++++
 .../Controllers/UmbExternalLoginController.cs |  23 ++-
 .../Controllers/UmbLoginController.cs         |  65 +++++--
 .../UmbTwoFactorLoginController.cs            | 160 ++++++++++++++++++
 .../Security/MemberManagerTests.cs            |   4 +-
 .../Security/MemberUserStoreTests.cs          |   3 +-
 .../Security/MemberSignInManagerTests.cs      |   9 +-
 36 files changed, 1044 insertions(+), 57 deletions(-)
 create mode 100644 src/Umbraco.Core/Models/ITwoFactorLogin.cs
 create mode 100644 src/Umbraco.Core/Models/TwoFactorLogin.cs
 create mode 100644 src/Umbraco.Core/Notifications/MemberTwoFactorRequestedNotification.cs
 create mode 100644 src/Umbraco.Core/Persistence/Repositories/ITwoFactorLoginRepository.cs
 create mode 100644 src/Umbraco.Core/Services/ITwoFactorLoginService.cs
 create mode 100644 src/Umbraco.Infrastructure/Migrations/Upgrade/V_9_3_0/AddTwoFactorLoginTable.cs
 create mode 100644 src/Umbraco.Infrastructure/Persistence/Dtos/TwoFactorLoginDto.cs
 create mode 100644 src/Umbraco.Infrastructure/Persistence/Repositories/Implement/TwoFactorLoginRepository.cs
 create mode 100644 src/Umbraco.Infrastructure/Security/DeleteTwoFactorLoginsOnMemberDeletedHandler.cs
 create mode 100644 src/Umbraco.Infrastructure/Security/ITwoFactorProvider.cs
 create mode 100644 src/Umbraco.Infrastructure/Security/MemberIdentityBuilder.cs
 create mode 100644 src/Umbraco.Infrastructure/Services/Implement/TwoFactorLoginService.cs
 create mode 100644 src/Umbraco.Web.Common/Security/TwoFactorValidationProvider.cs
 create mode 100644 src/Umbraco.Web.Website/Controllers/UmbTwoFactorLoginController.cs

diff --git a/src/Umbraco.Core/Models/ITwoFactorLogin.cs b/src/Umbraco.Core/Models/ITwoFactorLogin.cs
new file mode 100644
index 0000000000..ca005309b2
--- /dev/null
+++ b/src/Umbraco.Core/Models/ITwoFactorLogin.cs
@@ -0,0 +1,12 @@
+using System;
+using Umbraco.Cms.Core.Models.Entities;
+
+namespace Umbraco.Cms.Core.Models
+{
+    public interface ITwoFactorLogin: IEntity, IRememberBeingDirty
+    {
+        string ProviderName { get; }
+        string Secret { get; }
+        Guid UserOrMemberKey { get; }
+    }
+}
diff --git a/src/Umbraco.Core/Models/TwoFactorLogin.cs b/src/Umbraco.Core/Models/TwoFactorLogin.cs
new file mode 100644
index 0000000000..6ede9606e8
--- /dev/null
+++ b/src/Umbraco.Core/Models/TwoFactorLogin.cs
@@ -0,0 +1,13 @@
+using System;
+using Umbraco.Cms.Core.Models.Entities;
+
+namespace Umbraco.Cms.Core.Models
+{
+    public class TwoFactorLogin : EntityBase, ITwoFactorLogin
+    {
+        public string ProviderName { get; set; }
+        public string Secret { get; set; }
+        public Guid UserOrMemberKey { get; set; }
+        public bool Confirmed { get; set; }
+    }
+}
diff --git a/src/Umbraco.Core/Notifications/MemberTwoFactorRequestedNotification.cs b/src/Umbraco.Core/Notifications/MemberTwoFactorRequestedNotification.cs
new file mode 100644
index 0000000000..980a531ffd
--- /dev/null
+++ b/src/Umbraco.Core/Notifications/MemberTwoFactorRequestedNotification.cs
@@ -0,0 +1,14 @@
+using System;
+
+namespace Umbraco.Cms.Core.Notifications
+{
+    public class MemberTwoFactorRequestedNotification : INotification
+    {
+        public MemberTwoFactorRequestedNotification(Guid memberKey)
+        {
+            MemberKey = memberKey;
+        }
+
+        public Guid MemberKey { get; }
+    }
+}
diff --git a/src/Umbraco.Core/Persistence/Constants-DatabaseSchema.cs b/src/Umbraco.Core/Persistence/Constants-DatabaseSchema.cs
index 37560b4c0a..de5b8c04ae 100644
--- a/src/Umbraco.Core/Persistence/Constants-DatabaseSchema.cs
+++ b/src/Umbraco.Core/Persistence/Constants-DatabaseSchema.cs
@@ -55,6 +55,7 @@ namespace Umbraco.Cms.Core
                 public const string UserGroup2Node = TableNamePrefix + "UserGroup2Node";
                 public const string UserGroup2NodePermission = TableNamePrefix + "UserGroup2NodePermission";
                 public const string ExternalLogin = TableNamePrefix + "ExternalLogin";
+                public const string TwoFactorLogin = TableNamePrefix + "TwoFactorLogin";
                 public const string ExternalLoginToken = TableNamePrefix + "ExternalLoginToken";
 
                 public const string Macro = /*TableNamePrefix*/ "cms" + "Macro";
diff --git a/src/Umbraco.Core/Persistence/Repositories/ITwoFactorLoginRepository.cs b/src/Umbraco.Core/Persistence/Repositories/ITwoFactorLoginRepository.cs
new file mode 100644
index 0000000000..63622f8e82
--- /dev/null
+++ b/src/Umbraco.Core/Persistence/Repositories/ITwoFactorLoginRepository.cs
@@ -0,0 +1,16 @@
+using System;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+using Umbraco.Cms.Core.Models;
+
+namespace Umbraco.Cms.Core.Persistence.Repositories
+{
+    public interface ITwoFactorLoginRepository: IReadRepository<int, ITwoFactorLogin>, IWriteRepository<ITwoFactorLogin>
+    {
+        Task<bool> DeleteUserLoginsAsync(Guid userOrMemberKey);
+        Task<bool> DeleteUserLoginsAsync(Guid userOrMemberKey, string providerName);
+
+        Task<IEnumerable<ITwoFactorLogin>> GetByUserOrMemberKeyAsync(Guid userOrMemberKey);
+    }
+
+}
diff --git a/src/Umbraco.Core/Services/ITwoFactorLoginService.cs b/src/Umbraco.Core/Services/ITwoFactorLoginService.cs
new file mode 100644
index 0000000000..dd11f864fb
--- /dev/null
+++ b/src/Umbraco.Core/Services/ITwoFactorLoginService.cs
@@ -0,0 +1,28 @@
+using System;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+using Umbraco.Cms.Core.Models;
+
+namespace Umbraco.Cms.Core.Services
+{
+    public interface ITwoFactorLoginService : IService
+    {
+        /// <summary>
+        /// Deletes all user logins - normally used when a member is deleted
+        /// </summary>
+        Task DeleteUserLoginsAsync(Guid userOrMemberKey);
+
+        Task<bool> IsTwoFactorEnabledAsync(Guid userKey);
+        Task<string> GetSecretForUserAndProviderAsync(Guid userKey, string providerName);
+
+        Task<object> GetSetupInfoAsync(Guid userOrMemberKey, string providerName);
+
+        IEnumerable<string> GetAllProviderNames();
+        Task<bool> DisableAsync(Guid userOrMemberKey, string providerName);
+
+        bool ValidateTwoFactorSetup(string providerName, string secret, string code);
+        Task SaveAsync(TwoFactorLogin twoFactorLogin);
+        Task<IEnumerable<string>> GetEnabledTwoFactorProviderNamesAsync(Guid userOrMemberKey);
+    }
+
+}
diff --git a/src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.Repositories.cs b/src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.Repositories.cs
index ed2bf67e4a..f9dc43cbd5 100644
--- a/src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.Repositories.cs
+++ b/src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.Repositories.cs
@@ -1,6 +1,7 @@
 using Microsoft.Extensions.DependencyInjection;
 using Umbraco.Cms.Core.DependencyInjection;
 using Umbraco.Cms.Core.Persistence.Repositories;
+using Umbraco.Cms.Core.Services;
 using Umbraco.Cms.Infrastructure.Persistence.Repositories.Implement;
 using Umbraco.Extensions;
 
@@ -30,6 +31,7 @@ namespace Umbraco.Cms.Infrastructure.DependencyInjection
             builder.Services.AddUnique<IDocumentTypeContainerRepository, DocumentTypeContainerRepository>();
             builder.Services.AddUnique<IDomainRepository, DomainRepository>();
             builder.Services.AddUnique<IEntityRepository, EntityRepository>();
+            builder.Services.AddUnique<ITwoFactorLoginRepository, TwoFactorLoginRepository>();
             builder.Services.AddUnique<ExternalLoginRepository>();
             builder.Services.AddUnique<IExternalLoginRepository>(factory => factory.GetRequiredService<ExternalLoginRepository>());
             builder.Services.AddUnique<IExternalLoginWithKeyRepository>(factory => factory.GetRequiredService<ExternalLoginRepository>());
diff --git a/src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.Services.cs b/src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.Services.cs
index c79cbf9d94..aeec82a94e 100644
--- a/src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.Services.cs
+++ b/src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.Services.cs
@@ -75,6 +75,7 @@ namespace Umbraco.Cms.Infrastructure.DependencyInjection
                 ));
             builder.Services.AddUnique<IExternalLoginService>(factory => factory.GetRequiredService<ExternalLoginService>());
             builder.Services.AddUnique<IExternalLoginWithKeyService>(factory => factory.GetRequiredService<ExternalLoginService>());
+            builder.Services.AddUnique<ITwoFactorLoginService, TwoFactorLoginService>();
             builder.Services.AddUnique<IRedirectUrlService, RedirectUrlService>();
             builder.Services.AddUnique<IConsentService, ConsentService>();
             builder.Services.AddTransient(SourcesFactory);
diff --git a/src/Umbraco.Infrastructure/Migrations/Install/DatabaseSchemaCreator.cs b/src/Umbraco.Infrastructure/Migrations/Install/DatabaseSchemaCreator.cs
index 8fb9767eb7..9dab0bd14a 100644
--- a/src/Umbraco.Infrastructure/Migrations/Install/DatabaseSchemaCreator.cs
+++ b/src/Umbraco.Infrastructure/Migrations/Install/DatabaseSchemaCreator.cs
@@ -60,6 +60,7 @@ namespace Umbraco.Cms.Infrastructure.Migrations.Install
             typeof(CacheInstructionDto),
             typeof(ExternalLoginDto),
             typeof(ExternalLoginTokenDto),
+            typeof(TwoFactorLoginDto),
             typeof(RedirectUrlDto),
             typeof(LockDto),
             typeof(UserGroupDto),
diff --git a/src/Umbraco.Infrastructure/Migrations/Upgrade/UmbracoPlan.cs b/src/Umbraco.Infrastructure/Migrations/Upgrade/UmbracoPlan.cs
index 502a4a0e7c..2080034554 100644
--- a/src/Umbraco.Infrastructure/Migrations/Upgrade/UmbracoPlan.cs
+++ b/src/Umbraco.Infrastructure/Migrations/Upgrade/UmbracoPlan.cs
@@ -275,6 +275,7 @@ namespace Umbraco.Cms.Infrastructure.Migrations.Upgrade
             // TO 9.3.0
             To<MovePackageXMLToDb>("{A2F22F17-5870-4179-8A8D-2362AA4A0A5F}");
             To<UpdateExternalLoginToUseKeyInsteadOfId>("{CA7A1D9D-C9D4-4914-BC0A-459E7B9C3C8C}");
+            To<AddTwoFactorLoginTable>("{0828F206-DCF7-4F73-ABBB-6792275532EB}");
 
         }
     }
diff --git a/src/Umbraco.Infrastructure/Migrations/Upgrade/V_9_3_0/AddTwoFactorLoginTable.cs b/src/Umbraco.Infrastructure/Migrations/Upgrade/V_9_3_0/AddTwoFactorLoginTable.cs
new file mode 100644
index 0000000000..c5e569282a
--- /dev/null
+++ b/src/Umbraco.Infrastructure/Migrations/Upgrade/V_9_3_0/AddTwoFactorLoginTable.cs
@@ -0,0 +1,24 @@
+using System.Collections.Generic;
+using Umbraco.Cms.Infrastructure.Persistence.Dtos;
+using Umbraco.Extensions;
+
+namespace Umbraco.Cms.Infrastructure.Migrations.Upgrade.V_9_3_0
+{
+    public class AddTwoFactorLoginTable : MigrationBase
+    {
+        public AddTwoFactorLoginTable(IMigrationContext context) : base(context)
+        {
+        }
+
+        protected override void Migrate()
+        {
+            IEnumerable<string> tables = SqlSyntax.GetTablesInSchema(Context.Database);
+            if (tables.InvariantContains(TwoFactorLoginDto.TableName))
+            {
+                return;
+            }
+
+            Create.Table<TwoFactorLoginDto>().Do();
+        }
+    }
+}
diff --git a/src/Umbraco.Infrastructure/Persistence/Dtos/TwoFactorLoginDto.cs b/src/Umbraco.Infrastructure/Persistence/Dtos/TwoFactorLoginDto.cs
new file mode 100644
index 0000000000..1202fe2a19
--- /dev/null
+++ b/src/Umbraco.Infrastructure/Persistence/Dtos/TwoFactorLoginDto.cs
@@ -0,0 +1,33 @@
+using System;
+using NPoco;
+using Umbraco.Cms.Infrastructure.Persistence.DatabaseAnnotations;
+
+namespace Umbraco.Cms.Infrastructure.Persistence.Dtos
+{
+    [TableName(TableName)]
+    [ExplicitColumns]
+    [PrimaryKey("Id")]
+    internal class TwoFactorLoginDto
+    {
+        public const string TableName = Cms.Core.Constants.DatabaseSchema.Tables.TwoFactorLogin;
+
+        [Column("id")]
+        [PrimaryKeyColumn]
+        public int Id { get; set; }
+
+        [Column("userOrMemberKey")]
+        [Index(IndexTypes.NonClustered)]
+        public Guid UserOrMemberKey { get; set; }
+
+        [Column("providerName")]
+        [Length(400)]
+        [NullSetting(NullSetting = NullSettings.NotNull)]
+        [Index(IndexTypes.UniqueNonClustered, ForColumns = "providerName,userOrMemberKey", Name = "IX_" + TableName + "_ProviderName")]
+        public string ProviderName { get; set; }
+
+        [Column("secret")]
+        [Length(400)]
+        [NullSetting(NullSetting = NullSettings.NotNull)]
+        public string Secret { get; set; }
+    }
+}
diff --git a/src/Umbraco.Infrastructure/Persistence/Repositories/Implement/TwoFactorLoginRepository.cs b/src/Umbraco.Infrastructure/Persistence/Repositories/Implement/TwoFactorLoginRepository.cs
new file mode 100644
index 0000000000..18063edf16
--- /dev/null
+++ b/src/Umbraco.Infrastructure/Persistence/Repositories/Implement/TwoFactorLoginRepository.cs
@@ -0,0 +1,137 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.Extensions.Logging;
+using NPoco;
+using Umbraco.Cms.Core.Cache;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Persistence.Querying;
+using Umbraco.Cms.Core.Persistence.Repositories;
+using Umbraco.Cms.Core.Scoping;
+using Umbraco.Cms.Infrastructure.Persistence.Dtos;
+using Umbraco.Cms.Infrastructure.Persistence.Querying;
+using Umbraco.Extensions;
+
+namespace Umbraco.Cms.Infrastructure.Persistence.Repositories.Implement
+{
+    internal class TwoFactorLoginRepository : EntityRepositoryBase<int, ITwoFactorLogin>, ITwoFactorLoginRepository
+    {
+        public TwoFactorLoginRepository(IScopeAccessor scopeAccessor, AppCaches cache,
+            ILogger<TwoFactorLoginRepository> logger)
+            : base(scopeAccessor, cache, logger)
+        {
+        }
+
+
+        protected override Sql<ISqlContext> GetBaseQuery(bool isCount)
+        {
+            var sql = SqlContext.Sql();
+
+            sql = isCount
+                ? sql.SelectCount()
+                : sql.Select<TwoFactorLoginDto>();
+
+            sql.From<TwoFactorLoginDto>();
+
+            return sql;
+        }
+
+        protected override string GetBaseWhereClause() =>
+            Core.Constants.DatabaseSchema.Tables.TwoFactorLogin + ".id = @id";
+
+        protected override IEnumerable<string> GetDeleteClauses() => Enumerable.Empty<string>();
+
+        protected override ITwoFactorLogin PerformGet(int id)
+        {
+            var sql = GetBaseQuery(false).Where<TwoFactorLoginDto>(x => x.Id == id);
+            var dto = Database.Fetch<TwoFactorLoginDto>(sql).FirstOrDefault();
+            return dto == null ? null : Map(dto);
+        }
+
+        protected override IEnumerable<ITwoFactorLogin> PerformGetAll(params int[] ids)
+        {
+            var sql = GetBaseQuery(false).WhereIn<TwoFactorLoginDto>(x => x.Id, ids);
+            var dtos = Database.Fetch<TwoFactorLoginDto>(sql);
+            return dtos.WhereNotNull().Select(Map);
+        }
+
+        protected override IEnumerable<ITwoFactorLogin> PerformGetByQuery(IQuery<ITwoFactorLogin> query)
+        {
+            var sqlClause = GetBaseQuery(false);
+            var translator = new SqlTranslator<ITwoFactorLogin>(sqlClause, query);
+            var sql = translator.Translate();
+            return Database.Fetch<TwoFactorLoginDto>(sql).Select(Map);
+        }
+
+        protected override void PersistNewItem(ITwoFactorLogin entity)
+        {
+            var dto = Map(entity);
+            Database.Insert(dto);
+        }
+
+        protected override void PersistUpdatedItem(ITwoFactorLogin entity)
+        {
+            var dto = Map(entity);
+            Database.Update(dto);
+        }
+
+        private static TwoFactorLoginDto Map(ITwoFactorLogin entity)
+        {
+            if (entity == null) return null;
+
+            return new TwoFactorLoginDto
+            {
+                Id = entity.Id,
+                UserOrMemberKey = entity.UserOrMemberKey,
+                ProviderName = entity.ProviderName,
+                Secret = entity.Secret,
+            };
+        }
+
+        private static ITwoFactorLogin Map(TwoFactorLoginDto dto)
+        {
+            if (dto == null) return null;
+
+            return new TwoFactorLogin
+            {
+                Id = dto.Id,
+                UserOrMemberKey = dto.UserOrMemberKey,
+                ProviderName = dto.ProviderName,
+                Secret = dto.Secret,
+            };
+        }
+
+        public async Task<bool> DeleteUserLoginsAsync(Guid userOrMemberKey)
+        {
+            return await DeleteUserLoginsAsync(userOrMemberKey, null);
+        }
+
+        public async Task<bool> DeleteUserLoginsAsync(Guid userOrMemberKey, string providerName)
+        {
+            var sql = Sql()
+                .Delete()
+                .From<TwoFactorLoginDto>()
+                .Where<TwoFactorLoginDto>(x => x.UserOrMemberKey == userOrMemberKey);
+
+            if (providerName is not null)
+            {
+                sql = sql.Where<TwoFactorLoginDto>(x => x.ProviderName == providerName);
+            }
+
+            var deletedRows = await Database.ExecuteAsync(sql);
+
+            return deletedRows > 0;
+        }
+
+        public async Task<IEnumerable<ITwoFactorLogin>> GetByUserOrMemberKeyAsync(Guid userOrMemberKey)
+        {
+            var sql = Sql()
+                .Select<TwoFactorLoginDto>()
+                .From<TwoFactorLoginDto>()
+                .Where<TwoFactorLoginDto>(x => x.UserOrMemberKey == userOrMemberKey);
+            var dtos = await Database.FetchAsync<TwoFactorLoginDto>(sql);
+            return dtos.WhereNotNull().Select(Map);
+        }
+    }
+}
diff --git a/src/Umbraco.Infrastructure/Security/BackOfficeIdentityUser.cs b/src/Umbraco.Infrastructure/Security/BackOfficeIdentityUser.cs
index ebd12719e1..df4d704781 100644
--- a/src/Umbraco.Infrastructure/Security/BackOfficeIdentityUser.cs
+++ b/src/Umbraco.Infrastructure/Security/BackOfficeIdentityUser.cs
@@ -159,5 +159,24 @@ namespace Umbraco.Cms.Core.Security
         }
 
         private static string UserIdToString(int userId) => string.Intern(userId.ToString(CultureInfo.InvariantCulture));
+
+        public Guid Key => UserIdToInt(Id).ToGuid();
+
+
+        private static int UserIdToInt(string userId)
+        {
+            if(int.TryParse(userId, NumberStyles.Integer, CultureInfo.InvariantCulture, out var result))
+            {
+                return result;
+            }
+
+            if(Guid.TryParse(userId, out var key))
+            {
+                // Reverse the IntExtensions.ToGuid
+                return BitConverter.ToInt32(key.ToByteArray(), 0);
+            }
+
+            throw new InvalidOperationException($"Unable to convert user ID ({userId})to int using InvariantCulture");
+        }
     }
 }
diff --git a/src/Umbraco.Infrastructure/Security/DeleteTwoFactorLoginsOnMemberDeletedHandler.cs b/src/Umbraco.Infrastructure/Security/DeleteTwoFactorLoginsOnMemberDeletedHandler.cs
new file mode 100644
index 0000000000..7fe4a7c506
--- /dev/null
+++ b/src/Umbraco.Infrastructure/Security/DeleteTwoFactorLoginsOnMemberDeletedHandler.cs
@@ -0,0 +1,33 @@
+using System.Threading;
+using System.Threading.Tasks;
+using Umbraco.Cms.Core.Events;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Notifications;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Infrastructure.Security
+{
+    /// <summary>
+    /// Deletes the two factor for the deleted members. This cannot be handled by the database as there is not foreign keys.
+    /// </summary>
+    public class DeleteTwoFactorLoginsOnMemberDeletedHandler : INotificationAsyncHandler<MemberDeletedNotification>
+    {
+        private readonly ITwoFactorLoginService _twoFactorLoginService;
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="DeleteTwoFactorLoginsOnMemberDeletedHandler"/> class.
+        /// </summary>
+        public DeleteTwoFactorLoginsOnMemberDeletedHandler(ITwoFactorLoginService twoFactorLoginService)
+            => _twoFactorLoginService = twoFactorLoginService;
+
+        /// <inheritdoc/>
+        public async Task HandleAsync(MemberDeletedNotification notification, CancellationToken cancellationToken)
+        {
+            foreach (IMember member in notification.DeletedEntities)
+            {
+                await _twoFactorLoginService.DeleteUserLoginsAsync(member.Key);
+            }
+        }
+
+    }
+}
diff --git a/src/Umbraco.Infrastructure/Security/ITwoFactorProvider.cs b/src/Umbraco.Infrastructure/Security/ITwoFactorProvider.cs
new file mode 100644
index 0000000000..f0da6c314a
--- /dev/null
+++ b/src/Umbraco.Infrastructure/Security/ITwoFactorProvider.cs
@@ -0,0 +1,22 @@
+using System;
+using System.Threading.Tasks;
+
+namespace Umbraco.Cms.Core.Security
+{
+    public interface ITwoFactorProvider
+    {
+        string ProviderName { get; }
+
+        Task<object> GetSetupDataAsync(Guid userOrMemberKey, string secret);
+
+        bool ValidateTwoFactorPIN(string secret, string token);
+
+        /// <summary>
+        ///
+        /// </summary>
+        /// <remarks>Called to confirm the setup of two factor on the user.</remarks>
+        bool ValidateTwoFactorSetup(string secret, string token);
+    }
+
+
+}
diff --git a/src/Umbraco.Infrastructure/Security/MemberIdentityBuilder.cs b/src/Umbraco.Infrastructure/Security/MemberIdentityBuilder.cs
new file mode 100644
index 0000000000..c0df423638
--- /dev/null
+++ b/src/Umbraco.Infrastructure/Security/MemberIdentityBuilder.cs
@@ -0,0 +1,63 @@
+using System;
+using System.Reflection;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.DependencyInjection.Extensions;
+using Umbraco.Cms.Core.Net;
+using Umbraco.Cms.Core.Serialization;
+
+namespace Umbraco.Cms.Core.Security
+{
+
+    public class MemberIdentityBuilder : IdentityBuilder
+    {
+        /// <summary>
+        /// Initializes a new instance of the <see cref="MemberIdentityBuilder"/> class.
+        /// </summary>
+        public MemberIdentityBuilder(IServiceCollection services)
+            : base(typeof(MemberIdentityUser), services)
+            => InitializeServices(services);
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="MemberIdentityBuilder"/> class.
+        /// </summary>
+        public MemberIdentityBuilder(Type role, IServiceCollection services)
+            : base(typeof(MemberIdentityUser), role, services)
+            => InitializeServices(services);
+
+        private void InitializeServices(IServiceCollection services)
+        {
+
+        }
+
+        // override to add itself, by default identity only wants a single IdentityErrorDescriber
+        public override IdentityBuilder AddErrorDescriber<TDescriber>()
+        {
+            if (!typeof(MembersErrorDescriber).IsAssignableFrom(typeof(TDescriber)))
+            {
+                throw new InvalidOperationException($"The type {typeof(TDescriber)} does not inherit from {typeof(MembersErrorDescriber)}");
+            }
+
+            Services.AddScoped<TDescriber>();
+            return this;
+        }
+
+        /// <summary>
+        /// Adds a token provider for the <seealso cref="MemberIdentityBuilder"/>.
+        /// </summary>
+        /// <param name="providerName">The name of the provider to add.</param>
+        /// <param name="provider">The type of the <see cref="IUserTwoFactorTokenProvider{MemberIdentityBuilder}"/> to add.</param>
+        /// <returns>The current <see cref="IdentityBuilder"/> instance.</returns>
+        public override IdentityBuilder AddTokenProvider(string providerName, Type provider)
+        {
+            if (!typeof(IUserTwoFactorTokenProvider<>).MakeGenericType(UserType).GetTypeInfo().IsAssignableFrom(provider.GetTypeInfo()))
+            {
+                throw new InvalidOperationException($"Invalid Type for TokenProvider: {provider.FullName}");
+            }
+
+            Services.Configure<IdentityOptions>(options => options.Tokens.ProviderMap[providerName] = new TokenProviderDescriptor(provider));
+            Services.AddTransient(provider);
+            return this;
+        }
+    }
+}
diff --git a/src/Umbraco.Infrastructure/Security/MemberUserStore.cs b/src/Umbraco.Infrastructure/Security/MemberUserStore.cs
index da45e4d888..4fba880e81 100644
--- a/src/Umbraco.Infrastructure/Security/MemberUserStore.cs
+++ b/src/Umbraco.Infrastructure/Security/MemberUserStore.cs
@@ -29,6 +29,7 @@ namespace Umbraco.Cms.Core.Security
         private readonly IScopeProvider _scopeProvider;
         private readonly IPublishedSnapshotAccessor _publishedSnapshotAccessor;
         private readonly IExternalLoginWithKeyService _externalLoginService;
+        private readonly ITwoFactorLoginService _twoFactorLoginService;
 
         /// <summary>
         /// Initializes a new instance of the <see cref="MemberUserStore"/> class for the members identity store
@@ -37,7 +38,9 @@ namespace Umbraco.Cms.Core.Security
         /// <param name="mapper">The mapper for properties</param>
         /// <param name="scopeProvider">The scope provider</param>
         /// <param name="describer">The error describer</param>
+        /// <param name="publishedSnapshotAccessor">The published snapshot accessor</param>
         /// <param name="externalLoginService">The external login service</param>
+        /// <param name="twoFactorLoginService">The two factor login service</param>
         [ActivatorUtilitiesConstructor]
         public MemberUserStore(
             IMemberService memberService,
@@ -45,7 +48,8 @@ namespace Umbraco.Cms.Core.Security
             IScopeProvider scopeProvider,
             IdentityErrorDescriber describer,
             IPublishedSnapshotAccessor publishedSnapshotAccessor,
-            IExternalLoginWithKeyService externalLoginService
+            IExternalLoginWithKeyService externalLoginService,
+            ITwoFactorLoginService twoFactorLoginService
             )
             : base(describer)
         {
@@ -54,9 +58,10 @@ namespace Umbraco.Cms.Core.Security
             _scopeProvider = scopeProvider ?? throw new ArgumentNullException(nameof(scopeProvider));
             _publishedSnapshotAccessor = publishedSnapshotAccessor;
             _externalLoginService = externalLoginService;
+            _twoFactorLoginService = twoFactorLoginService;
         }
 
-        [Obsolete("Use ctor with IExternalLoginWithKeyService param")]
+        [Obsolete("Use ctor with IExternalLoginWithKeyService and ITwoFactorLoginService param")]
         public MemberUserStore(
             IMemberService memberService,
             IUmbracoMapper mapper,
@@ -64,19 +69,19 @@ namespace Umbraco.Cms.Core.Security
             IdentityErrorDescriber describer,
             IPublishedSnapshotAccessor publishedSnapshotAccessor,
             IExternalLoginService externalLoginService)
-            : this(memberService, mapper, scopeProvider, describer, publishedSnapshotAccessor, StaticServiceProvider.Instance.GetRequiredService<IExternalLoginWithKeyService>())
+            : this(memberService, mapper, scopeProvider, describer, publishedSnapshotAccessor, StaticServiceProvider.Instance.GetRequiredService<IExternalLoginWithKeyService>(), StaticServiceProvider.Instance.GetRequiredService<ITwoFactorLoginService>())
         {
 
         }
 
-        [Obsolete("Use ctor with IExternalLoginWithKeyService param")]
+        [Obsolete("Use ctor with IExternalLoginWithKeyService and ITwoFactorLoginService param")]
         public MemberUserStore(
             IMemberService memberService,
             IUmbracoMapper mapper,
             IScopeProvider scopeProvider,
             IdentityErrorDescriber describer,
             IPublishedSnapshotAccessor publishedSnapshotAccessor)
-            : this(memberService, mapper, scopeProvider, describer, publishedSnapshotAccessor, StaticServiceProvider.Instance.GetRequiredService<IExternalLoginWithKeyService>())
+            : this(memberService, mapper, scopeProvider, describer, publishedSnapshotAccessor, StaticServiceProvider.Instance.GetRequiredService<IExternalLoginWithKeyService>(), StaticServiceProvider.Instance.GetRequiredService<ITwoFactorLoginService>())
         {
 
         }
@@ -678,5 +683,34 @@ namespace Umbraco.Cms.Core.Security
             LoginOnly,
             FullSave
         }
+
+        /// <summary>
+        /// Overridden to support Umbraco's own data storage requirements
+        /// </summary>
+        /// <remarks>
+        /// The base class's implementation of this calls into FindTokenAsync, RemoveUserTokenAsync and AddUserTokenAsync, both methods will only work with ORMs that are change
+        /// tracking ORMs like EFCore.
+        /// </remarks>
+        /// <inheritdoc />
+        public override Task<string> GetTokenAsync(MemberIdentityUser user, string loginProvider, string name, CancellationToken cancellationToken)
+        {
+            cancellationToken.ThrowIfCancellationRequested();
+            ThrowIfDisposed();
+
+            if (user == null)
+            {
+                throw new ArgumentNullException(nameof(user));
+            }
+            IIdentityUserToken token = user.LoginTokens.FirstOrDefault(x => x.LoginProvider.InvariantEquals(loginProvider) && x.Name.InvariantEquals(name));
+
+            return Task.FromResult(token?.Value);
+        }
+
+        /// <inheritdoc />
+        public override async Task<bool> GetTwoFactorEnabledAsync(MemberIdentityUser user,
+            CancellationToken cancellationToken = default(CancellationToken))
+        {
+            return await _twoFactorLoginService.IsTwoFactorEnabledAsync(user.Key);
+        }
     }
 }
diff --git a/src/Umbraco.Infrastructure/Security/UmbracoUserManager.cs b/src/Umbraco.Infrastructure/Security/UmbracoUserManager.cs
index dfef27242b..1410473f6a 100644
--- a/src/Umbraco.Infrastructure/Security/UmbracoUserManager.cs
+++ b/src/Umbraco.Infrastructure/Security/UmbracoUserManager.cs
@@ -263,5 +263,13 @@ namespace Umbraco.Cms.Core.Security
 
             return await VerifyPasswordAsync(userPasswordStore, user, password) == PasswordVerificationResult.Success;
         }
+
+        /// <inheritdoc/>
+        public virtual async Task<IList<string>> GetValidTwoFactorProvidersAsync(TUser user)
+        {
+            var results = await base.GetValidTwoFactorProvidersAsync(user);
+
+            return results;
+        }
     }
 }
diff --git a/src/Umbraco.Infrastructure/Services/Implement/TwoFactorLoginService.cs b/src/Umbraco.Infrastructure/Services/Implement/TwoFactorLoginService.cs
new file mode 100644
index 0000000000..713a73c1df
--- /dev/null
+++ b/src/Umbraco.Infrastructure/Services/Implement/TwoFactorLoginService.cs
@@ -0,0 +1,118 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Options;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Persistence.Repositories;
+using Umbraco.Cms.Core.Scoping;
+using Umbraco.Cms.Core.Security;
+
+namespace Umbraco.Cms.Core.Services
+{
+    public class TwoFactorLoginService : ITwoFactorLoginService
+    {
+        private readonly ITwoFactorLoginRepository _twoFactorLoginRepository;
+        private readonly IScopeProvider _scopeProvider;
+        private readonly IOptions<IdentityOptions> _identityOptions;
+        private readonly IDictionary<string, ITwoFactorProvider> _twoFactorSetupGenerators;
+
+        public TwoFactorLoginService(
+            ITwoFactorLoginRepository twoFactorLoginRepository,
+            IScopeProvider scopeProvider,
+            IEnumerable<ITwoFactorProvider> twoFactorSetupGenerators,
+            IOptions<IdentityOptions> identityOptions)
+        {
+            _twoFactorLoginRepository = twoFactorLoginRepository;
+            _scopeProvider = scopeProvider;
+            _identityOptions = identityOptions;
+            _twoFactorSetupGenerators = twoFactorSetupGenerators.ToDictionary(x=>x.ProviderName);
+        }
+
+        public async Task DeleteUserLoginsAsync(Guid userOrMemberKey)
+        {
+            using IScope scope = _scopeProvider.CreateScope(autoComplete: true);
+            await _twoFactorLoginRepository.DeleteUserLoginsAsync(userOrMemberKey);
+        }
+
+        public async Task<IEnumerable<string>> GetEnabledTwoFactorProviderNamesAsync(Guid userOrMemberKey)
+        {
+            return await GetEnabledProviderNamesAsync(userOrMemberKey);
+        }
+
+        private async Task<IEnumerable<string>> GetEnabledProviderNamesAsync(Guid userOrMemberKey)
+        {
+            using IScope scope = _scopeProvider.CreateScope(autoComplete: true);
+            var providersOnUser = (await _twoFactorLoginRepository.GetByUserOrMemberKeyAsync(userOrMemberKey))
+                .Select(x => x.ProviderName).ToArray();
+
+            return providersOnUser.Where(x => _identityOptions.Value.Tokens.ProviderMap.ContainsKey(x));
+        }
+
+
+        public async Task<bool> IsTwoFactorEnabledAsync(Guid userOrMemberKey)
+        {
+            return (await GetEnabledProviderNamesAsync(userOrMemberKey)).Any();
+        }
+
+        public async Task<string> GetSecretForUserAndProviderAsync(Guid userOrMemberKey, string providerName)
+        {
+            using IScope scope = _scopeProvider.CreateScope(autoComplete: true);
+            return (await _twoFactorLoginRepository.GetByUserOrMemberKeyAsync(userOrMemberKey)).FirstOrDefault(x=>x.ProviderName == providerName)?.Secret;
+        }
+
+        public async Task<object> GetSetupInfoAsync(Guid userOrMemberKey, string providerName)
+        {
+            var secret = await GetSecretForUserAndProviderAsync(userOrMemberKey, providerName);
+
+            //Dont allow to generate a new secrets if user already has one
+            if (!string.IsNullOrEmpty(secret))
+            {
+                return default;
+            }
+
+            secret = GenerateSecret();
+
+            if (!_twoFactorSetupGenerators.TryGetValue(providerName, out ITwoFactorProvider generator))
+            {
+                throw new InvalidOperationException($"No ITwoFactorSetupGenerator found for provider: {providerName}");
+            }
+
+            return await generator.GetSetupDataAsync(userOrMemberKey, secret);
+        }
+
+        public IEnumerable<string> GetAllProviderNames() => _twoFactorSetupGenerators.Keys;
+        public async Task<bool> DisableAsync(Guid userOrMemberKey, string providerName)
+        {
+            using IScope scope = _scopeProvider.CreateScope(autoComplete: true);
+            return (await _twoFactorLoginRepository.DeleteUserLoginsAsync(userOrMemberKey, providerName));
+
+        }
+
+        public bool ValidateTwoFactorSetup(string providerName, string secret, string code)
+        {
+            if (!_twoFactorSetupGenerators.TryGetValue(providerName, out ITwoFactorProvider generator))
+            {
+                throw new InvalidOperationException($"No ITwoFactorSetupGenerator found for provider: {providerName}");
+            }
+
+            return generator.ValidateTwoFactorSetup(secret, code);
+        }
+
+        public Task SaveAsync(TwoFactorLogin twoFactorLogin)
+        {
+            using IScope scope = _scopeProvider.CreateScope(autoComplete: true);
+            _twoFactorLoginRepository.Save(twoFactorLogin);
+
+            return Task.CompletedTask;
+        }
+
+
+        /// <summary>
+        /// Generates a new random unique secret.
+        /// </summary>
+        /// <returns>The random secret</returns>
+        protected virtual string GenerateSecret() => Guid.NewGuid().ToString();
+    }
+}
diff --git a/src/Umbraco.Web.Common/DependencyInjection/UmbracoBuilder.MembersIdentity.cs b/src/Umbraco.Web.Common/DependencyInjection/UmbracoBuilder.MembersIdentity.cs
index 66badc479e..98391d7590 100644
--- a/src/Umbraco.Web.Common/DependencyInjection/UmbracoBuilder.MembersIdentity.cs
+++ b/src/Umbraco.Web.Common/DependencyInjection/UmbracoBuilder.MembersIdentity.cs
@@ -51,7 +51,8 @@ namespace Umbraco.Extensions
                     factory.GetRequiredService<IScopeProvider>(),
                     factory.GetRequiredService<IdentityErrorDescriber>(),
                     factory.GetRequiredService<IPublishedSnapshotAccessor>(),
-                    factory.GetRequiredService<IExternalLoginWithKeyService>()
+                    factory.GetRequiredService<IExternalLoginWithKeyService>(),
+                    factory.GetRequiredService<ITwoFactorLoginService>()
                 ))
                 .AddRoleStore<MemberRoleStore>()
                 .AddRoleManager<IMemberRoleManager, MemberRoleManager>()
@@ -63,6 +64,7 @@ namespace Umbraco.Extensions
 
 
             builder.AddNotificationHandler<MemberDeletedNotification, DeleteExternalLoginsOnMemberDeletedHandler>();
+            builder.AddNotificationAsyncHandler<MemberDeletedNotification, DeleteTwoFactorLoginsOnMemberDeletedHandler>();
             services.ConfigureOptions<ConfigureMemberIdentityOptions>();
 
             services.AddScoped<IMemberUserStore>(x => (IMemberUserStore)x.GetRequiredService<IUserStore<MemberIdentityUser>>());
diff --git a/src/Umbraco.Web.Common/Extensions/IdentityBuilderExtensions.cs b/src/Umbraco.Web.Common/Extensions/IdentityBuilderExtensions.cs
index f1d2ac4a3d..9b80f3e82a 100644
--- a/src/Umbraco.Web.Common/Extensions/IdentityBuilderExtensions.cs
+++ b/src/Umbraco.Web.Common/Extensions/IdentityBuilderExtensions.cs
@@ -3,6 +3,7 @@ using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.DependencyInjection;
 using Umbraco.Cms.Core.DependencyInjection;
 using Umbraco.Cms.Core.Security;
+using Umbraco.Cms.Infrastructure.Security;
 
 namespace Umbraco.Extensions
 {
@@ -59,5 +60,14 @@ namespace Umbraco.Extensions
             identityBuilder.Services.AddScoped(typeof(TInterface), implementationFactory);
             return identityBuilder;
         }
+
+        public static MemberIdentityBuilder AddTwoFactorProvider<T>(this MemberIdentityBuilder identityBuilder, string providerName) where T : class, ITwoFactorProvider
+        {
+            identityBuilder.Services.AddSingleton<ITwoFactorProvider, T>();
+            identityBuilder.Services.AddSingleton<T>();
+            identityBuilder.AddTokenProvider<TwoFactorMemberValidationProvider<T>>(providerName);
+
+            return identityBuilder;
+        }
     }
 }
diff --git a/src/Umbraco.Web.Common/Extensions/UmbracoApplicationBuilder.Identity.cs b/src/Umbraco.Web.Common/Extensions/UmbracoApplicationBuilder.Identity.cs
index 64fde06ac8..e7c0246f40 100644
--- a/src/Umbraco.Web.Common/Extensions/UmbracoApplicationBuilder.Identity.cs
+++ b/src/Umbraco.Web.Common/Extensions/UmbracoApplicationBuilder.Identity.cs
@@ -20,5 +20,33 @@ namespace Umbraco.Extensions
             builder.Services.Replace(ServiceDescriptor.Scoped(userManagerType, customType));
             return builder;
         }
+
+        public static IUmbracoBuilder SetBackOfficeUserStore<TUserStore>(this IUmbracoBuilder builder)
+            where TUserStore : BackOfficeUserStore
+        {
+            Type customType = typeof(TUserStore);
+            builder.Services.Replace(ServiceDescriptor.Scoped(typeof(IUserStore<>).MakeGenericType(typeof(BackOfficeIdentityUser)), customType));
+            return builder;
+        }
+
+        public static IUmbracoBuilder SetMemberManager<TUserManager>(this IUmbracoBuilder builder)
+            where TUserManager : UserManager<MemberIdentityUser>, IMemberManager
+        {
+
+            Type customType = typeof(TUserManager);
+            Type userManagerType = typeof(UserManager<MemberIdentityUser>);
+            builder.Services.Replace(ServiceDescriptor.Scoped(typeof(IMemberManager), customType));
+            builder.Services.AddScoped(customType, services => services.GetRequiredService(userManagerType));
+            builder.Services.Replace(ServiceDescriptor.Scoped(userManagerType, customType));
+            return builder;
+        }
+
+        public static IUmbracoBuilder SetMemberUserStore<TUserStore>(this IUmbracoBuilder builder)
+            where TUserStore : MemberUserStore
+        {
+            Type customType = typeof(TUserStore);
+            builder.Services.Replace(ServiceDescriptor.Scoped(typeof(IUserStore<>).MakeGenericType(typeof(MemberIdentityUser)), customType));
+            return builder;
+        }
     }
 }
diff --git a/src/Umbraco.Web.Common/Extensions/ViewDataExtensions.cs b/src/Umbraco.Web.Common/Extensions/ViewDataExtensions.cs
index 36adacc2d2..8e62ca09cf 100644
--- a/src/Umbraco.Web.Common/Extensions/ViewDataExtensions.cs
+++ b/src/Umbraco.Web.Common/Extensions/ViewDataExtensions.cs
@@ -1,7 +1,9 @@
 using System;
+using System.Collections.Generic;
 using System.Text;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc.ViewFeatures;
+using Umbraco.Cms.Core.Models;
 using Umbraco.Cms.Core.Security;
 using Umbraco.Cms.Core.Semver;
 using Umbraco.Cms.Core.Serialization;
@@ -16,6 +18,7 @@ namespace Umbraco.Extensions
         public const string TokenUmbracoVersion = "UmbracoVersion";
         public const string TokenExternalSignInError = "ExternalSignInError";
         public const string TokenPasswordResetCode = "PasswordResetCode";
+        public const string TokenTwoFactorRequired = "TwoFactorRequired";
 
         public static bool FromTempData(this ViewDataDictionary viewData, ITempDataDictionary tempData, string token)
         {
@@ -135,5 +138,16 @@ namespace Umbraco.Extensions
         {
             viewData[TokenPasswordResetCode] = value;
         }
+
+        public static void SetTwoFactorProviderNames(this ViewDataDictionary viewData, IEnumerable<string> providerNames)
+        {
+            viewData[TokenTwoFactorRequired] = providerNames;
+        }
+
+        public static bool TryGetTwoFactorProviderNames(this ViewDataDictionary viewData, out IEnumerable<string> providerNames)
+        {
+            providerNames = viewData[TokenTwoFactorRequired] as IEnumerable<string>;
+            return providerNames is not null;
+        }
     }
 }
diff --git a/src/Umbraco.Web.Common/Security/IMemberSignInManagerExternalLogins.cs b/src/Umbraco.Web.Common/Security/IMemberSignInManagerExternalLogins.cs
index 3599a028f4..eb6a66a000 100644
--- a/src/Umbraco.Web.Common/Security/IMemberSignInManagerExternalLogins.cs
+++ b/src/Umbraco.Web.Common/Security/IMemberSignInManagerExternalLogins.cs
@@ -2,6 +2,7 @@
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Identity;
+using Umbraco.Cms.Core.Security;
 
 namespace Umbraco.Cms.Web.Common.Security
 {
@@ -12,5 +13,7 @@ namespace Umbraco.Cms.Web.Common.Security
         Task<ExternalLoginInfo> GetExternalLoginInfoAsync(string expectedXsrf = null);
         Task<IdentityResult> UpdateExternalAuthenticationTokensAsync(ExternalLoginInfo externalLogin);
         Task<SignInResult> ExternalLoginSignInAsync(ExternalLoginInfo loginInfo, bool isPersistent, bool bypassTwoFactor = false);
+        Task<MemberIdentityUser> GetTwoFactorAuthenticationUserAsync();
+        Task<SignInResult> TwoFactorSignInAsync(string provider, string code, bool isPersistent, bool rememberClient);
     }
 }
diff --git a/src/Umbraco.Web.Common/Security/MemberManager.cs b/src/Umbraco.Web.Common/Security/MemberManager.cs
index 9a0f26aff4..93aad3a060 100644
--- a/src/Umbraco.Web.Common/Security/MemberManager.cs
+++ b/src/Umbraco.Web.Common/Security/MemberManager.cs
@@ -45,6 +45,9 @@ namespace Umbraco.Cms.Web.Common.Security
             _httpContextAccessor = httpContextAccessor;
         }
 
+        /// <inheritdoc />
+        public override bool SupportsUserTwoFactor => true;
+
         /// <inheritdoc />
         public async Task<bool> IsMemberAuthorizedAsync(IEnumerable<string> allowTypes = null, IEnumerable<string> allowGroups = null, IEnumerable<int> allowMembers = null)
         {
diff --git a/src/Umbraco.Web.Common/Security/MemberSignInManager.cs b/src/Umbraco.Web.Common/Security/MemberSignInManager.cs
index 6407c4fac8..e8bf1c2eb3 100644
--- a/src/Umbraco.Web.Common/Security/MemberSignInManager.cs
+++ b/src/Umbraco.Web.Common/Security/MemberSignInManager.cs
@@ -2,6 +2,7 @@ using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Security.Claims;
+using System.Security.Principal;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Http;
@@ -9,6 +10,8 @@ using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
+using Umbraco.Cms.Core.Events;
+using Umbraco.Cms.Core.Notifications;
 using Umbraco.Cms.Core.Security;
 using Umbraco.Cms.Web.Common.DependencyInjection;
 using Umbraco.Extensions;
@@ -22,6 +25,7 @@ namespace Umbraco.Cms.Web.Common.Security
     public class MemberSignInManager : UmbracoSignInManager<MemberIdentityUser>, IMemberSignInManagerExternalLogins
     {
         private readonly IMemberExternalLoginProviders _memberExternalLoginProviders;
+        private readonly IEventAggregator _eventAggregator;
 
         public MemberSignInManager(
             UserManager<MemberIdentityUser> memberManager,
@@ -31,10 +35,12 @@ namespace Umbraco.Cms.Web.Common.Security
             ILogger<SignInManager<MemberIdentityUser>> logger,
             IAuthenticationSchemeProvider schemes,
             IUserConfirmation<MemberIdentityUser> confirmation,
-            IMemberExternalLoginProviders memberExternalLoginProviders) :
+            IMemberExternalLoginProviders memberExternalLoginProviders,
+            IEventAggregator eventAggregator) :
             base(memberManager, contextAccessor, claimsFactory, optionsAccessor, logger, schemes, confirmation)
         {
             _memberExternalLoginProviders = memberExternalLoginProviders;
+            _eventAggregator = eventAggregator;
         }
 
         [Obsolete("Use ctor with all params")]
@@ -46,7 +52,9 @@ namespace Umbraco.Cms.Web.Common.Security
             ILogger<SignInManager<MemberIdentityUser>> logger,
             IAuthenticationSchemeProvider schemes,
             IUserConfirmation<MemberIdentityUser> confirmation) :
-            this(memberManager, contextAccessor, claimsFactory, optionsAccessor, logger, schemes, confirmation, StaticServiceProvider.Instance.GetRequiredService<IMemberExternalLoginProviders>())
+            this(memberManager, contextAccessor, claimsFactory, optionsAccessor, logger, schemes, confirmation,
+                StaticServiceProvider.Instance.GetRequiredService<IMemberExternalLoginProviders>(),
+                StaticServiceProvider.Instance.GetRequiredService<IEventAggregator>())
         { }
 
         // use default scheme for members
@@ -61,30 +69,6 @@ namespace Umbraco.Cms.Web.Common.Security
         // use default scheme for members
         protected override string TwoFactorRememberMeAuthenticationType => IdentityConstants.TwoFactorRememberMeScheme;
 
-        /// <inheritdoc />
-        public override Task<MemberIdentityUser> GetTwoFactorAuthenticationUserAsync()
-            => throw new NotImplementedException("Two factor is not yet implemented for members");
-
-        /// <inheritdoc />
-        public override Task<SignInResult> TwoFactorSignInAsync(string provider, string code, bool isPersistent, bool rememberClient)
-            => throw new NotImplementedException("Two factor is not yet implemented for members");
-
-        /// <inheritdoc />
-        public override Task<bool> IsTwoFactorClientRememberedAsync(MemberIdentityUser user)
-            => throw new NotImplementedException("Two factor is not yet implemented for members");
-
-        /// <inheritdoc />
-        public override Task RememberTwoFactorClientAsync(MemberIdentityUser user)
-            => throw new NotImplementedException("Two factor is not yet implemented for members");
-
-        /// <inheritdoc />
-        public override Task ForgetTwoFactorClientAsync()
-            => throw new NotImplementedException("Two factor is not yet implemented for members");
-
-        /// <inheritdoc />
-        public override Task<SignInResult> TwoFactorRecoveryCodeSignInAsync(string recoveryCode)
-            => throw new NotImplementedException("Two factor is not yet implemented for members");
-
         /// <inheritdoc />
         public override async Task<ExternalLoginInfo> GetExternalLoginInfoAsync(string expectedXsrf = null)
         {
@@ -369,6 +353,29 @@ namespace Umbraco.Cms.Web.Common.Security
         private void LogFailedExternalLogin(ExternalLoginInfo loginInfo, MemberIdentityUser user) =>
             Logger.LogWarning("The AutoLinkOptions of the external authentication provider '{LoginProvider}' have refused the login based on the OnExternalLogin method. Affected user id: '{UserId}'", loginInfo.LoginProvider, user.Id);
 
+        protected override async Task<SignInResult> SignInOrTwoFactorAsync(MemberIdentityUser user, bool isPersistent,
+            string loginProvider = null, bool bypassTwoFactor = false)
+        {
+            var result = await base.SignInOrTwoFactorAsync(user, isPersistent, loginProvider, bypassTwoFactor);
 
+            if (result.RequiresTwoFactor)
+            {
+                NotifyRequiresTwoFactor(user);
+            }
+
+            return result;
+        }
+
+        protected void NotifyRequiresTwoFactor(MemberIdentityUser user) => Notify(user,
+            (currentUser) => new MemberTwoFactorRequestedNotification(currentUser.Key)
+        );
+
+        private T Notify<T>(MemberIdentityUser currentUser, Func<MemberIdentityUser, T> createNotification) where T : INotification
+        {
+
+            var notification = createNotification(currentUser);
+            _eventAggregator.Publish(notification);
+            return notification;
+        }
     }
 }
diff --git a/src/Umbraco.Web.Common/Security/TwoFactorValidationProvider.cs b/src/Umbraco.Web.Common/Security/TwoFactorValidationProvider.cs
new file mode 100644
index 0000000000..32b3226440
--- /dev/null
+++ b/src/Umbraco.Web.Common/Security/TwoFactorValidationProvider.cs
@@ -0,0 +1,91 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.DataProtection;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Options;
+using Umbraco.Cms.Core.Security;
+using Umbraco.Cms.Core.Services;
+
+using Microsoft.Extensions.Logging;
+
+namespace Umbraco.Cms.Infrastructure.Security
+{
+    public class TwoFactorBackOfficeValidationProvider<TTwoFactorSetupGenerator> : TwoFactorValidationProvider<BackOfficeIdentityUser, TTwoFactorSetupGenerator>
+        where TTwoFactorSetupGenerator : ITwoFactorProvider
+    {
+        protected TwoFactorBackOfficeValidationProvider(IDataProtectionProvider dataProtectionProvider, IOptions<DataProtectionTokenProviderOptions> options, ILogger<TwoFactorBackOfficeValidationProvider<TTwoFactorSetupGenerator>> logger, ITwoFactorLoginService twoFactorLoginService, TTwoFactorSetupGenerator generator) : base(dataProtectionProvider, options, logger, twoFactorLoginService, generator)
+        {
+        }
+
+    }
+
+    public class TwoFactorMemberValidationProvider<TTwoFactorSetupGenerator> : TwoFactorValidationProvider<MemberIdentityUser, TTwoFactorSetupGenerator>
+        where TTwoFactorSetupGenerator : ITwoFactorProvider
+    {
+        public TwoFactorMemberValidationProvider(IDataProtectionProvider dataProtectionProvider, IOptions<DataProtectionTokenProviderOptions> options, ILogger<TwoFactorMemberValidationProvider<TTwoFactorSetupGenerator>> logger, ITwoFactorLoginService twoFactorLoginService, TTwoFactorSetupGenerator generator) : base(dataProtectionProvider, options, logger, twoFactorLoginService, generator)
+        {
+        }
+
+    }
+
+    public class TwoFactorValidationProvider<TUmbracoIdentityUser, TTwoFactorSetupGenerator>
+        : DataProtectorTokenProvider<TUmbracoIdentityUser>
+        where TUmbracoIdentityUser : UmbracoIdentityUser
+        where TTwoFactorSetupGenerator : ITwoFactorProvider
+    {
+        private readonly ITwoFactorLoginService _twoFactorLoginService;
+        private readonly TTwoFactorSetupGenerator _generator;
+
+        protected TwoFactorValidationProvider(
+
+            IDataProtectionProvider dataProtectionProvider,
+            IOptions<DataProtectionTokenProviderOptions> options,
+            ILogger<TwoFactorValidationProvider<TUmbracoIdentityUser, TTwoFactorSetupGenerator>> logger,
+            ITwoFactorLoginService twoFactorLoginService,
+            TTwoFactorSetupGenerator generator)
+            : base(dataProtectionProvider, options, logger)
+        {
+            _twoFactorLoginService = twoFactorLoginService;
+            _generator = generator;
+        }
+
+        public override Task<bool> CanGenerateTwoFactorTokenAsync(UserManager<TUmbracoIdentityUser> manager,
+            TUmbracoIdentityUser user) => Task.FromResult(_generator is not null);
+
+        public override async Task<bool> ValidateAsync(string purpose, string token,
+            UserManager<TUmbracoIdentityUser> manager, TUmbracoIdentityUser user)
+        {
+            var secret =
+                await _twoFactorLoginService.GetSecretForUserAndProviderAsync(GetUserKey(user), _generator.ProviderName);
+
+            if (secret is null)
+            {
+                return false;
+            }
+
+            var validToken = _generator.ValidateTwoFactorPIN(secret, token);
+
+
+            return validToken;
+        }
+
+        protected Guid GetUserKey(TUmbracoIdentityUser user)
+        {
+
+            switch (user)
+            {
+                case MemberIdentityUser memberIdentityUser:
+                    return memberIdentityUser.Key;
+                case BackOfficeIdentityUser backOfficeIdentityUser:
+                    return backOfficeIdentityUser.Key;
+                default:
+                    throw new NotSupportedException(
+                        "Current we only support MemberIdentityUser and BackOfficeIdentityUser");
+            }
+
+        }
+
+    }
+}
diff --git a/src/Umbraco.Web.UI/umbraco/PartialViewMacros/Templates/EditProfile.cshtml b/src/Umbraco.Web.UI/umbraco/PartialViewMacros/Templates/EditProfile.cshtml
index 095c3c050d..1b1ebd7284 100644
--- a/src/Umbraco.Web.UI/umbraco/PartialViewMacros/Templates/EditProfile.cshtml
+++ b/src/Umbraco.Web.UI/umbraco/PartialViewMacros/Templates/EditProfile.cshtml
@@ -1,7 +1,4 @@
 @inherits Umbraco.Cms.Web.Common.Macros.PartialViewMacroPage
-
-@using Umbraco.Cms.Core
-@using Umbraco.Cms.Core.Security
 @using Umbraco.Cms.Core.Services
 @using Umbraco.Cms.Web.Common.Security
 @using Umbraco.Cms.Web.Website.Controllers
@@ -11,6 +8,7 @@
 @inject IMemberExternalLoginProviders memberExternalLoginProviders
 @inject IExternalLoginWithKeyService externalLoginWithKeyService
 @{
+
     // Build a profile model to edit
     var profileModel = await memberModelBuilderFactory
         .CreateProfileModel()
diff --git a/src/Umbraco.Web.UI/umbraco/PartialViewMacros/Templates/Login.cshtml b/src/Umbraco.Web.UI/umbraco/PartialViewMacros/Templates/Login.cshtml
index 85b7f53c24..7ba7f2acca 100644
--- a/src/Umbraco.Web.UI/umbraco/PartialViewMacros/Templates/Login.cshtml
+++ b/src/Umbraco.Web.UI/umbraco/PartialViewMacros/Templates/Login.cshtml
@@ -1,9 +1,12 @@
 @inherits Umbraco.Cms.Web.Common.Macros.PartialViewMacroPage
+
 @using Umbraco.Cms.Web.Common.Models
 @using Umbraco.Cms.Web.Common.Security
 @using Umbraco.Cms.Web.Website.Controllers
+@using Umbraco.Cms.Core.Services
 @using Umbraco.Extensions
 @inject IMemberExternalLoginProviders memberExternalLoginProviders
+@inject ITwoFactorLoginService twoFactorLoginService
 @{
     var loginModel = new LoginModel();
     // You can modify this to redirect to a different URL instead of the current one
@@ -14,6 +17,33 @@
 <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/jquery.validate.min.js"></script>
 <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.11/jquery.validate.unobtrusive.min.js"></script>
 
+
+@if (ViewData.TryGetTwoFactorProviderNames(out var providerNames))
+{
+
+    foreach (var providerName in providerNames)
+    {
+        <div class="2fa-form">
+            <h4>Two factor with @providerName.</h4>
+            <div asp-validation-summary="All" class="text-danger"></div>
+            @using (Html.BeginUmbracoForm<UmbTwoFactorLoginController>(nameof(UmbTwoFactorLoginController.Verify2FACode)))
+            {
+
+                <text>
+                    <input type="hidden" name="provider" value="@providerName"/>
+                    Input security code: <input name="code" value=""/><br/>
+                    <button type="submit" class="btn btn-primary">Validate</button>
+                    <div asp-validation-summary="ModelOnly" class="text-danger"></div>
+                </text>
+            }
+        </div>
+    }
+
+}
+else
+{
+
+
 <div class="login-form">
 
     @using (Html.BeginUmbracoForm<UmbLoginController>(
@@ -74,3 +104,4 @@
     }
 }
 </div>
+}
diff --git a/src/Umbraco.Web.Website/Controllers/UmbExternalLoginController.cs b/src/Umbraco.Web.Website/Controllers/UmbExternalLoginController.cs
index 2d5ec250e9..c43754e170 100644
--- a/src/Umbraco.Web.Website/Controllers/UmbExternalLoginController.cs
+++ b/src/Umbraco.Web.Website/Controllers/UmbExternalLoginController.cs
@@ -4,12 +4,13 @@ using System.Security.Claims;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Http.Extensions;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Logging;
 using Umbraco.Cms.Core.Cache;
 using Umbraco.Cms.Core.Logging;
+using Umbraco.Cms.Core.Models;
 using Umbraco.Cms.Core.Routing;
 using Umbraco.Cms.Core.Security;
 using Umbraco.Cms.Core.Services;
@@ -27,9 +28,12 @@ namespace Umbraco.Cms.Web.Website.Controllers
     public class UmbExternalLoginController : SurfaceController
     {
         private readonly IMemberManager _memberManager;
+        private readonly ITwoFactorLoginService _twoFactorLoginService;
+        private readonly ILogger<UmbExternalLoginController> _logger;
         private readonly IMemberSignInManagerExternalLogins _memberSignInManager;
 
         public UmbExternalLoginController(
+            ILogger<UmbExternalLoginController> logger,
             IUmbracoContextAccessor umbracoContextAccessor,
             IUmbracoDatabaseFactory databaseFactory,
             ServiceContext services,
@@ -37,7 +41,8 @@ namespace Umbraco.Cms.Web.Website.Controllers
             IProfilingLogger profilingLogger,
             IPublishedUrlProvider publishedUrlProvider,
             IMemberSignInManagerExternalLogins memberSignInManager,
-            IMemberManager memberManager)
+            IMemberManager memberManager,
+            ITwoFactorLoginService twoFactorLoginService)
             : base(
                 umbracoContextAccessor,
                 databaseFactory,
@@ -46,8 +51,10 @@ namespace Umbraco.Cms.Web.Website.Controllers
                 profilingLogger,
                 publishedUrlProvider)
         {
+            _logger = logger;
             _memberSignInManager = memberSignInManager;
             _memberManager = memberManager;
+            _twoFactorLoginService = twoFactorLoginService;
         }
 
         /// <summary>
@@ -108,14 +115,12 @@ namespace Umbraco.Cms.Web.Website.Controllers
                             $"No local user found for the login provider {loginInfo.LoginProvider} - {loginInfo.ProviderKey}");
                     }
 
-                    // create a with information to display a custom two factor send code view
-                    var verifyResponse =
-                        new ObjectResult(new { userId = attemptedUser.Id })
-                        {
-                            StatusCode = StatusCodes.Status402PaymentRequired
-                        };
 
-                    return verifyResponse;
+                    var providerNames = await _twoFactorLoginService.GetEnabledTwoFactorProviderNamesAsync(attemptedUser.Key);
+                    ViewData.SetTwoFactorProviderNames(providerNames);
+
+                    return CurrentUmbracoPage();
+
                 }
 
                 if (result == SignInResult.LockedOut)
diff --git a/src/Umbraco.Web.Website/Controllers/UmbLoginController.cs b/src/Umbraco.Web.Website/Controllers/UmbLoginController.cs
index afeb41a252..9dbcd292e4 100644
--- a/src/Umbraco.Web.Website/Controllers/UmbLoginController.cs
+++ b/src/Umbraco.Web.Website/Controllers/UmbLoginController.cs
@@ -1,14 +1,20 @@
 using System;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.DependencyInjection;
 using Umbraco.Cms.Core.Cache;
 using Umbraco.Cms.Core.Logging;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Models.ContentEditing;
 using Umbraco.Cms.Core.Routing;
 using Umbraco.Cms.Core.Security;
 using Umbraco.Cms.Core.Services;
 using Umbraco.Cms.Core.Web;
 using Umbraco.Cms.Infrastructure.Persistence;
+using Umbraco.Cms.Web.Common.ActionsResults;
+using Umbraco.Cms.Web.Common.DependencyInjection;
 using Umbraco.Cms.Web.Common.Filters;
 using Umbraco.Cms.Web.Common.Models;
 using Umbraco.Cms.Web.Common.Security;
@@ -20,7 +26,29 @@ namespace Umbraco.Cms.Web.Website.Controllers
     public class UmbLoginController : SurfaceController
     {
         private readonly IMemberSignInManager _signInManager;
+        private readonly IMemberManager _memberManager;
+        private readonly ITwoFactorLoginService _twoFactorLoginService;
 
+
+        [ActivatorUtilitiesConstructor]
+        public UmbLoginController(
+            IUmbracoContextAccessor umbracoContextAccessor,
+            IUmbracoDatabaseFactory databaseFactory,
+            ServiceContext services,
+            AppCaches appCaches,
+            IProfilingLogger profilingLogger,
+            IPublishedUrlProvider publishedUrlProvider,
+            IMemberSignInManager signInManager,
+            IMemberManager memberManager,
+            ITwoFactorLoginService twoFactorLoginService)
+            : base(umbracoContextAccessor, databaseFactory, services, appCaches, profilingLogger, publishedUrlProvider)
+        {
+            _signInManager = signInManager;
+            _memberManager = memberManager;
+            _twoFactorLoginService = twoFactorLoginService;
+        }
+
+        [Obsolete("Use ctor with all params")]
         public UmbLoginController(
             IUmbracoContextAccessor umbracoContextAccessor,
             IUmbracoDatabaseFactory databaseFactory,
@@ -29,9 +57,11 @@ namespace Umbraco.Cms.Web.Website.Controllers
             IProfilingLogger profilingLogger,
             IPublishedUrlProvider publishedUrlProvider,
             IMemberSignInManager signInManager)
-            : base(umbracoContextAccessor, databaseFactory, services, appCaches, profilingLogger, publishedUrlProvider)
+            : this(umbracoContextAccessor, databaseFactory, services, appCaches, profilingLogger, publishedUrlProvider, signInManager,
+                StaticServiceProvider.Instance.GetRequiredService<IMemberManager>(),
+                StaticServiceProvider.Instance.GetRequiredService<ITwoFactorLoginService>())
         {
-            _signInManager = signInManager;
+
         }
 
         [HttpPost]
@@ -74,15 +104,28 @@ namespace Umbraco.Cms.Web.Website.Controllers
 
             if (result.RequiresTwoFactor)
             {
-                throw new NotImplementedException("Two factor support is not supported for Umbraco members yet");
+                MemberIdentityUser attemptedUser = await _memberManager.FindByNameAsync(model.Username);
+                if (attemptedUser == null)
+                {
+                    return new ValidationErrorResult(
+                        $"No local member found for username {model.Username}");
+                }
+
+                var providerNames = await _twoFactorLoginService.GetEnabledTwoFactorProviderNamesAsync(attemptedUser.Key);
+                ViewData.SetTwoFactorProviderNames(providerNames);
+            }
+            else if (result.IsLockedOut)
+            {
+                ModelState.AddModelError("loginModel", "Member is locked out");
+            }
+            else if (result.IsNotAllowed)
+            {
+                ModelState.AddModelError("loginModel", "Member is not allowed");
+            }
+            else
+            {
+                ModelState.AddModelError("loginModel", "Invalid username or password");
             }
-
-            // TODO: We can check for these and respond differently if we think it's important
-            //  result.IsLockedOut
-            //  result.IsNotAllowed
-
-            // Don't add a field level error, just model level.
-            ModelState.AddModelError("loginModel", "Invalid username or password");
             return CurrentUmbracoPage();
         }
 
@@ -97,5 +140,7 @@ namespace Umbraco.Cms.Web.Website.Controllers
                 model.RedirectUrl = redirectUrl.ToString();
             }
         }
+
+
     }
 }
diff --git a/src/Umbraco.Web.Website/Controllers/UmbTwoFactorLoginController.cs b/src/Umbraco.Web.Website/Controllers/UmbTwoFactorLoginController.cs
new file mode 100644
index 0000000000..ba86e63a36
--- /dev/null
+++ b/src/Umbraco.Web.Website/Controllers/UmbTwoFactorLoginController.cs
@@ -0,0 +1,160 @@
+using System.Collections.Generic;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http.Extensions;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Logging;
+using Umbraco.Cms.Core.Cache;
+using Umbraco.Cms.Core.Logging;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Routing;
+using Umbraco.Cms.Core.Security;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Web;
+using Umbraco.Cms.Infrastructure.Persistence;
+using Umbraco.Cms.Web.Common.ActionsResults;
+using Umbraco.Cms.Web.Common.Filters;
+using Umbraco.Cms.Web.Common.Security;
+using Umbraco.Extensions;
+using SignInResult = Microsoft.AspNetCore.Identity.SignInResult;
+
+namespace Umbraco.Cms.Web.Website.Controllers
+{
+    [UmbracoMemberAuthorize]
+    public class UmbTwoFactorLoginController : SurfaceController
+    {
+        private readonly IMemberManager _memberManager;
+        private readonly ITwoFactorLoginService _twoFactorLoginService;
+        private readonly ILogger<UmbTwoFactorLoginController> _logger;
+        private readonly IMemberSignInManagerExternalLogins _memberSignInManager;
+
+        public UmbTwoFactorLoginController(
+            ILogger<UmbTwoFactorLoginController> logger,
+            IUmbracoContextAccessor umbracoContextAccessor,
+            IUmbracoDatabaseFactory databaseFactory,
+            ServiceContext services,
+            AppCaches appCaches,
+            IProfilingLogger profilingLogger,
+            IPublishedUrlProvider publishedUrlProvider,
+            IMemberSignInManagerExternalLogins memberSignInManager,
+            IMemberManager memberManager,
+            ITwoFactorLoginService twoFactorLoginService)
+            : base(
+                umbracoContextAccessor,
+                databaseFactory,
+                services,
+                appCaches,
+                profilingLogger,
+                publishedUrlProvider)
+        {
+            _logger = logger;
+            _memberSignInManager = memberSignInManager;
+            _memberManager = memberManager;
+            _twoFactorLoginService = twoFactorLoginService;
+        }
+
+        /// <summary>
+        /// Used to retrieve the 2FA providers for code submission
+        /// </summary>
+        /// <returns></returns>
+        [AllowAnonymous]
+        public async Task<ActionResult<IEnumerable<string>>> Get2FAProviders()
+        {
+            var user = await _memberSignInManager.GetTwoFactorAuthenticationUserAsync();
+            if (user == null)
+            {
+                _logger.LogWarning("Get2FAProviders :: No verified member found, returning 404");
+                return NotFound();
+            }
+
+            var userFactors = await _memberManager.GetValidTwoFactorProvidersAsync(user);
+            return new ObjectResult(userFactors);
+        }
+
+        [AllowAnonymous]
+        public async Task<IActionResult> Verify2FACode(Verify2FACodeModel model, string returnUrl = null)
+        {
+            var user = await _memberSignInManager.GetTwoFactorAuthenticationUserAsync();
+            if (user == null)
+            {
+                _logger.LogWarning("PostVerify2FACode :: No verified member found, returning 404");
+                return NotFound();
+            }
+
+            if (ModelState.IsValid)
+            {
+                var result = await _memberSignInManager.TwoFactorSignInAsync(model.Provider, model.Code, model.IsPersistent, model.RememberClient);
+                if (result.Succeeded)
+                {
+                    return RedirectToLocal(returnUrl);
+                }
+
+                if (result.IsLockedOut)
+                {
+                    ModelState.AddModelError(nameof(Verify2FACodeModel.Code), "Member is locked out");
+                }
+                else if (result.IsNotAllowed)
+                {
+                    ModelState.AddModelError(nameof(Verify2FACodeModel.Code), "Member is not allowed");
+                }
+                else
+                {
+                    ModelState.AddModelError(nameof(Verify2FACodeModel.Code), "Invalid code");
+                }
+            }
+
+            //We need to set this, to ensure we show the 2fa login page
+            var providerNames = await _twoFactorLoginService.GetEnabledTwoFactorProviderNamesAsync(user.Key);
+            ViewData.SetTwoFactorProviderNames(providerNames);
+            return CurrentUmbracoPage();
+        }
+
+        [HttpPost]
+        public async Task<IActionResult> ValidateAndSaveSetup(string providerName, string secret, string code, string returnUrl = null)
+        {
+            var member = await _memberManager.GetCurrentMemberAsync();
+
+            var isValid = _twoFactorLoginService.ValidateTwoFactorSetup(providerName, secret, code);
+
+            if (isValid == false)
+            {
+                ModelState.AddModelError(nameof(code), "Invalid Code");
+
+                return CurrentUmbracoPage();
+            }
+
+            var twoFactorLogin = new TwoFactorLogin()
+            {
+                Confirmed = true,
+                Secret = secret,
+                UserOrMemberKey = member.Key,
+                ProviderName = providerName
+            };
+
+            await _twoFactorLoginService.SaveAsync(twoFactorLogin);
+
+            return RedirectToLocal(returnUrl);
+        }
+
+        [HttpPost]
+        public async Task<IActionResult> Disable(string providerName, string returnUrl = null)
+        {
+            var member = await _memberManager.GetCurrentMemberAsync();
+
+            var success = await _twoFactorLoginService.DisableAsync(member.Key, providerName);
+
+            if (!success)
+            {
+                return CurrentUmbracoPage();
+            }
+
+            return RedirectToLocal(returnUrl);
+        }
+
+        private IActionResult RedirectToLocal(string returnUrl) =>
+            Url.IsLocalUrl(returnUrl) ? Redirect(returnUrl) : RedirectToCurrentUmbracoPage();
+    }
+}
diff --git a/tests/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/Security/MemberManagerTests.cs b/tests/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/Security/MemberManagerTests.cs
index e09fb70d8e..dedccca16e 100644
--- a/tests/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/Security/MemberManagerTests.cs
+++ b/tests/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/Security/MemberManagerTests.cs
@@ -52,7 +52,9 @@ namespace Umbraco.Cms.Tests.UnitTests.Umbraco.Infrastructure.Security
                 new UmbracoMapper(new MapDefinitionCollection(() => mapDefinitions), scopeProvider),
                 scopeProvider,
                 new IdentityErrorDescriber(),
-                Mock.Of<IPublishedSnapshotAccessor>(), Mock.Of<IExternalLoginWithKeyService>());
+                Mock.Of<IPublishedSnapshotAccessor>(), 
+                Mock.Of<IExternalLoginWithKeyService>(), 
+                Mock.Of<ITwoFactorLoginService>());
 
             _mockIdentityOptions = new Mock<IOptions<IdentityOptions>>();
             var idOptions = new IdentityOptions { Lockout = { AllowedForNewUsers = false } };
diff --git a/tests/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/Security/MemberUserStoreTests.cs b/tests/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/Security/MemberUserStoreTests.cs
index 4ed2f0895d..14261e34fb 100644
--- a/tests/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/Security/MemberUserStoreTests.cs
+++ b/tests/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/Security/MemberUserStoreTests.cs
@@ -38,7 +38,8 @@ namespace Umbraco.Cms.Tests.UnitTests.Umbraco.Infrastructure.Security
                 mockScopeProvider.Object,
                 new IdentityErrorDescriber(),
                 Mock.Of<IPublishedSnapshotAccessor>(),
-                Mock.Of<IExternalLoginWithKeyService>()
+                Mock.Of<IExternalLoginWithKeyService>(),
+                Mock.Of<ITwoFactorLoginService>()
                 );
         }
 
diff --git a/tests/Umbraco.Tests.UnitTests/Umbraco.Web.Common/Security/MemberSignInManagerTests.cs b/tests/Umbraco.Tests.UnitTests/Umbraco.Web.Common/Security/MemberSignInManagerTests.cs
index e616cafd08..ccba5a4494 100644
--- a/tests/Umbraco.Tests.UnitTests/Umbraco.Web.Common/Security/MemberSignInManagerTests.cs
+++ b/tests/Umbraco.Tests.UnitTests/Umbraco.Web.Common/Security/MemberSignInManagerTests.cs
@@ -12,6 +12,7 @@ using Microsoft.Extensions.Options;
 using Moq;
 using NUnit.Framework;
 using Umbraco.Cms.Core.Configuration.Models;
+using Umbraco.Cms.Core.Events;
 using Umbraco.Cms.Core.Net;
 using Umbraco.Cms.Core.Security;
 using Umbraco.Cms.Core.Services;
@@ -47,6 +48,11 @@ namespace Umbraco.Cms.Tests.UnitTests.Umbraco.Web.Common.Security
                 {
                     o.Cookie.Name = IdentityConstants.TwoFactorUserIdScheme;
                     o.ExpireTimeSpan = TimeSpan.FromMinutes(5);
+                })
+                .AddCookie(IdentityConstants.TwoFactorRememberMeScheme, o =>
+                {
+                    o.Cookie.Name = IdentityConstants.TwoFactorRememberMeScheme;
+                    o.ExpireTimeSpan = TimeSpan.FromMinutes(5);
                 });
             IServiceProvider serviceProvider = serviceProviderFactory.CreateServiceProvider(serviceCollection);
             var httpContextFactory = new DefaultHttpContextFactory(serviceProvider);
@@ -66,7 +72,8 @@ namespace Umbraco.Cms.Tests.UnitTests.Umbraco.Web.Common.Security
                     _mockLogger.Object,
                     Mock.Of<IAuthenticationSchemeProvider>(),
                     Mock.Of<IUserConfirmation<MemberIdentityUser>>(),
-                    Mock.Of<IMemberExternalLoginProviders>()
+                    Mock.Of<IMemberExternalLoginProviders>(),
+                    Mock.Of<IEventAggregator>()
                     );
         }
         private static Mock<MemberManager> MockMemberManager()

From 4843b28184b0c9c9c40fe96b06633f000e685954 Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Fri, 21 Jan 2022 19:30:38 +0100
Subject: [PATCH 23/81] added contains check for acceptance tests

---
 .../cypress/integration/Languages/languages.ts                   | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/Umbraco.Tests.AcceptanceTest/cypress/integration/Languages/languages.ts b/tests/Umbraco.Tests.AcceptanceTest/cypress/integration/Languages/languages.ts
index 5898335105..33d5de24cb 100644
--- a/tests/Umbraco.Tests.AcceptanceTest/cypress/integration/Languages/languages.ts
+++ b/tests/Umbraco.Tests.AcceptanceTest/cypress/integration/Languages/languages.ts
@@ -13,6 +13,7 @@ context('Languages', () => {
       cy.umbracoEnsureLanguageCultureNotExists(culture);
       cy.umbracoSection('settings');
 
+      cy.get('.umb-tree-root-link').contains('Settings')
       // Enter language tree and create new language
       cy.umbracoTreeItem('settings', ['Languages']).click();
       cy.umbracoButtonByLabelKey('languages_addLanguage').click();

From 8b773c90c20045bc2a336f482c1c1a70e6030b0f Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Wed, 19 Jan 2022 15:43:14 +0100
Subject: [PATCH 24/81] Add IHtmlSanitizer

---
 src/Umbraco.Core/Security/IHtmlSanitizer.cs    |  7 +++++++
 src/Umbraco.Core/Security/NoOpHtmlSanitizer.cs | 10 ++++++++++
 2 files changed, 17 insertions(+)
 create mode 100644 src/Umbraco.Core/Security/IHtmlSanitizer.cs
 create mode 100644 src/Umbraco.Core/Security/NoOpHtmlSanitizer.cs

diff --git a/src/Umbraco.Core/Security/IHtmlSanitizer.cs b/src/Umbraco.Core/Security/IHtmlSanitizer.cs
new file mode 100644
index 0000000000..7f3f033ba7
--- /dev/null
+++ b/src/Umbraco.Core/Security/IHtmlSanitizer.cs
@@ -0,0 +1,7 @@
+namespace Umbraco.Core.Security
+{
+    public interface IHtmlSanitizer
+    {
+        string Sanitize(string html);
+    }
+}
diff --git a/src/Umbraco.Core/Security/NoOpHtmlSanitizer.cs b/src/Umbraco.Core/Security/NoOpHtmlSanitizer.cs
new file mode 100644
index 0000000000..f16ce81ce1
--- /dev/null
+++ b/src/Umbraco.Core/Security/NoOpHtmlSanitizer.cs
@@ -0,0 +1,10 @@
+namespace Umbraco.Core.Security
+{
+    public class NoOpHtmlSanitizer : IHtmlSanitizer
+    {
+        public string Sanitize(string html)
+        {
+            return html;
+        }
+    }
+}

From e2d0a0f699c755821df3a847aed5f0e1b170d64f Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Mon, 24 Jan 2022 08:38:31 +0100
Subject: [PATCH 25/81] Add docstrings to IHtmlSanitizer

---
 src/Umbraco.Core/Security/IHtmlSanitizer.cs | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/Umbraco.Core/Security/IHtmlSanitizer.cs b/src/Umbraco.Core/Security/IHtmlSanitizer.cs
index 7f3f033ba7..fa1e0b3ee5 100644
--- a/src/Umbraco.Core/Security/IHtmlSanitizer.cs
+++ b/src/Umbraco.Core/Security/IHtmlSanitizer.cs
@@ -2,6 +2,11 @@ namespace Umbraco.Core.Security
 {
     public interface IHtmlSanitizer
     {
+        /// <summary>
+        /// Sanitizes HTML
+        /// </summary>
+        /// <param name="html">HTML to be sanitized</param>
+        /// <returns>Sanitized HTML</returns>
         string Sanitize(string html);
     }
 }

From 01c1e68cf023887ef25af6bda2c7b11efb816ad3 Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Mon, 24 Jan 2022 09:19:06 +0100
Subject: [PATCH 26/81] Fix up namespaces

---
 src/Umbraco.Core/Security/IHtmlSanitizer.cs    | 2 +-
 src/Umbraco.Core/Security/NoOpHtmlSanitizer.cs | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Umbraco.Core/Security/IHtmlSanitizer.cs b/src/Umbraco.Core/Security/IHtmlSanitizer.cs
index fa1e0b3ee5..9bcfe405dd 100644
--- a/src/Umbraco.Core/Security/IHtmlSanitizer.cs
+++ b/src/Umbraco.Core/Security/IHtmlSanitizer.cs
@@ -1,4 +1,4 @@
-namespace Umbraco.Core.Security
+namespace Umbraco.Cms.Core.Security
 {
     public interface IHtmlSanitizer
     {
diff --git a/src/Umbraco.Core/Security/NoOpHtmlSanitizer.cs b/src/Umbraco.Core/Security/NoOpHtmlSanitizer.cs
index f16ce81ce1..f2e8a48ad0 100644
--- a/src/Umbraco.Core/Security/NoOpHtmlSanitizer.cs
+++ b/src/Umbraco.Core/Security/NoOpHtmlSanitizer.cs
@@ -1,4 +1,4 @@
-namespace Umbraco.Core.Security
+namespace Umbraco.Cms.Core.Security
 {
     public class NoOpHtmlSanitizer : IHtmlSanitizer
     {

From 249774c815345293ea98c56addb1dd6604ee51f8 Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Mon, 24 Jan 2022 09:23:07 +0100
Subject: [PATCH 27/81] Rename NoOp to Noop

To match the rest of the classes
---
 src/Umbraco.Core/DependencyInjection/UmbracoBuilder.cs         | 3 +++
 .../Security/{NoOpHtmlSanitizer.cs => NoopHtmlSanitizer.cs}    | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)
 rename src/Umbraco.Core/Security/{NoOpHtmlSanitizer.cs => NoopHtmlSanitizer.cs} (73%)

diff --git a/src/Umbraco.Core/DependencyInjection/UmbracoBuilder.cs b/src/Umbraco.Core/DependencyInjection/UmbracoBuilder.cs
index eacd615830..c4a95d45e5 100644
--- a/src/Umbraco.Core/DependencyInjection/UmbracoBuilder.cs
+++ b/src/Umbraco.Core/DependencyInjection/UmbracoBuilder.cs
@@ -263,6 +263,9 @@ namespace Umbraco.Cms.Core.DependencyInjection
 
             // Register telemetry service used to gather data about installed packages
             Services.AddUnique<ITelemetryService, TelemetryService>();
+
+            // Register a noop IHtmlSanitizer to be replaced
+            Services.AddUnique<IHtmlSanitizer, NoopHtmlSanitizer>();
         }
     }
 }
diff --git a/src/Umbraco.Core/Security/NoOpHtmlSanitizer.cs b/src/Umbraco.Core/Security/NoopHtmlSanitizer.cs
similarity index 73%
rename from src/Umbraco.Core/Security/NoOpHtmlSanitizer.cs
rename to src/Umbraco.Core/Security/NoopHtmlSanitizer.cs
index f2e8a48ad0..2ada23631a 100644
--- a/src/Umbraco.Core/Security/NoOpHtmlSanitizer.cs
+++ b/src/Umbraco.Core/Security/NoopHtmlSanitizer.cs
@@ -1,6 +1,6 @@
 namespace Umbraco.Cms.Core.Security
 {
-    public class NoOpHtmlSanitizer : IHtmlSanitizer
+    public class NoopHtmlSanitizer : IHtmlSanitizer
     {
         public string Sanitize(string html)
         {

From 39f7102312f55d08a18c86132a65479250966653 Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Mon, 24 Jan 2022 09:30:23 +0100
Subject: [PATCH 28/81] Use IHtmlSanitizer in RichTextValueEditor

---
 .../PropertyEditors/RichTextPropertyEditor.cs             | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/Umbraco.Infrastructure/PropertyEditors/RichTextPropertyEditor.cs b/src/Umbraco.Infrastructure/PropertyEditors/RichTextPropertyEditor.cs
index 1f05da3bde..8eeb935c12 100644
--- a/src/Umbraco.Infrastructure/PropertyEditors/RichTextPropertyEditor.cs
+++ b/src/Umbraco.Infrastructure/PropertyEditors/RichTextPropertyEditor.cs
@@ -81,6 +81,7 @@ namespace Umbraco.Cms.Core.PropertyEditors
             private readonly HtmlLocalLinkParser _localLinkParser;
             private readonly RichTextEditorPastedImages _pastedImages;
             private readonly IImageUrlGenerator _imageUrlGenerator;
+            private readonly IHtmlSanitizer _htmlSanitizer;
 
             public RichTextPropertyValueEditor(
                 DataEditorAttribute attribute,
@@ -92,7 +93,8 @@ namespace Umbraco.Cms.Core.PropertyEditors
                 RichTextEditorPastedImages pastedImages,
                 IImageUrlGenerator imageUrlGenerator,
                 IJsonSerializer jsonSerializer,
-                IIOHelper ioHelper)
+                IIOHelper ioHelper,
+                IHtmlSanitizer htmlSanitizer)
                 : base(localizedTextService, shortStringHelper, jsonSerializer, ioHelper, attribute)
             {
                 _backOfficeSecurityAccessor = backOfficeSecurityAccessor;
@@ -100,6 +102,7 @@ namespace Umbraco.Cms.Core.PropertyEditors
                 _localLinkParser = localLinkParser;
                 _pastedImages = pastedImages;
                 _imageUrlGenerator = imageUrlGenerator;
+                _htmlSanitizer = htmlSanitizer;
             }
 
             /// <inheritdoc />
@@ -156,8 +159,9 @@ namespace Umbraco.Cms.Core.PropertyEditors
                 var parseAndSavedTempImages = _pastedImages.FindAndPersistPastedTempImages(editorValue.Value.ToString(), mediaParentId, userId, _imageUrlGenerator);
                 var editorValueWithMediaUrlsRemoved = _imageSourceParser.RemoveImageSources(parseAndSavedTempImages);
                 var parsed = MacroTagParser.FormatRichTextContentForPersistence(editorValueWithMediaUrlsRemoved);
+                var sanitized = _htmlSanitizer.Sanitize(parsed);
 
-                return parsed.NullOrWhiteSpaceAsNull();
+                return sanitized.NullOrWhiteSpaceAsNull();
             }
 
             /// <summary>

From ca56e0971f41314c416f1f55e89ae6dba553abfd Mon Sep 17 00:00:00 2001
From: Ronald Barendse <ronald@barend.se>
Date: Tue, 25 Jan 2022 06:38:20 +0100
Subject: [PATCH 29/81] Add IsRestarting property to Umbraco application
 notifications (#11883)

* Add IsRestarting property to Umbraco application notifications

* Add IUmbracoApplicationLifetimeNotification and update constructors

* Only subscribe to events on initial startup

* Cleanup CoreRuntime

* Do not reset StaticApplicationLogging instance after stopping/during restart
---
 ...IUmbracoApplicationLifetimeNotification.cs |  17 +++
 .../UmbracoApplicationStartedNotification.cs  |  15 ++-
 .../UmbracoApplicationStartingNotification.cs |  27 ++++-
 .../UmbracoApplicationStoppedNotification.cs  |  15 ++-
 .../UmbracoApplicationStoppingNotification.cs |  27 ++++-
 .../Runtime/CoreRuntime.cs                    | 106 +++++++++---------
 6 files changed, 139 insertions(+), 68 deletions(-)
 create mode 100644 src/Umbraco.Core/Notifications/IUmbracoApplicationLifetimeNotification.cs

diff --git a/src/Umbraco.Core/Notifications/IUmbracoApplicationLifetimeNotification.cs b/src/Umbraco.Core/Notifications/IUmbracoApplicationLifetimeNotification.cs
new file mode 100644
index 0000000000..4b0ea6826a
--- /dev/null
+++ b/src/Umbraco.Core/Notifications/IUmbracoApplicationLifetimeNotification.cs
@@ -0,0 +1,17 @@
+namespace Umbraco.Cms.Core.Notifications
+{
+    /// <summary>
+    /// Represents an Umbraco application lifetime (starting, started, stopping, stopped) notification.
+    /// </summary>
+    /// <seealso cref="Umbraco.Cms.Core.Notifications.INotification" />
+    public interface IUmbracoApplicationLifetimeNotification : INotification
+    {
+        /// <summary>
+        /// Gets a value indicating whether Umbraco is restarting (e.g. after an install or upgrade).
+        /// </summary>
+        /// <value>
+        ///   <c>true</c> if Umbraco is restarting; otherwise, <c>false</c>.
+        /// </value>
+        bool IsRestarting { get; }
+    }
+}
diff --git a/src/Umbraco.Core/Notifications/UmbracoApplicationStartedNotification.cs b/src/Umbraco.Core/Notifications/UmbracoApplicationStartedNotification.cs
index a3d38720d7..196af7dfe1 100644
--- a/src/Umbraco.Core/Notifications/UmbracoApplicationStartedNotification.cs
+++ b/src/Umbraco.Core/Notifications/UmbracoApplicationStartedNotification.cs
@@ -3,7 +3,16 @@ namespace Umbraco.Cms.Core.Notifications
     /// <summary>
     /// Notification that occurs when Umbraco has completely booted up and the request processing pipeline is configured.
     /// </summary>
-    /// <seealso cref="Umbraco.Cms.Core.Notifications.INotification" />
-    public class UmbracoApplicationStartedNotification : INotification
-    { }
+    /// <seealso cref="Umbraco.Cms.Core.Notifications.IUmbracoApplicationLifetimeNotification" />
+    public class UmbracoApplicationStartedNotification : IUmbracoApplicationLifetimeNotification
+    {
+        /// <summary>
+        /// Initializes a new instance of the <see cref="UmbracoApplicationStartedNotification" /> class.
+        /// </summary>
+        /// <param name="isRestarting">Indicates whether Umbraco is restarting.</param>
+        public UmbracoApplicationStartedNotification(bool isRestarting) => IsRestarting = isRestarting;
+
+        /// <inheritdoc />
+        public bool IsRestarting { get; }
+    }
 }
diff --git a/src/Umbraco.Core/Notifications/UmbracoApplicationStartingNotification.cs b/src/Umbraco.Core/Notifications/UmbracoApplicationStartingNotification.cs
index dd60f9431c..82b87aa3bf 100644
--- a/src/Umbraco.Core/Notifications/UmbracoApplicationStartingNotification.cs
+++ b/src/Umbraco.Core/Notifications/UmbracoApplicationStartingNotification.cs
@@ -1,16 +1,34 @@
+using System;
+
 namespace Umbraco.Cms.Core.Notifications
 {
     /// <summary>
     /// Notification that occurs at the very end of the Umbraco boot process (after all <see cref="IComponent" />s are initialized).
     /// </summary>
-    /// <seealso cref="Umbraco.Cms.Core.Notifications.INotification" />
-    public class UmbracoApplicationStartingNotification : INotification
+    /// <seealso cref="Umbraco.Cms.Core.Notifications.IUmbracoApplicationLifetimeNotification" />
+    public class UmbracoApplicationStartingNotification : IUmbracoApplicationLifetimeNotification
     {
         /// <summary>
         /// Initializes a new instance of the <see cref="UmbracoApplicationStartingNotification" /> class.
         /// </summary>
         /// <param name="runtimeLevel">The runtime level</param>
-        public UmbracoApplicationStartingNotification(RuntimeLevel runtimeLevel) => RuntimeLevel = runtimeLevel;
+        [Obsolete("Use ctor with all params")]
+        public UmbracoApplicationStartingNotification(RuntimeLevel runtimeLevel)
+            : this(runtimeLevel, false)
+        {
+            // TODO: Remove this constructor in V10
+        }
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="UmbracoApplicationStartingNotification" /> class.
+        /// </summary>
+        /// <param name="runtimeLevel">The runtime level</param>
+        /// <param name="isRestarting">Indicates whether Umbraco is restarting.</param>
+        public UmbracoApplicationStartingNotification(RuntimeLevel runtimeLevel, bool isRestarting)
+        {
+            RuntimeLevel = runtimeLevel;
+            IsRestarting = isRestarting;
+        }
 
         /// <summary>
         /// Gets the runtime level.
@@ -19,5 +37,8 @@ namespace Umbraco.Cms.Core.Notifications
         /// The runtime level.
         /// </value>
         public RuntimeLevel RuntimeLevel { get; }
+
+        /// <inheritdoc />
+        public bool IsRestarting { get; }
     }
 }
diff --git a/src/Umbraco.Core/Notifications/UmbracoApplicationStoppedNotification.cs b/src/Umbraco.Core/Notifications/UmbracoApplicationStoppedNotification.cs
index be4c6ccfd4..c6dac40a26 100644
--- a/src/Umbraco.Core/Notifications/UmbracoApplicationStoppedNotification.cs
+++ b/src/Umbraco.Core/Notifications/UmbracoApplicationStoppedNotification.cs
@@ -3,7 +3,16 @@ namespace Umbraco.Cms.Core.Notifications
     /// <summary>
     /// Notification that occurs when Umbraco has completely shutdown.
     /// </summary>
-    /// <seealso cref="Umbraco.Cms.Core.Notifications.INotification" />
-    public class UmbracoApplicationStoppedNotification : INotification
-    { }
+    /// <seealso cref="Umbraco.Cms.Core.Notifications.IUmbracoApplicationLifetimeNotification" />
+    public class UmbracoApplicationStoppedNotification : IUmbracoApplicationLifetimeNotification
+    {
+        /// <summary>
+        /// Initializes a new instance of the <see cref="UmbracoApplicationStoppedNotification" /> class.
+        /// </summary>
+        /// <param name="isRestarting">Indicates whether Umbraco is restarting.</param>
+        public UmbracoApplicationStoppedNotification(bool isRestarting) => IsRestarting = isRestarting;
+
+        /// <inheritdoc />
+        public bool IsRestarting { get; }
+    }
 }
diff --git a/src/Umbraco.Core/Notifications/UmbracoApplicationStoppingNotification.cs b/src/Umbraco.Core/Notifications/UmbracoApplicationStoppingNotification.cs
index 6d5234bbcc..062ca954d9 100644
--- a/src/Umbraco.Core/Notifications/UmbracoApplicationStoppingNotification.cs
+++ b/src/Umbraco.Core/Notifications/UmbracoApplicationStoppingNotification.cs
@@ -1,9 +1,30 @@
+using System;
+
 namespace Umbraco.Cms.Core.Notifications
 {
     /// <summary>
     /// Notification that occurs when Umbraco is shutting down (after all <see cref="IComponent" />s are terminated).
     /// </summary>
-    /// <seealso cref="Umbraco.Cms.Core.Notifications.INotification" />
-    public class UmbracoApplicationStoppingNotification : INotification
-    { }
+    /// <seealso cref="Umbraco.Cms.Core.Notifications.IUmbracoApplicationLifetimeNotification" />
+    public class UmbracoApplicationStoppingNotification : IUmbracoApplicationLifetimeNotification
+    {
+        /// <summary>
+        /// Initializes a new instance of the <see cref="UmbracoApplicationStoppingNotification" /> class.
+        /// </summary>
+        [Obsolete("Use ctor with all params")]
+        public UmbracoApplicationStoppingNotification()
+            : this(false)
+        {
+            // TODO: Remove this constructor in V10
+        }
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="UmbracoApplicationStoppingNotification" /> class.
+        /// </summary>
+        /// <param name="isRestarting">Indicates whether Umbraco is restarting.</param>
+        public UmbracoApplicationStoppingNotification(bool isRestarting) => IsRestarting = isRestarting;
+
+        /// <inheritdoc />
+        public bool IsRestarting { get; }
+    }
 }
diff --git a/src/Umbraco.Infrastructure/Runtime/CoreRuntime.cs b/src/Umbraco.Infrastructure/Runtime/CoreRuntime.cs
index 5dbe78c2f5..851d67e713 100644
--- a/src/Umbraco.Infrastructure/Runtime/CoreRuntime.cs
+++ b/src/Umbraco.Infrastructure/Runtime/CoreRuntime.cs
@@ -134,60 +134,48 @@ namespace Umbraco.Cms.Infrastructure.Runtime
         public IRuntimeState State { get; }
 
         /// <inheritdoc/>
-        public async Task RestartAsync()
-        {
-            await StopAsync(_cancellationToken);
-            await _eventAggregator.PublishAsync(new UmbracoApplicationStoppedNotification(), _cancellationToken);
-            await StartAsync(_cancellationToken);
-            await _eventAggregator.PublishAsync(new UmbracoApplicationStartedNotification(), _cancellationToken);
-        }
+        public async Task StartAsync(CancellationToken cancellationToken) => await StartAsync(cancellationToken, false);
 
         /// <inheritdoc/>
-        public async Task StartAsync(CancellationToken cancellationToken)
+        public async Task StopAsync(CancellationToken cancellationToken) => await StopAsync(cancellationToken, false);
+
+        /// <inheritdoc/>
+        public async Task RestartAsync()
+        {
+            await StopAsync(_cancellationToken, true);
+            await _eventAggregator.PublishAsync(new UmbracoApplicationStoppedNotification(true), _cancellationToken);
+            await StartAsync(_cancellationToken, true);
+            await _eventAggregator.PublishAsync(new UmbracoApplicationStartedNotification(true), _cancellationToken);
+        }
+
+        private async Task StartAsync(CancellationToken cancellationToken, bool isRestarting)
         {
             // Store token, so we can re-use this during restart
             _cancellationToken = cancellationToken;
 
-            StaticApplicationLogging.Initialize(_loggerFactory);
-            StaticServiceProvider.Instance = _serviceProvider;
-
-            AppDomain.CurrentDomain.UnhandledException += (_, args) =>
+            if (isRestarting == false)
             {
-                var exception = (Exception)args.ExceptionObject;
-                var isTerminating = args.IsTerminating; // always true?
+                StaticApplicationLogging.Initialize(_loggerFactory);
+                StaticServiceProvider.Instance = _serviceProvider;
 
-                var msg = "Unhandled exception in AppDomain";
-
-                if (isTerminating)
-                {
-                    msg += " (terminating)";
-                }
-
-                msg += ".";
-
-                _logger.LogError(exception, msg);
-            };
-
-            // Add application started and stopped notifications (only on initial startup, not restarts)
-            if (_hostApplicationLifetime.ApplicationStarted.IsCancellationRequested == false)
-            {
-                _hostApplicationLifetime.ApplicationStarted.Register(() => _eventAggregator.Publish(new UmbracoApplicationStartedNotification()));
-                _hostApplicationLifetime.ApplicationStopped.Register(() => _eventAggregator.Publish(new UmbracoApplicationStoppedNotification()));
+                AppDomain.CurrentDomain.UnhandledException += (_, args)
+                    => _logger.LogError(args.ExceptionObject as Exception, $"Unhandled exception in AppDomain{(args.IsTerminating ? " (terminating)" : null)}.");
             }
 
-            // acquire the main domain - if this fails then anything that should be registered with MainDom will not operate
+            // Acquire the main domain - if this fails then anything that should be registered with MainDom will not operate
             AcquireMainDom();
 
             // TODO (V10): Remove this obsoleted notification publish.
             await _eventAggregator.PublishAsync(new UmbracoApplicationMainDomAcquiredNotification(), cancellationToken);
 
-            // notify for unattended install
+            // Notify for unattended install
             await _eventAggregator.PublishAsync(new RuntimeUnattendedInstallNotification(), cancellationToken);
             DetermineRuntimeLevel();
 
             if (!State.UmbracoCanBoot())
             {
-                return; // The exception will be rethrown by BootFailedMiddelware
+                // We cannot continue here, the exception will be rethrown by BootFailedMiddelware
+                return;
             }
 
             IApplicationShutdownRegistry hostingEnvironmentLifetime = _applicationShutdownRegistry;
@@ -196,7 +184,7 @@ namespace Umbraco.Cms.Infrastructure.Runtime
                 throw new InvalidOperationException($"An instance of {typeof(IApplicationShutdownRegistry)} could not be resolved from the container, ensure that one if registered in your runtime before calling {nameof(IRuntime)}.{nameof(StartAsync)}");
             }
 
-            // if level is Run and reason is UpgradeMigrations, that means we need to perform an unattended upgrade
+            // If level is Run and reason is UpgradeMigrations, that means we need to perform an unattended upgrade
             var unattendedUpgradeNotification = new RuntimeUnattendedUpgradeNotification();
             await _eventAggregator.PublishAsync(unattendedUpgradeNotification, cancellationToken);
             switch (unattendedUpgradeNotification.UnattendedUpgradeResult)
@@ -207,54 +195,59 @@ namespace Umbraco.Cms.Infrastructure.Runtime
                         throw new InvalidOperationException($"Unattended upgrade result was {RuntimeUnattendedUpgradeNotification.UpgradeResult.HasErrors} but no {nameof(BootFailedException)} was registered");
                     }
 
-                    // we cannot continue here, the exception will be rethrown by BootFailedMiddelware
+                    // We cannot continue here, the exception will be rethrown by BootFailedMiddelware
                     return;
                 case RuntimeUnattendedUpgradeNotification.UpgradeResult.CoreUpgradeComplete:
                 case RuntimeUnattendedUpgradeNotification.UpgradeResult.PackageMigrationComplete:
-                    // upgrade is done, set reason to Run
+                    // Upgrade is done, set reason to Run
                     DetermineRuntimeLevel();
                     break;
                 case RuntimeUnattendedUpgradeNotification.UpgradeResult.NotRequired:
                     break;
             }
 
-            // TODO (V10): Remove this obsoleted notification publish.
+            // TODO (V10): Remove this obsoleted notification publish
             await _eventAggregator.PublishAsync(new UmbracoApplicationComponentsInstallingNotification(State.Level), cancellationToken);
 
-            // create & initialize the components
+            // Initialize the components
             _components.Initialize();
 
-            await _eventAggregator.PublishAsync(new UmbracoApplicationStartingNotification(State.Level), cancellationToken);
+            await _eventAggregator.PublishAsync(new UmbracoApplicationStartingNotification(State.Level, isRestarting), cancellationToken);
+
+            if (isRestarting == false)
+            {
+                // Add application started and stopped notifications last (to ensure they're always published after starting)
+                _hostApplicationLifetime.ApplicationStarted.Register(() => _eventAggregator.Publish(new UmbracoApplicationStartedNotification(false)));
+                _hostApplicationLifetime.ApplicationStopped.Register(() => _eventAggregator.Publish(new UmbracoApplicationStoppedNotification(false)));
+            }
         }
 
-        public async Task StopAsync(CancellationToken cancellationToken)
+        private async Task StopAsync(CancellationToken cancellationToken, bool isRestarting)
         {
             _components.Terminate();
-            await _eventAggregator.PublishAsync(new UmbracoApplicationStoppingNotification(), cancellationToken);
-            StaticApplicationLogging.Initialize(null);
+            await _eventAggregator.PublishAsync(new UmbracoApplicationStoppingNotification(isRestarting), cancellationToken);
         }
 
         private void AcquireMainDom()
         {
-            using (DisposableTimer timer = _profilingLogger.DebugDuration<CoreRuntime>("Acquiring MainDom.", "Acquired."))
+            using DisposableTimer timer = _profilingLogger.DebugDuration<CoreRuntime>("Acquiring MainDom.", "Acquired.");
+
+            try
             {
-                try
-                {
-                    _mainDom.Acquire(_applicationShutdownRegistry);
-                }
-                catch
-                {
-                    timer?.Fail();
-                    throw;
-                }
+                _mainDom.Acquire(_applicationShutdownRegistry);
+            }
+            catch
+            {
+                timer?.Fail();
+                throw;
             }
         }
 
         private void DetermineRuntimeLevel()
         {
-            if (State.BootFailedException != null)
+            if (State.BootFailedException is not null)
             {
-                // there's already been an exception so cannot boot and no need to check
+                // There's already been an exception, so cannot boot and no need to check
                 return;
             }
 
@@ -277,7 +270,8 @@ namespace Umbraco.Cms.Infrastructure.Runtime
                 State.Configure(RuntimeLevel.BootFailed, RuntimeLevelReason.BootFailedOnException);
                 timer?.Fail();
                 _logger.LogError(ex, "Boot Failed");
-                // We do not throw the exception. It will be rethrown by BootFailedMiddleware
+
+                // We do not throw the exception, it will be rethrown by BootFailedMiddleware
             }
         }
     }

From 76593aa7ca2b49add058efe2825d7183cf7d5d36 Mon Sep 17 00:00:00 2001
From: Ronald Barendse <ronald@barend.se>
Date: Tue, 25 Jan 2022 06:38:20 +0100
Subject: [PATCH 30/81] Add IsRestarting property to Umbraco application
 notifications (#11883)

* Add IsRestarting property to Umbraco application notifications

* Add IUmbracoApplicationLifetimeNotification and update constructors

* Only subscribe to events on initial startup

* Cleanup CoreRuntime

* Do not reset StaticApplicationLogging instance after stopping/during restart
---
 ...IUmbracoApplicationLifetimeNotification.cs |  17 +++
 .../UmbracoApplicationStartedNotification.cs  |  15 ++-
 .../UmbracoApplicationStartingNotification.cs |  27 ++++-
 .../UmbracoApplicationStoppedNotification.cs  |  15 ++-
 .../UmbracoApplicationStoppingNotification.cs |  27 ++++-
 .../Runtime/CoreRuntime.cs                    | 106 +++++++++---------
 6 files changed, 139 insertions(+), 68 deletions(-)
 create mode 100644 src/Umbraco.Core/Notifications/IUmbracoApplicationLifetimeNotification.cs

diff --git a/src/Umbraco.Core/Notifications/IUmbracoApplicationLifetimeNotification.cs b/src/Umbraco.Core/Notifications/IUmbracoApplicationLifetimeNotification.cs
new file mode 100644
index 0000000000..4b0ea6826a
--- /dev/null
+++ b/src/Umbraco.Core/Notifications/IUmbracoApplicationLifetimeNotification.cs
@@ -0,0 +1,17 @@
+namespace Umbraco.Cms.Core.Notifications
+{
+    /// <summary>
+    /// Represents an Umbraco application lifetime (starting, started, stopping, stopped) notification.
+    /// </summary>
+    /// <seealso cref="Umbraco.Cms.Core.Notifications.INotification" />
+    public interface IUmbracoApplicationLifetimeNotification : INotification
+    {
+        /// <summary>
+        /// Gets a value indicating whether Umbraco is restarting (e.g. after an install or upgrade).
+        /// </summary>
+        /// <value>
+        ///   <c>true</c> if Umbraco is restarting; otherwise, <c>false</c>.
+        /// </value>
+        bool IsRestarting { get; }
+    }
+}
diff --git a/src/Umbraco.Core/Notifications/UmbracoApplicationStartedNotification.cs b/src/Umbraco.Core/Notifications/UmbracoApplicationStartedNotification.cs
index a3d38720d7..196af7dfe1 100644
--- a/src/Umbraco.Core/Notifications/UmbracoApplicationStartedNotification.cs
+++ b/src/Umbraco.Core/Notifications/UmbracoApplicationStartedNotification.cs
@@ -3,7 +3,16 @@ namespace Umbraco.Cms.Core.Notifications
     /// <summary>
     /// Notification that occurs when Umbraco has completely booted up and the request processing pipeline is configured.
     /// </summary>
-    /// <seealso cref="Umbraco.Cms.Core.Notifications.INotification" />
-    public class UmbracoApplicationStartedNotification : INotification
-    { }
+    /// <seealso cref="Umbraco.Cms.Core.Notifications.IUmbracoApplicationLifetimeNotification" />
+    public class UmbracoApplicationStartedNotification : IUmbracoApplicationLifetimeNotification
+    {
+        /// <summary>
+        /// Initializes a new instance of the <see cref="UmbracoApplicationStartedNotification" /> class.
+        /// </summary>
+        /// <param name="isRestarting">Indicates whether Umbraco is restarting.</param>
+        public UmbracoApplicationStartedNotification(bool isRestarting) => IsRestarting = isRestarting;
+
+        /// <inheritdoc />
+        public bool IsRestarting { get; }
+    }
 }
diff --git a/src/Umbraco.Core/Notifications/UmbracoApplicationStartingNotification.cs b/src/Umbraco.Core/Notifications/UmbracoApplicationStartingNotification.cs
index dd60f9431c..82b87aa3bf 100644
--- a/src/Umbraco.Core/Notifications/UmbracoApplicationStartingNotification.cs
+++ b/src/Umbraco.Core/Notifications/UmbracoApplicationStartingNotification.cs
@@ -1,16 +1,34 @@
+using System;
+
 namespace Umbraco.Cms.Core.Notifications
 {
     /// <summary>
     /// Notification that occurs at the very end of the Umbraco boot process (after all <see cref="IComponent" />s are initialized).
     /// </summary>
-    /// <seealso cref="Umbraco.Cms.Core.Notifications.INotification" />
-    public class UmbracoApplicationStartingNotification : INotification
+    /// <seealso cref="Umbraco.Cms.Core.Notifications.IUmbracoApplicationLifetimeNotification" />
+    public class UmbracoApplicationStartingNotification : IUmbracoApplicationLifetimeNotification
     {
         /// <summary>
         /// Initializes a new instance of the <see cref="UmbracoApplicationStartingNotification" /> class.
         /// </summary>
         /// <param name="runtimeLevel">The runtime level</param>
-        public UmbracoApplicationStartingNotification(RuntimeLevel runtimeLevel) => RuntimeLevel = runtimeLevel;
+        [Obsolete("Use ctor with all params")]
+        public UmbracoApplicationStartingNotification(RuntimeLevel runtimeLevel)
+            : this(runtimeLevel, false)
+        {
+            // TODO: Remove this constructor in V10
+        }
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="UmbracoApplicationStartingNotification" /> class.
+        /// </summary>
+        /// <param name="runtimeLevel">The runtime level</param>
+        /// <param name="isRestarting">Indicates whether Umbraco is restarting.</param>
+        public UmbracoApplicationStartingNotification(RuntimeLevel runtimeLevel, bool isRestarting)
+        {
+            RuntimeLevel = runtimeLevel;
+            IsRestarting = isRestarting;
+        }
 
         /// <summary>
         /// Gets the runtime level.
@@ -19,5 +37,8 @@ namespace Umbraco.Cms.Core.Notifications
         /// The runtime level.
         /// </value>
         public RuntimeLevel RuntimeLevel { get; }
+
+        /// <inheritdoc />
+        public bool IsRestarting { get; }
     }
 }
diff --git a/src/Umbraco.Core/Notifications/UmbracoApplicationStoppedNotification.cs b/src/Umbraco.Core/Notifications/UmbracoApplicationStoppedNotification.cs
index be4c6ccfd4..c6dac40a26 100644
--- a/src/Umbraco.Core/Notifications/UmbracoApplicationStoppedNotification.cs
+++ b/src/Umbraco.Core/Notifications/UmbracoApplicationStoppedNotification.cs
@@ -3,7 +3,16 @@ namespace Umbraco.Cms.Core.Notifications
     /// <summary>
     /// Notification that occurs when Umbraco has completely shutdown.
     /// </summary>
-    /// <seealso cref="Umbraco.Cms.Core.Notifications.INotification" />
-    public class UmbracoApplicationStoppedNotification : INotification
-    { }
+    /// <seealso cref="Umbraco.Cms.Core.Notifications.IUmbracoApplicationLifetimeNotification" />
+    public class UmbracoApplicationStoppedNotification : IUmbracoApplicationLifetimeNotification
+    {
+        /// <summary>
+        /// Initializes a new instance of the <see cref="UmbracoApplicationStoppedNotification" /> class.
+        /// </summary>
+        /// <param name="isRestarting">Indicates whether Umbraco is restarting.</param>
+        public UmbracoApplicationStoppedNotification(bool isRestarting) => IsRestarting = isRestarting;
+
+        /// <inheritdoc />
+        public bool IsRestarting { get; }
+    }
 }
diff --git a/src/Umbraco.Core/Notifications/UmbracoApplicationStoppingNotification.cs b/src/Umbraco.Core/Notifications/UmbracoApplicationStoppingNotification.cs
index 6d5234bbcc..062ca954d9 100644
--- a/src/Umbraco.Core/Notifications/UmbracoApplicationStoppingNotification.cs
+++ b/src/Umbraco.Core/Notifications/UmbracoApplicationStoppingNotification.cs
@@ -1,9 +1,30 @@
+using System;
+
 namespace Umbraco.Cms.Core.Notifications
 {
     /// <summary>
     /// Notification that occurs when Umbraco is shutting down (after all <see cref="IComponent" />s are terminated).
     /// </summary>
-    /// <seealso cref="Umbraco.Cms.Core.Notifications.INotification" />
-    public class UmbracoApplicationStoppingNotification : INotification
-    { }
+    /// <seealso cref="Umbraco.Cms.Core.Notifications.IUmbracoApplicationLifetimeNotification" />
+    public class UmbracoApplicationStoppingNotification : IUmbracoApplicationLifetimeNotification
+    {
+        /// <summary>
+        /// Initializes a new instance of the <see cref="UmbracoApplicationStoppingNotification" /> class.
+        /// </summary>
+        [Obsolete("Use ctor with all params")]
+        public UmbracoApplicationStoppingNotification()
+            : this(false)
+        {
+            // TODO: Remove this constructor in V10
+        }
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="UmbracoApplicationStoppingNotification" /> class.
+        /// </summary>
+        /// <param name="isRestarting">Indicates whether Umbraco is restarting.</param>
+        public UmbracoApplicationStoppingNotification(bool isRestarting) => IsRestarting = isRestarting;
+
+        /// <inheritdoc />
+        public bool IsRestarting { get; }
+    }
 }
diff --git a/src/Umbraco.Infrastructure/Runtime/CoreRuntime.cs b/src/Umbraco.Infrastructure/Runtime/CoreRuntime.cs
index 5dbe78c2f5..851d67e713 100644
--- a/src/Umbraco.Infrastructure/Runtime/CoreRuntime.cs
+++ b/src/Umbraco.Infrastructure/Runtime/CoreRuntime.cs
@@ -134,60 +134,48 @@ namespace Umbraco.Cms.Infrastructure.Runtime
         public IRuntimeState State { get; }
 
         /// <inheritdoc/>
-        public async Task RestartAsync()
-        {
-            await StopAsync(_cancellationToken);
-            await _eventAggregator.PublishAsync(new UmbracoApplicationStoppedNotification(), _cancellationToken);
-            await StartAsync(_cancellationToken);
-            await _eventAggregator.PublishAsync(new UmbracoApplicationStartedNotification(), _cancellationToken);
-        }
+        public async Task StartAsync(CancellationToken cancellationToken) => await StartAsync(cancellationToken, false);
 
         /// <inheritdoc/>
-        public async Task StartAsync(CancellationToken cancellationToken)
+        public async Task StopAsync(CancellationToken cancellationToken) => await StopAsync(cancellationToken, false);
+
+        /// <inheritdoc/>
+        public async Task RestartAsync()
+        {
+            await StopAsync(_cancellationToken, true);
+            await _eventAggregator.PublishAsync(new UmbracoApplicationStoppedNotification(true), _cancellationToken);
+            await StartAsync(_cancellationToken, true);
+            await _eventAggregator.PublishAsync(new UmbracoApplicationStartedNotification(true), _cancellationToken);
+        }
+
+        private async Task StartAsync(CancellationToken cancellationToken, bool isRestarting)
         {
             // Store token, so we can re-use this during restart
             _cancellationToken = cancellationToken;
 
-            StaticApplicationLogging.Initialize(_loggerFactory);
-            StaticServiceProvider.Instance = _serviceProvider;
-
-            AppDomain.CurrentDomain.UnhandledException += (_, args) =>
+            if (isRestarting == false)
             {
-                var exception = (Exception)args.ExceptionObject;
-                var isTerminating = args.IsTerminating; // always true?
+                StaticApplicationLogging.Initialize(_loggerFactory);
+                StaticServiceProvider.Instance = _serviceProvider;
 
-                var msg = "Unhandled exception in AppDomain";
-
-                if (isTerminating)
-                {
-                    msg += " (terminating)";
-                }
-
-                msg += ".";
-
-                _logger.LogError(exception, msg);
-            };
-
-            // Add application started and stopped notifications (only on initial startup, not restarts)
-            if (_hostApplicationLifetime.ApplicationStarted.IsCancellationRequested == false)
-            {
-                _hostApplicationLifetime.ApplicationStarted.Register(() => _eventAggregator.Publish(new UmbracoApplicationStartedNotification()));
-                _hostApplicationLifetime.ApplicationStopped.Register(() => _eventAggregator.Publish(new UmbracoApplicationStoppedNotification()));
+                AppDomain.CurrentDomain.UnhandledException += (_, args)
+                    => _logger.LogError(args.ExceptionObject as Exception, $"Unhandled exception in AppDomain{(args.IsTerminating ? " (terminating)" : null)}.");
             }
 
-            // acquire the main domain - if this fails then anything that should be registered with MainDom will not operate
+            // Acquire the main domain - if this fails then anything that should be registered with MainDom will not operate
             AcquireMainDom();
 
             // TODO (V10): Remove this obsoleted notification publish.
             await _eventAggregator.PublishAsync(new UmbracoApplicationMainDomAcquiredNotification(), cancellationToken);
 
-            // notify for unattended install
+            // Notify for unattended install
             await _eventAggregator.PublishAsync(new RuntimeUnattendedInstallNotification(), cancellationToken);
             DetermineRuntimeLevel();
 
             if (!State.UmbracoCanBoot())
             {
-                return; // The exception will be rethrown by BootFailedMiddelware
+                // We cannot continue here, the exception will be rethrown by BootFailedMiddelware
+                return;
             }
 
             IApplicationShutdownRegistry hostingEnvironmentLifetime = _applicationShutdownRegistry;
@@ -196,7 +184,7 @@ namespace Umbraco.Cms.Infrastructure.Runtime
                 throw new InvalidOperationException($"An instance of {typeof(IApplicationShutdownRegistry)} could not be resolved from the container, ensure that one if registered in your runtime before calling {nameof(IRuntime)}.{nameof(StartAsync)}");
             }
 
-            // if level is Run and reason is UpgradeMigrations, that means we need to perform an unattended upgrade
+            // If level is Run and reason is UpgradeMigrations, that means we need to perform an unattended upgrade
             var unattendedUpgradeNotification = new RuntimeUnattendedUpgradeNotification();
             await _eventAggregator.PublishAsync(unattendedUpgradeNotification, cancellationToken);
             switch (unattendedUpgradeNotification.UnattendedUpgradeResult)
@@ -207,54 +195,59 @@ namespace Umbraco.Cms.Infrastructure.Runtime
                         throw new InvalidOperationException($"Unattended upgrade result was {RuntimeUnattendedUpgradeNotification.UpgradeResult.HasErrors} but no {nameof(BootFailedException)} was registered");
                     }
 
-                    // we cannot continue here, the exception will be rethrown by BootFailedMiddelware
+                    // We cannot continue here, the exception will be rethrown by BootFailedMiddelware
                     return;
                 case RuntimeUnattendedUpgradeNotification.UpgradeResult.CoreUpgradeComplete:
                 case RuntimeUnattendedUpgradeNotification.UpgradeResult.PackageMigrationComplete:
-                    // upgrade is done, set reason to Run
+                    // Upgrade is done, set reason to Run
                     DetermineRuntimeLevel();
                     break;
                 case RuntimeUnattendedUpgradeNotification.UpgradeResult.NotRequired:
                     break;
             }
 
-            // TODO (V10): Remove this obsoleted notification publish.
+            // TODO (V10): Remove this obsoleted notification publish
             await _eventAggregator.PublishAsync(new UmbracoApplicationComponentsInstallingNotification(State.Level), cancellationToken);
 
-            // create & initialize the components
+            // Initialize the components
             _components.Initialize();
 
-            await _eventAggregator.PublishAsync(new UmbracoApplicationStartingNotification(State.Level), cancellationToken);
+            await _eventAggregator.PublishAsync(new UmbracoApplicationStartingNotification(State.Level, isRestarting), cancellationToken);
+
+            if (isRestarting == false)
+            {
+                // Add application started and stopped notifications last (to ensure they're always published after starting)
+                _hostApplicationLifetime.ApplicationStarted.Register(() => _eventAggregator.Publish(new UmbracoApplicationStartedNotification(false)));
+                _hostApplicationLifetime.ApplicationStopped.Register(() => _eventAggregator.Publish(new UmbracoApplicationStoppedNotification(false)));
+            }
         }
 
-        public async Task StopAsync(CancellationToken cancellationToken)
+        private async Task StopAsync(CancellationToken cancellationToken, bool isRestarting)
         {
             _components.Terminate();
-            await _eventAggregator.PublishAsync(new UmbracoApplicationStoppingNotification(), cancellationToken);
-            StaticApplicationLogging.Initialize(null);
+            await _eventAggregator.PublishAsync(new UmbracoApplicationStoppingNotification(isRestarting), cancellationToken);
         }
 
         private void AcquireMainDom()
         {
-            using (DisposableTimer timer = _profilingLogger.DebugDuration<CoreRuntime>("Acquiring MainDom.", "Acquired."))
+            using DisposableTimer timer = _profilingLogger.DebugDuration<CoreRuntime>("Acquiring MainDom.", "Acquired.");
+
+            try
             {
-                try
-                {
-                    _mainDom.Acquire(_applicationShutdownRegistry);
-                }
-                catch
-                {
-                    timer?.Fail();
-                    throw;
-                }
+                _mainDom.Acquire(_applicationShutdownRegistry);
+            }
+            catch
+            {
+                timer?.Fail();
+                throw;
             }
         }
 
         private void DetermineRuntimeLevel()
         {
-            if (State.BootFailedException != null)
+            if (State.BootFailedException is not null)
             {
-                // there's already been an exception so cannot boot and no need to check
+                // There's already been an exception, so cannot boot and no need to check
                 return;
             }
 
@@ -277,7 +270,8 @@ namespace Umbraco.Cms.Infrastructure.Runtime
                 State.Configure(RuntimeLevel.BootFailed, RuntimeLevelReason.BootFailedOnException);
                 timer?.Fail();
                 _logger.LogError(ex, "Boot Failed");
-                // We do not throw the exception. It will be rethrown by BootFailedMiddleware
+
+                // We do not throw the exception, it will be rethrown by BootFailedMiddleware
             }
         }
     }

From d70a207d60b6f4eff8cf1b446f0a0cf4f70d03b5 Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Wed, 26 Jan 2022 07:51:25 +0100
Subject: [PATCH 31/81] V8: Add ability to implement your own HtmlSanitizer
 (#11897)

* Add IHtmlSanitizer

* Use IHtmlSanitizer in RTE value editor

* Add docstrings to IHtmlSanitizer

* Rename NoOp to Noop

To match the rest of the classes

* Fix tests
---
 .../CompositionExtensions/Services.cs         |  2 +
 src/Umbraco.Core/Security/IHtmlSanitizer.cs   | 12 +++++
 .../Security/NoopHtmlSanitizer.cs             | 10 ++++
 src/Umbraco.Core/Umbraco.Core.csproj          |  2 +
 .../PublishedContent/PublishedContentTests.cs |  3 +-
 .../PropertyEditors/GridPropertyEditor.cs     | 37 ++++++++++++--
 .../PropertyEditors/RichTextPropertyEditor.cs | 49 ++++++++++++++++---
 7 files changed, 103 insertions(+), 12 deletions(-)
 create mode 100644 src/Umbraco.Core/Security/IHtmlSanitizer.cs
 create mode 100644 src/Umbraco.Core/Security/NoopHtmlSanitizer.cs

diff --git a/src/Umbraco.Core/Composing/CompositionExtensions/Services.cs b/src/Umbraco.Core/Composing/CompositionExtensions/Services.cs
index e912f7281c..3c9dd9d701 100644
--- a/src/Umbraco.Core/Composing/CompositionExtensions/Services.cs
+++ b/src/Umbraco.Core/Composing/CompositionExtensions/Services.cs
@@ -6,6 +6,7 @@ using Umbraco.Core.Events;
 using Umbraco.Core.IO;
 using Umbraco.Core.Logging;
 using Umbraco.Core.Packaging;
+using Umbraco.Core.Security;
 using Umbraco.Core.Services;
 using Umbraco.Core.Services.Implement;
 using Umbraco.Core.Telemetry;
@@ -81,6 +82,7 @@ namespace Umbraco.Core.Composing.CompositionExtensions
                     new DirectoryInfo(IOHelper.GetRootDirectorySafe())));
 
             composition.RegisterUnique<ITelemetryService, TelemetryService>();
+            composition.RegisterUnique<IHtmlSanitizer, NoopHtmlSanitizer>();
 
             return composition;
         }
diff --git a/src/Umbraco.Core/Security/IHtmlSanitizer.cs b/src/Umbraco.Core/Security/IHtmlSanitizer.cs
new file mode 100644
index 0000000000..fa1e0b3ee5
--- /dev/null
+++ b/src/Umbraco.Core/Security/IHtmlSanitizer.cs
@@ -0,0 +1,12 @@
+namespace Umbraco.Core.Security
+{
+    public interface IHtmlSanitizer
+    {
+        /// <summary>
+        /// Sanitizes HTML
+        /// </summary>
+        /// <param name="html">HTML to be sanitized</param>
+        /// <returns>Sanitized HTML</returns>
+        string Sanitize(string html);
+    }
+}
diff --git a/src/Umbraco.Core/Security/NoopHtmlSanitizer.cs b/src/Umbraco.Core/Security/NoopHtmlSanitizer.cs
new file mode 100644
index 0000000000..2ea34d52ea
--- /dev/null
+++ b/src/Umbraco.Core/Security/NoopHtmlSanitizer.cs
@@ -0,0 +1,10 @@
+namespace Umbraco.Core.Security
+{
+    public class NoopHtmlSanitizer : IHtmlSanitizer
+    {
+        public string Sanitize(string html)
+        {
+            return html;
+        }
+    }
+}
diff --git a/src/Umbraco.Core/Umbraco.Core.csproj b/src/Umbraco.Core/Umbraco.Core.csproj
index 6729930174..e27c6eeceb 100755
--- a/src/Umbraco.Core/Umbraco.Core.csproj
+++ b/src/Umbraco.Core/Umbraco.Core.csproj
@@ -194,6 +194,8 @@
     <Compile Include="PropertyEditors\PropertyCacheCompression.cs" />
     <Compile Include="PropertyEditors\IPropertyCacheCompression.cs" />
     <Compile Include="PropertyEditors\UnPublishedContentPropertyCacheCompressionOptions.cs" />
+    <Compile Include="Security\IHtmlSanitizer.cs" />
+    <Compile Include="Security\NoopHtmlSanitizer.cs" />
     <Compile Include="Serialization\AutoInterningStringConverter.cs" />
     <Compile Include="Serialization\AutoInterningStringKeyCaseInsensitiveDictionaryConverter.cs" />
     <Compile Include="PropertyEditors\EyeDropperColorPickerConfiguration.cs" />
diff --git a/src/Umbraco.Tests/PublishedContent/PublishedContentTests.cs b/src/Umbraco.Tests/PublishedContent/PublishedContentTests.cs
index cafda161f4..9b8f5a05fd 100644
--- a/src/Umbraco.Tests/PublishedContent/PublishedContentTests.cs
+++ b/src/Umbraco.Tests/PublishedContent/PublishedContentTests.cs
@@ -16,6 +16,7 @@ using Umbraco.Core.Cache;
 using Umbraco.Core.Configuration;
 using Umbraco.Core.Logging;
 using Umbraco.Core.Models;
+using Umbraco.Core.Security;
 using Umbraco.Core.Services;
 using Umbraco.Tests.TestHelpers;
 using Umbraco.Tests.Testing;
@@ -54,7 +55,7 @@ namespace Umbraco.Tests.PublishedContent
             var dataTypeService = new TestObjects.TestDataTypeService(
                 new DataType(new VoidEditor(logger)) { Id = 1 },
                 new DataType(new TrueFalsePropertyEditor(logger)) { Id = 1001 },
-                new DataType(new RichTextPropertyEditor(logger, umbracoContextAccessor, imageSourceParser, linkParser, pastedImages, Mock.Of<IImageUrlGenerator>())) { Id = 1002 },
+                new DataType(new RichTextPropertyEditor(logger, umbracoContextAccessor, imageSourceParser, linkParser, pastedImages, Mock.Of<IImageUrlGenerator>(), Mock.Of<IHtmlSanitizer>())) { Id = 1002 },
                 new DataType(new IntegerPropertyEditor(logger)) { Id = 1003 },
                 new DataType(new TextboxPropertyEditor(logger)) { Id = 1004 },
                 new DataType(new MediaPickerPropertyEditor(logger)) { Id = 1005 });
diff --git a/src/Umbraco.Web/PropertyEditors/GridPropertyEditor.cs b/src/Umbraco.Web/PropertyEditors/GridPropertyEditor.cs
index 6f919868f7..5ed3051e07 100644
--- a/src/Umbraco.Web/PropertyEditors/GridPropertyEditor.cs
+++ b/src/Umbraco.Web/PropertyEditors/GridPropertyEditor.cs
@@ -8,6 +8,7 @@ using Umbraco.Core.Logging;
 using Umbraco.Core.Models;
 using Umbraco.Core.Models.Editors;
 using Umbraco.Core.PropertyEditors;
+using Umbraco.Core.Security;
 using Umbraco.Core.Services;
 using Umbraco.Web.Templates;
 
@@ -32,8 +33,9 @@ namespace Umbraco.Web.PropertyEditors
         private readonly RichTextEditorPastedImages _pastedImages;
         private readonly HtmlLocalLinkParser _localLinkParser;
         private readonly IImageUrlGenerator _imageUrlGenerator;
+        private readonly IHtmlSanitizer _htmlSanitizer;
 
-        [Obsolete("Use the constructor which takes an IImageUrlGenerator")]
+        [Obsolete("Use the constructor which takes an IHtmlSanitizer")]
         public GridPropertyEditor(ILogger logger,
             IUmbracoContextAccessor umbracoContextAccessor,
             HtmlImageSourceParser imageSourceParser,
@@ -43,12 +45,24 @@ namespace Umbraco.Web.PropertyEditors
         {
         }
 
+        [Obsolete("Use the constructor which takes an IHtmlSanitizer")]
         public GridPropertyEditor(ILogger logger,
             IUmbracoContextAccessor umbracoContextAccessor,
             HtmlImageSourceParser imageSourceParser,
             RichTextEditorPastedImages pastedImages,
             HtmlLocalLinkParser localLinkParser,
             IImageUrlGenerator imageUrlGenerator)
+            : this(logger, umbracoContextAccessor, imageSourceParser, pastedImages, localLinkParser, imageUrlGenerator, Current.Factory.GetInstance<IHtmlSanitizer>())
+        {
+        }
+
+        public GridPropertyEditor(ILogger logger,
+            IUmbracoContextAccessor umbracoContextAccessor,
+            HtmlImageSourceParser imageSourceParser,
+            RichTextEditorPastedImages pastedImages,
+            HtmlLocalLinkParser localLinkParser,
+            IImageUrlGenerator imageUrlGenerator,
+            IHtmlSanitizer htmlSanitizer)
             : base(logger)
         {
             _umbracoContextAccessor = umbracoContextAccessor;
@@ -56,6 +70,7 @@ namespace Umbraco.Web.PropertyEditors
             _pastedImages = pastedImages;
             _localLinkParser = localLinkParser;
             _imageUrlGenerator = imageUrlGenerator;
+            _htmlSanitizer = htmlSanitizer;
         }
 
         public override IPropertyIndexValueFactory PropertyIndexValueFactory => new GridPropertyIndexValueFactory();
@@ -64,7 +79,7 @@ namespace Umbraco.Web.PropertyEditors
         /// Overridden to ensure that the value is validated
         /// </summary>
         /// <returns></returns>
-        protected override IDataValueEditor CreateValueEditor() => new GridPropertyValueEditor(Attribute, _umbracoContextAccessor, _imageSourceParser, _pastedImages, _localLinkParser, _imageUrlGenerator);
+        protected override IDataValueEditor CreateValueEditor() => new GridPropertyValueEditor(Attribute, _umbracoContextAccessor, _imageSourceParser, _pastedImages, _localLinkParser, _imageUrlGenerator, _htmlSanitizer);
 
         protected override IConfigurationEditor CreateConfigurationEditor() => new GridConfigurationEditor();
 
@@ -77,7 +92,7 @@ namespace Umbraco.Web.PropertyEditors
             private readonly MediaPickerPropertyEditor.MediaPickerPropertyValueEditor _mediaPickerPropertyValueEditor;
             private readonly IImageUrlGenerator _imageUrlGenerator;
 
-            [Obsolete("Use the constructor which takes an IImageUrlGenerator")]
+            [Obsolete("Use the constructor which takes an IHtmlSanitizer")]
             public GridPropertyValueEditor(DataEditorAttribute attribute,
                 IUmbracoContextAccessor umbracoContextAccessor,
                 HtmlImageSourceParser imageSourceParser,
@@ -87,20 +102,32 @@ namespace Umbraco.Web.PropertyEditors
             {
             }
 
+            [Obsolete("Use the constructor which takes an IHtmlSanitizer")]
             public GridPropertyValueEditor(DataEditorAttribute attribute,
                 IUmbracoContextAccessor umbracoContextAccessor,
                 HtmlImageSourceParser imageSourceParser,
                 RichTextEditorPastedImages pastedImages,
                 HtmlLocalLinkParser localLinkParser,
                 IImageUrlGenerator imageUrlGenerator)
+                : this(attribute, umbracoContextAccessor, imageSourceParser, pastedImages, localLinkParser, imageUrlGenerator, Current.Factory.GetInstance<IHtmlSanitizer>())
+            {
+            }
+
+            public GridPropertyValueEditor(DataEditorAttribute attribute,
+                IUmbracoContextAccessor umbracoContextAccessor,
+                HtmlImageSourceParser imageSourceParser,
+                RichTextEditorPastedImages pastedImages,
+                HtmlLocalLinkParser localLinkParser,
+                IImageUrlGenerator imageUrlGenerator,
+                IHtmlSanitizer htmlSanitizer)
                 : base(attribute)
             {
                 _umbracoContextAccessor = umbracoContextAccessor;
                 _imageSourceParser = imageSourceParser;
                 _pastedImages = pastedImages;
-                _richTextPropertyValueEditor = new RichTextPropertyEditor.RichTextPropertyValueEditor(attribute, umbracoContextAccessor, imageSourceParser, localLinkParser, pastedImages, _imageUrlGenerator);
-                _mediaPickerPropertyValueEditor = new MediaPickerPropertyEditor.MediaPickerPropertyValueEditor(attribute);
                 _imageUrlGenerator = imageUrlGenerator;
+                _richTextPropertyValueEditor = new RichTextPropertyEditor.RichTextPropertyValueEditor(attribute, umbracoContextAccessor, imageSourceParser, localLinkParser, pastedImages, _imageUrlGenerator, htmlSanitizer);
+                _mediaPickerPropertyValueEditor = new MediaPickerPropertyEditor.MediaPickerPropertyValueEditor(attribute);
             }
 
             /// <summary>
diff --git a/src/Umbraco.Web/PropertyEditors/RichTextPropertyEditor.cs b/src/Umbraco.Web/PropertyEditors/RichTextPropertyEditor.cs
index 2d698835b0..4a6c0c09b6 100644
--- a/src/Umbraco.Web/PropertyEditors/RichTextPropertyEditor.cs
+++ b/src/Umbraco.Web/PropertyEditors/RichTextPropertyEditor.cs
@@ -7,6 +7,7 @@ using Umbraco.Core.Logging;
 using Umbraco.Core.Models;
 using Umbraco.Core.Models.Editors;
 using Umbraco.Core.PropertyEditors;
+using Umbraco.Core.Security;
 using Umbraco.Core.Services;
 using Umbraco.Examine;
 using Umbraco.Web.Macros;
@@ -32,21 +33,46 @@ namespace Umbraco.Web.PropertyEditors
         private readonly HtmlLocalLinkParser _localLinkParser;
         private readonly RichTextEditorPastedImages _pastedImages;
         private readonly IImageUrlGenerator _imageUrlGenerator;
+        private readonly IHtmlSanitizer _htmlSanitizer;
 
 
         /// <summary>
         /// The constructor will setup the property editor based on the attribute if one is found
         /// </summary>
-        [Obsolete("Use the constructor which takes an IImageUrlGenerator")]
-        public RichTextPropertyEditor(ILogger logger, IUmbracoContextAccessor umbracoContextAccessor, HtmlImageSourceParser imageSourceParser, HtmlLocalLinkParser localLinkParser, RichTextEditorPastedImages pastedImages)
+        [Obsolete("Use the constructor which takes an IHtmlSanitizer")]
+        public RichTextPropertyEditor(
+            ILogger logger,
+            IUmbracoContextAccessor umbracoContextAccessor,
+            HtmlImageSourceParser imageSourceParser,
+            HtmlLocalLinkParser localLinkParser,
+            RichTextEditorPastedImages pastedImages)
             : this(logger, umbracoContextAccessor, imageSourceParser, localLinkParser, pastedImages, Current.ImageUrlGenerator)
         {
         }
 
+        [Obsolete("Use the constructor which takes an IHtmlSanitizer")]
+        public RichTextPropertyEditor(
+            ILogger logger,
+            IUmbracoContextAccessor umbracoContextAccessor,
+            HtmlImageSourceParser imageSourceParser,
+            HtmlLocalLinkParser localLinkParser,
+            RichTextEditorPastedImages pastedImages,
+            IImageUrlGenerator imageUrlGenerator)
+            : this(logger, umbracoContextAccessor, imageSourceParser, localLinkParser, pastedImages, imageUrlGenerator, Current.Factory.GetInstance<IHtmlSanitizer>())
+        {
+        }
+
         /// <summary>
         /// The constructor will setup the property editor based on the attribute if one is found
         /// </summary>
-        public RichTextPropertyEditor(ILogger logger, IUmbracoContextAccessor umbracoContextAccessor, HtmlImageSourceParser imageSourceParser, HtmlLocalLinkParser localLinkParser, RichTextEditorPastedImages pastedImages, IImageUrlGenerator imageUrlGenerator)
+        public RichTextPropertyEditor(
+            ILogger logger,
+            IUmbracoContextAccessor umbracoContextAccessor,
+            HtmlImageSourceParser imageSourceParser,
+            HtmlLocalLinkParser localLinkParser,
+            RichTextEditorPastedImages pastedImages,
+            IImageUrlGenerator imageUrlGenerator,
+            IHtmlSanitizer htmlSanitizer)
             : base(logger)
         {
             _umbracoContextAccessor = umbracoContextAccessor;
@@ -54,13 +80,14 @@ namespace Umbraco.Web.PropertyEditors
             _localLinkParser = localLinkParser;
             _pastedImages = pastedImages;
             _imageUrlGenerator = imageUrlGenerator;
+            _htmlSanitizer = htmlSanitizer;
         }
 
         /// <summary>
         /// Create a custom value editor
         /// </summary>
         /// <returns></returns>
-        protected override IDataValueEditor CreateValueEditor() => new RichTextPropertyValueEditor(Attribute, _umbracoContextAccessor, _imageSourceParser, _localLinkParser, _pastedImages, _imageUrlGenerator);
+        protected override IDataValueEditor CreateValueEditor() => new RichTextPropertyValueEditor(Attribute, _umbracoContextAccessor, _imageSourceParser, _localLinkParser, _pastedImages, _imageUrlGenerator, _htmlSanitizer);
 
         protected override IConfigurationEditor CreateConfigurationEditor() => new RichTextConfigurationEditor();
 
@@ -76,8 +103,16 @@ namespace Umbraco.Web.PropertyEditors
             private readonly HtmlLocalLinkParser _localLinkParser;
             private readonly RichTextEditorPastedImages _pastedImages;
             private readonly IImageUrlGenerator _imageUrlGenerator;
+            private readonly IHtmlSanitizer _htmlSanitizer;
 
-            public RichTextPropertyValueEditor(DataEditorAttribute attribute, IUmbracoContextAccessor umbracoContextAccessor, HtmlImageSourceParser imageSourceParser, HtmlLocalLinkParser localLinkParser, RichTextEditorPastedImages pastedImages, IImageUrlGenerator imageUrlGenerator)
+            public RichTextPropertyValueEditor(
+                DataEditorAttribute attribute,
+                IUmbracoContextAccessor umbracoContextAccessor,
+                HtmlImageSourceParser imageSourceParser,
+                HtmlLocalLinkParser localLinkParser,
+                RichTextEditorPastedImages pastedImages,
+                IImageUrlGenerator imageUrlGenerator,
+                IHtmlSanitizer htmlSanitizer)
                 : base(attribute)
             {
                 _umbracoContextAccessor = umbracoContextAccessor;
@@ -85,6 +120,7 @@ namespace Umbraco.Web.PropertyEditors
                 _localLinkParser = localLinkParser;
                 _pastedImages = pastedImages;
                 _imageUrlGenerator = imageUrlGenerator;
+                _htmlSanitizer = htmlSanitizer;
             }
 
             /// <inheritdoc />
@@ -141,8 +177,9 @@ namespace Umbraco.Web.PropertyEditors
                 var parseAndSavedTempImages = _pastedImages.FindAndPersistPastedTempImages(editorValue.Value.ToString(), mediaParentId, userId, _imageUrlGenerator);
                 var editorValueWithMediaUrlsRemoved = _imageSourceParser.RemoveImageSources(parseAndSavedTempImages);
                 var parsed = MacroTagParser.FormatRichTextContentForPersistence(editorValueWithMediaUrlsRemoved);
+                var sanitized = _htmlSanitizer.Sanitize(parsed);
 
-                return parsed.NullOrWhiteSpaceAsNull();
+                return sanitized.NullOrWhiteSpaceAsNull();
             }
 
             /// <summary>

From 3ade2b6de32faa062a14f1a20a487e9d23c2966d Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Wed, 26 Jan 2022 08:43:43 +0100
Subject: [PATCH 32/81] Add RC to version

---
 build/templates/UmbracoPackage/.template.config/template.json | 2 +-
 build/templates/UmbracoProject/.template.config/template.json | 2 +-
 src/Directory.Build.props                                     | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/build/templates/UmbracoPackage/.template.config/template.json b/build/templates/UmbracoPackage/.template.config/template.json
index 32f0c924dd..1a4dd16fd7 100644
--- a/build/templates/UmbracoPackage/.template.config/template.json
+++ b/build/templates/UmbracoPackage/.template.config/template.json
@@ -24,7 +24,7 @@
         "version": {
             "type": "parameter",
             "datatype": "string",
-            "defaultValue": "9.3.0",
+            "defaultValue": "9.3.0-rc",
             "description": "The version of Umbraco to load using NuGet",
             "replaces": "UMBRACO_VERSION_FROM_TEMPLATE"
         },
diff --git a/build/templates/UmbracoProject/.template.config/template.json b/build/templates/UmbracoProject/.template.config/template.json
index b09050a2a4..fd41de8d1c 100644
--- a/build/templates/UmbracoProject/.template.config/template.json
+++ b/build/templates/UmbracoProject/.template.config/template.json
@@ -57,7 +57,7 @@
         "version": {
             "type": "parameter",
             "datatype": "string",
-            "defaultValue": "9.3.0",
+            "defaultValue": "9.3.0-rc",
             "description": "The version of Umbraco to load using NuGet",
             "replaces": "UMBRACO_VERSION_FROM_TEMPLATE"
         },
diff --git a/src/Directory.Build.props b/src/Directory.Build.props
index 55448806ef..995c8afebd 100644
--- a/src/Directory.Build.props
+++ b/src/Directory.Build.props
@@ -5,7 +5,7 @@
   <PropertyGroup>
     <Version>9.3.0</Version>
     <AssemblyVersion>9.3.0</AssemblyVersion>
-    <InformationalVersion>9.3.0</InformationalVersion>
+    <InformationalVersion>9.3.0-rc</InformationalVersion>
     <FileVersion>9.3.0</FileVersion>
     <LangVersion Condition="'$(LangVersion)' == ''">9.0</LangVersion>
     <NeutralLanguage>en-US</NeutralLanguage>

From 2ddb3e13e567a1b452ac0a4f11c37342a183514d Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Wed, 26 Jan 2022 10:05:01 +0100
Subject: [PATCH 33/81] Fix breaking changes

---
 src/JsonSchema/AppSettings.cs                          |  1 +
 .../Configuration/Models/ContentDashboardSettings.cs   |  3 ++-
 .../Configuration/Models/RequestHandlerSettings.cs     | 10 ++++++++++
 .../UmbracoBuilder.Configuration.cs                    |  1 +
 4 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/JsonSchema/AppSettings.cs b/src/JsonSchema/AppSettings.cs
index 048513a5da..62817bdec7 100644
--- a/src/JsonSchema/AppSettings.cs
+++ b/src/JsonSchema/AppSettings.cs
@@ -1,6 +1,7 @@
 // Copyright (c) Umbraco.
 // See LICENSE for more details.
 
+using Umbraco.Cms.Core.Configuration;
 using Umbraco.Cms.Core.Configuration.Models;
 using Umbraco.Deploy.Core.Configuration.DeployConfiguration;
 using Umbraco.Deploy.Core.Configuration.DeployProjectConfiguration;
diff --git a/src/Umbraco.Core/Configuration/Models/ContentDashboardSettings.cs b/src/Umbraco.Core/Configuration/Models/ContentDashboardSettings.cs
index 3f8546a1ad..768f7c2088 100644
--- a/src/Umbraco.Core/Configuration/Models/ContentDashboardSettings.cs
+++ b/src/Umbraco.Core/Configuration/Models/ContentDashboardSettings.cs
@@ -1,6 +1,7 @@
 using System.ComponentModel;
+using Umbraco.Cms.Core.Configuration.Models;
 
-namespace Umbraco.Cms.Core.Configuration.Models
+namespace Umbraco.Cms.Core.Configuration
 {
     /// <summary>
     /// Typed configuration options for content dashboard settings.
diff --git a/src/Umbraco.Core/Configuration/Models/RequestHandlerSettings.cs b/src/Umbraco.Core/Configuration/Models/RequestHandlerSettings.cs
index 051c31dc26..c820ea191b 100644
--- a/src/Umbraco.Core/Configuration/Models/RequestHandlerSettings.cs
+++ b/src/Umbraco.Core/Configuration/Models/RequestHandlerSettings.cs
@@ -85,5 +85,15 @@ namespace Umbraco.Cms.Core.Configuration.Models
         /// Add additional character replacements, or override defaults
         /// </summary>
         public IEnumerable<CharItem> UserDefinedCharCollection { get; set; }
+
+        [Obsolete("Use CharItem in the Umbraco.Cms.Core.Configuration.Models namespace instead.")]
+        public class CharItem : IChar
+        {
+            /// <inheritdoc/>
+            public string Char { get; set; }
+
+            /// <inheritdoc/>
+            public string Replacement { get; set; }
+        }
     }
 }
diff --git a/src/Umbraco.Core/DependencyInjection/UmbracoBuilder.Configuration.cs b/src/Umbraco.Core/DependencyInjection/UmbracoBuilder.Configuration.cs
index f0cbf7f95d..8baf34f9cb 100644
--- a/src/Umbraco.Core/DependencyInjection/UmbracoBuilder.Configuration.cs
+++ b/src/Umbraco.Core/DependencyInjection/UmbracoBuilder.Configuration.cs
@@ -4,6 +4,7 @@ using System.Reflection;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Options;
+using Umbraco.Cms.Core.Configuration;
 using Umbraco.Cms.Core.Configuration.Models;
 using Umbraco.Cms.Core.Configuration.Models.Validation;
 using Umbraco.Extensions;

From 72533d29c89f1ece658e230fd12484fb68f8474c Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Wed, 26 Jan 2022 10:20:12 +0100
Subject: [PATCH 34/81] Specify namespace for CharITem

---
 .../Configuration/Models/RequestHandlerSettings.cs          | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/Umbraco.Core/Configuration/Models/RequestHandlerSettings.cs b/src/Umbraco.Core/Configuration/Models/RequestHandlerSettings.cs
index c820ea191b..2bdcaef7f3 100644
--- a/src/Umbraco.Core/Configuration/Models/RequestHandlerSettings.cs
+++ b/src/Umbraco.Core/Configuration/Models/RequestHandlerSettings.cs
@@ -19,7 +19,7 @@ namespace Umbraco.Cms.Core.Configuration.Models
         internal const string StaticConvertUrlsToAscii = "try";
         internal const bool StaticEnableDefaultCharReplacements = true;
 
-        internal static readonly CharItem[] DefaultCharCollection =
+        internal static readonly Umbraco.Cms.Core.Configuration.Models.CharItem[] DefaultCharCollection =
         {
             new () { Char = " ", Replacement = "-" },
             new () { Char = "\"", Replacement = string.Empty },
@@ -84,9 +84,9 @@ namespace Umbraco.Cms.Core.Configuration.Models
         /// <summary>
         /// Add additional character replacements, or override defaults
         /// </summary>
-        public IEnumerable<CharItem> UserDefinedCharCollection { get; set; }
+        public IEnumerable<Umbraco.Cms.Core.Configuration.Models.CharItem> UserDefinedCharCollection { get; set; }
 
-        [Obsolete("Use CharItem in the Umbraco.Cms.Core.Configuration.Models namespace instead.")]
+        [Obsolete("Use CharItem in the Umbraco.Cms.Core.Configuration.Models namespace instead. Scheduled for removal in V10.")]
         public class CharItem : IChar
         {
             /// <inheritdoc/>

From 9dbe2d211c11fc69702dee3eb244af511cd9dc53 Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Wed, 26 Jan 2022 10:57:49 +0100
Subject: [PATCH 35/81] Add allowlist for HelpPage

---
 src/Umbraco.Core/ConfigsExtensions.cs      |  3 +++
 src/Umbraco.Core/Constants-AppSettings.cs  |  5 ++++
 src/Umbraco.Core/Help/HelpPageSettings.cs  | 12 ++++++++++
 src/Umbraco.Core/Help/IHelpPageSettings.cs | 10 ++++++++
 src/Umbraco.Core/Umbraco.Core.csproj       |  2 ++
 src/Umbraco.Web.UI/web.Template.config     |  1 +
 src/Umbraco.Web/Editors/HelpController.cs  | 28 ++++++++++++++++++++++
 7 files changed, 61 insertions(+)
 create mode 100644 src/Umbraco.Core/Help/HelpPageSettings.cs
 create mode 100644 src/Umbraco.Core/Help/IHelpPageSettings.cs

diff --git a/src/Umbraco.Core/ConfigsExtensions.cs b/src/Umbraco.Core/ConfigsExtensions.cs
index 25c69899c0..01247cc69e 100644
--- a/src/Umbraco.Core/ConfigsExtensions.cs
+++ b/src/Umbraco.Core/ConfigsExtensions.cs
@@ -5,6 +5,7 @@ using Umbraco.Core.Configuration.Grid;
 using Umbraco.Core.Configuration.HealthChecks;
 using Umbraco.Core.Configuration.UmbracoSettings;
 using Umbraco.Core.Dashboards;
+using Umbraco.Core.Help;
 using Umbraco.Core.IO;
 using Umbraco.Core.Logging;
 using Umbraco.Core.Manifest;
@@ -50,6 +51,8 @@ namespace Umbraco.Core
                 factory.GetInstance<IRuntimeState>().Debug));
 
             configs.Add<IContentDashboardSettings>(() => new ContentDashboardSettings());
+
+            configs.Add<IHelpPageSettings>(() => new HelpPageSettings());
         }
     }
 }
diff --git a/src/Umbraco.Core/Constants-AppSettings.cs b/src/Umbraco.Core/Constants-AppSettings.cs
index 4e5619813e..6a58675e91 100644
--- a/src/Umbraco.Core/Constants-AppSettings.cs
+++ b/src/Umbraco.Core/Constants-AppSettings.cs
@@ -125,6 +125,11 @@ namespace Umbraco.Core
             /// </summary>
             public const string ContentDashboardUrlAllowlist = "Umbraco.Core.ContentDashboardUrl-Allowlist";
 
+            /// <summary>
+            /// A list of allowed addresses to fetch content for the help page.
+            /// </summary>
+            public const string HelpPageUrlAllowList = "Umbraco.Core.HelpPage-Allowlist";
+
             /// <summary>
             /// TODO: FILL ME IN
             /// </summary>
diff --git a/src/Umbraco.Core/Help/HelpPageSettings.cs b/src/Umbraco.Core/Help/HelpPageSettings.cs
new file mode 100644
index 0000000000..d2a4a3a0f5
--- /dev/null
+++ b/src/Umbraco.Core/Help/HelpPageSettings.cs
@@ -0,0 +1,12 @@
+using System.Configuration;
+
+namespace Umbraco.Core.Help
+{
+    public class HelpPageSettings : IHelpPageSettings
+    {
+        public string HelpPageUrlAllowList =>
+            ConfigurationManager.AppSettings.ContainsKey(Constants.AppSettings.HelpPageUrlAllowList)
+                ? ConfigurationManager.AppSettings[Constants.AppSettings.HelpPageUrlAllowList]
+                : null;
+    }
+}
diff --git a/src/Umbraco.Core/Help/IHelpPageSettings.cs b/src/Umbraco.Core/Help/IHelpPageSettings.cs
new file mode 100644
index 0000000000..5643e47a30
--- /dev/null
+++ b/src/Umbraco.Core/Help/IHelpPageSettings.cs
@@ -0,0 +1,10 @@
+namespace Umbraco.Core.Help
+{
+    public interface IHelpPageSettings
+    {
+        /// <summary>
+        /// Gets the allowed addresses to retrieve data for the help page.
+        /// </summary>
+        string HelpPageUrlAllowList { get; }
+    }
+}
diff --git a/src/Umbraco.Core/Umbraco.Core.csproj b/src/Umbraco.Core/Umbraco.Core.csproj
index e27c6eeceb..35948ede91 100755
--- a/src/Umbraco.Core/Umbraco.Core.csproj
+++ b/src/Umbraco.Core/Umbraco.Core.csproj
@@ -137,6 +137,8 @@
     <Compile Include="Constants-Sql.cs" />
     <Compile Include="Constants-SqlTemplates.cs" />
     <Compile Include="Events\UnattendedInstallEventArgs.cs" />
+    <Compile Include="Help\HelpPageSettings.cs" />
+    <Compile Include="Help\IHelpPageSettings.cs" />
     <Compile Include="Logging\ILogger2.cs" />
     <Compile Include="Logging\Logger2Extensions.cs" />
     <Compile Include="Dashboards\ContentDashboardSettings.cs" />
diff --git a/src/Umbraco.Web.UI/web.Template.config b/src/Umbraco.Web.UI/web.Template.config
index e4e3e19bcb..32e624e400 100644
--- a/src/Umbraco.Web.UI/web.Template.config
+++ b/src/Umbraco.Web.UI/web.Template.config
@@ -39,6 +39,7 @@
         <add key="Umbraco.Core.UseHttps" value="false" />
         <add key="Umbraco.Core.AllowContentDashboardAccessToAllUsers" value="true"/>
         <add key="Umbraco.Core.ContentDashboardUrl-Allowlist" value=""/>
+        <add key="Umbraco.Core.HelpPage-Allowlist" value=""/>
 
         <add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
         <add key="webpages:Enabled" value="false" />
diff --git a/src/Umbraco.Web/Editors/HelpController.cs b/src/Umbraco.Web/Editors/HelpController.cs
index 39dbbc435c..77e1675f87 100644
--- a/src/Umbraco.Web/Editors/HelpController.cs
+++ b/src/Umbraco.Web/Editors/HelpController.cs
@@ -1,16 +1,33 @@
 using Newtonsoft.Json;
 using System.Collections.Generic;
+using System.Net;
 using System.Net.Http;
 using System.Runtime.Serialization;
 using System.Threading.Tasks;
+using System.Web.Http;
+using Umbraco.Core.Help;
+using Umbraco.Core.Logging;
 
 namespace Umbraco.Web.Editors
 {
     public class HelpController : UmbracoAuthorizedJsonController
     {
+        private readonly IHelpPageSettings _helpPageSettings;
+
+        public HelpController(IHelpPageSettings helpPageSettings)
+        {
+            _helpPageSettings = helpPageSettings;
+        }
+
         private static HttpClient _httpClient;
         public async Task<List<HelpPage>> GetContextHelpForPage(string section, string tree, string baseUrl = "https://our.umbraco.com")
         {
+            if (IsAllowedUrl(baseUrl) is false)
+            {
+                Logger.Error<HelpController>($"The following URL is not listed in the allowlist for HelpPage in web.config: {baseUrl}");
+                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "HelpPage source not permitted"));
+            }
+
             var url = string.Format(baseUrl + "/Umbraco/Documentation/Lessons/GetContextHelpDocs?sectionAlias={0}&treeAlias={1}", section, tree);
 
             try
@@ -33,6 +50,17 @@ namespace Umbraco.Web.Editors
 
             return new List<HelpPage>();
         }
+
+        private bool IsAllowedUrl(string url)
+        {
+            if (string.IsNullOrEmpty(_helpPageSettings.HelpPageUrlAllowList) ||
+                _helpPageSettings.HelpPageUrlAllowList.Contains(url))
+            {
+                return true;
+            }
+
+            return false;
+        }
     }
 
     [DataContract(Name = "HelpPage")]

From 2f17d766be1894340637a8f2f1a7ebaf7cab2638 Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Wed, 26 Jan 2022 10:57:49 +0100
Subject: [PATCH 36/81] Cherry pick Add allowlist for HelpPage

---
 src/Umbraco.Core/Help/HelpPageSettings.cs     | 12 ++++++++++
 src/Umbraco.Core/Help/IHelpPageSettings.cs    | 10 ++++++++
 .../Controllers/HelpController.cs             | 24 +++++++++++++++++--
 3 files changed, 44 insertions(+), 2 deletions(-)
 create mode 100644 src/Umbraco.Core/Help/HelpPageSettings.cs
 create mode 100644 src/Umbraco.Core/Help/IHelpPageSettings.cs

diff --git a/src/Umbraco.Core/Help/HelpPageSettings.cs b/src/Umbraco.Core/Help/HelpPageSettings.cs
new file mode 100644
index 0000000000..d2a4a3a0f5
--- /dev/null
+++ b/src/Umbraco.Core/Help/HelpPageSettings.cs
@@ -0,0 +1,12 @@
+using System.Configuration;
+
+namespace Umbraco.Core.Help
+{
+    public class HelpPageSettings : IHelpPageSettings
+    {
+        public string HelpPageUrlAllowList =>
+            ConfigurationManager.AppSettings.ContainsKey(Constants.AppSettings.HelpPageUrlAllowList)
+                ? ConfigurationManager.AppSettings[Constants.AppSettings.HelpPageUrlAllowList]
+                : null;
+    }
+}
diff --git a/src/Umbraco.Core/Help/IHelpPageSettings.cs b/src/Umbraco.Core/Help/IHelpPageSettings.cs
new file mode 100644
index 0000000000..5643e47a30
--- /dev/null
+++ b/src/Umbraco.Core/Help/IHelpPageSettings.cs
@@ -0,0 +1,10 @@
+namespace Umbraco.Core.Help
+{
+    public interface IHelpPageSettings
+    {
+        /// <summary>
+        /// Gets the allowed addresses to retrieve data for the help page.
+        /// </summary>
+        string HelpPageUrlAllowList { get; }
+    }
+}
diff --git a/src/Umbraco.Web.BackOffice/Controllers/HelpController.cs b/src/Umbraco.Web.BackOffice/Controllers/HelpController.cs
index 3bc45703fa..ecec8f864d 100644
--- a/src/Umbraco.Web.BackOffice/Controllers/HelpController.cs
+++ b/src/Umbraco.Web.BackOffice/Controllers/HelpController.cs
@@ -1,10 +1,11 @@
-using System.Collections.Generic;
+using System.Collections.Generic;
 using System.Net.Http;
 using System.Runtime.Serialization;
 using System.Threading.Tasks;
 using Microsoft.Extensions.Logging;
 using Newtonsoft.Json;
 using Umbraco.Cms.Web.Common.Attributes;
+using Umbraco.Core.Help;
 using Constants = Umbraco.Cms.Core.Constants;
 
 namespace Umbraco.Cms.Web.BackOffice.Controllers
@@ -13,8 +14,10 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
     public class HelpController : UmbracoAuthorizedJsonController
     {
         private readonly ILogger<HelpController> _logger;
+        private readonly IHelpPageSettings _helpPageSettings;
 
-        public HelpController(ILogger<HelpController> logger)
+        public HelpController(ILogger<HelpController> logger,
+            IHelpPageSettings helpPageSettings)
         {
             _logger = logger;
         }
@@ -22,6 +25,12 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
         private static HttpClient _httpClient;
         public async Task<List<HelpPage>> GetContextHelpForPage(string section, string tree, string baseUrl = "https://our.umbraco.com")
         {
+            if (IsAllowedUrl(baseUrl) is false)
+            {
+                Logger.Error<HelpController>($"The following URL is not listed in the allowlist for HelpPage in web.config: {baseUrl}");
+                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "HelpPage source not permitted"));
+            }
+
             var url = string.Format(baseUrl + "/Umbraco/Documentation/Lessons/GetContextHelpDocs?sectionAlias={0}&treeAlias={1}", section, tree);
 
             try
@@ -44,6 +53,17 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
 
             return new List<HelpPage>();
         }
+
+        private bool IsAllowedUrl(string url)
+        {
+            if (string.IsNullOrEmpty(_helpPageSettings.HelpPageUrlAllowList) ||
+                _helpPageSettings.HelpPageUrlAllowList.Contains(url))
+            {
+                return true;
+            }
+
+            return false;
+        }
     }
 
     [DataContract(Name = "HelpPage")]

From 3261a6f71dd519ab0c17b9df6a1a773e044f2a87 Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Wed, 26 Jan 2022 12:12:59 +0100
Subject: [PATCH 37/81] Fix up for V9

---
 src/JsonSchema/AppSettings.cs                 |  2 ++
 .../Configuration/Models/HelpPageSettings.cs  | 11 ++++++
 src/Umbraco.Core/Constants-Configuration.cs   |  1 +
 .../UmbracoBuilder.Configuration.cs           |  3 +-
 src/Umbraco.Core/Help/HelpPageSettings.cs     | 12 -------
 src/Umbraco.Core/Help/IHelpPageSettings.cs    | 10 ------
 .../Controllers/HelpController.cs             | 34 +++++++++++++++----
 7 files changed, 43 insertions(+), 30 deletions(-)
 create mode 100644 src/Umbraco.Core/Configuration/Models/HelpPageSettings.cs
 delete mode 100644 src/Umbraco.Core/Help/HelpPageSettings.cs
 delete mode 100644 src/Umbraco.Core/Help/IHelpPageSettings.cs

diff --git a/src/JsonSchema/AppSettings.cs b/src/JsonSchema/AppSettings.cs
index 62817bdec7..73c5ea18f5 100644
--- a/src/JsonSchema/AppSettings.cs
+++ b/src/JsonSchema/AppSettings.cs
@@ -89,6 +89,8 @@ namespace JsonSchema
                 public LegacyPasswordMigrationSettings LegacyPasswordMigration { get; set; }
 
                 public ContentDashboardSettings ContentDashboard { get; set; }
+
+                public HelpPageSettings HelpPage { get; set; }
             }
 
             /// <summary>
diff --git a/src/Umbraco.Core/Configuration/Models/HelpPageSettings.cs b/src/Umbraco.Core/Configuration/Models/HelpPageSettings.cs
new file mode 100644
index 0000000000..3bd518b37e
--- /dev/null
+++ b/src/Umbraco.Core/Configuration/Models/HelpPageSettings.cs
@@ -0,0 +1,11 @@
+namespace Umbraco.Cms.Core.Configuration.Models
+{
+    [UmbracoOptions(Constants.Configuration.ConfigHelpPage)]
+    public class HelpPageSettings
+    {
+        /// <summary>
+        /// Gets or sets the allowed addresses to retrieve data for the content dashboard.
+        /// </summary>
+        public string[] HelpPageUrlAllowList { get; set; }
+    }
+}
diff --git a/src/Umbraco.Core/Constants-Configuration.cs b/src/Umbraco.Core/Constants-Configuration.cs
index ab951618e3..bdbd13b2a4 100644
--- a/src/Umbraco.Core/Constants-Configuration.cs
+++ b/src/Umbraco.Core/Constants-Configuration.cs
@@ -55,6 +55,7 @@ namespace Umbraco.Cms.Core
             public const string ConfigRichTextEditor = ConfigPrefix + "RichTextEditor";
             public const string ConfigPackageMigration = ConfigPrefix + "PackageMigration";
             public const string ConfigContentDashboard = ConfigPrefix + "ContentDashboard";
+            public const string ConfigHelpPage = ConfigPrefix + "HelpPage";
         }
     }
 }
diff --git a/src/Umbraco.Core/DependencyInjection/UmbracoBuilder.Configuration.cs b/src/Umbraco.Core/DependencyInjection/UmbracoBuilder.Configuration.cs
index 8baf34f9cb..91e6f71415 100644
--- a/src/Umbraco.Core/DependencyInjection/UmbracoBuilder.Configuration.cs
+++ b/src/Umbraco.Core/DependencyInjection/UmbracoBuilder.Configuration.cs
@@ -87,7 +87,8 @@ namespace Umbraco.Cms.Core.DependencyInjection
                 .AddUmbracoOptions<RuntimeMinificationSettings>()
                 .AddUmbracoOptions<LegacyPasswordMigrationSettings>()
                 .AddUmbracoOptions<PackageMigrationSettings>()
-                .AddUmbracoOptions<ContentDashboardSettings>();
+                .AddUmbracoOptions<ContentDashboardSettings>()
+                .AddUmbracoOptions<HelpPageSettings>();
 
             builder.Services.Configure<RequestHandlerSettings>(options => options.MergeReplacements(builder.Config));
 
diff --git a/src/Umbraco.Core/Help/HelpPageSettings.cs b/src/Umbraco.Core/Help/HelpPageSettings.cs
deleted file mode 100644
index d2a4a3a0f5..0000000000
--- a/src/Umbraco.Core/Help/HelpPageSettings.cs
+++ /dev/null
@@ -1,12 +0,0 @@
-using System.Configuration;
-
-namespace Umbraco.Core.Help
-{
-    public class HelpPageSettings : IHelpPageSettings
-    {
-        public string HelpPageUrlAllowList =>
-            ConfigurationManager.AppSettings.ContainsKey(Constants.AppSettings.HelpPageUrlAllowList)
-                ? ConfigurationManager.AppSettings[Constants.AppSettings.HelpPageUrlAllowList]
-                : null;
-    }
-}
diff --git a/src/Umbraco.Core/Help/IHelpPageSettings.cs b/src/Umbraco.Core/Help/IHelpPageSettings.cs
deleted file mode 100644
index 5643e47a30..0000000000
--- a/src/Umbraco.Core/Help/IHelpPageSettings.cs
+++ /dev/null
@@ -1,10 +0,0 @@
-namespace Umbraco.Core.Help
-{
-    public interface IHelpPageSettings
-    {
-        /// <summary>
-        /// Gets the allowed addresses to retrieve data for the help page.
-        /// </summary>
-        string HelpPageUrlAllowList { get; }
-    }
-}
diff --git a/src/Umbraco.Web.BackOffice/Controllers/HelpController.cs b/src/Umbraco.Web.BackOffice/Controllers/HelpController.cs
index ecec8f864d..dd01f9621f 100644
--- a/src/Umbraco.Web.BackOffice/Controllers/HelpController.cs
+++ b/src/Umbraco.Web.BackOffice/Controllers/HelpController.cs
@@ -1,11 +1,17 @@
+using System;
 using System.Collections.Generic;
+using System.Linq;
+using System.Net;
 using System.Net.Http;
 using System.Runtime.Serialization;
 using System.Threading.Tasks;
+using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using Newtonsoft.Json;
+using Umbraco.Cms.Core.Configuration.Models;
 using Umbraco.Cms.Web.Common.Attributes;
-using Umbraco.Core.Help;
+using Umbraco.Cms.Web.Common.DependencyInjection;
 using Constants = Umbraco.Cms.Core.Constants;
 
 namespace Umbraco.Cms.Web.BackOffice.Controllers
@@ -14,21 +20,35 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
     public class HelpController : UmbracoAuthorizedJsonController
     {
         private readonly ILogger<HelpController> _logger;
-        private readonly IHelpPageSettings _helpPageSettings;
+        private readonly HelpPageSettings _helpPageSettings;
 
-        public HelpController(ILogger<HelpController> logger,
-            IHelpPageSettings helpPageSettings)
+        [Obsolete("Use constructor that takes IOptions<HelpPageSettings>")]
+        public HelpController(ILogger<HelpController> logger)
+            : this(logger, StaticServiceProvider.Instance.GetRequiredService<IOptions<HelpPageSettings>>())
+        {
+        }
+
+        [ActivatorUtilitiesConstructor]
+        public HelpController(
+            ILogger<HelpController> logger,
+            IOptions<HelpPageSettings> helpPageSettings)
         {
             _logger = logger;
+            _helpPageSettings = helpPageSettings.Value;
         }
 
         private static HttpClient _httpClient;
+
         public async Task<List<HelpPage>> GetContextHelpForPage(string section, string tree, string baseUrl = "https://our.umbraco.com")
         {
             if (IsAllowedUrl(baseUrl) is false)
             {
-                Logger.Error<HelpController>($"The following URL is not listed in the allowlist for HelpPage in web.config: {baseUrl}");
-                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "HelpPage source not permitted"));
+                _logger.LogError($"The following URL is not listed in the allowlist for HelpPage in web.config: {baseUrl}");
+                HttpContext.Response.StatusCode = (int)HttpStatusCode.BadRequest;
+
+                // Ideally we'd want to return a BadRequestResult here,
+                // however, since we're not returning ActionResult this is not possible and changing it would be a breaking change.
+                return new List<HelpPage>();
             }
 
             var url = string.Format(baseUrl + "/Umbraco/Documentation/Lessons/GetContextHelpDocs?sectionAlias={0}&treeAlias={1}", section, tree);
@@ -56,7 +76,7 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
 
         private bool IsAllowedUrl(string url)
         {
-            if (string.IsNullOrEmpty(_helpPageSettings.HelpPageUrlAllowList) ||
+            if (_helpPageSettings.HelpPageUrlAllowList is null ||
                 _helpPageSettings.HelpPageUrlAllowList.Contains(url))
             {
                 return true;

From 4d4aff4c67893ba9ae360cc0a88d3655bc319d6c Mon Sep 17 00:00:00 2001
From: Ronald Barendse <ronald@barend.se>
Date: Wed, 26 Jan 2022 12:22:05 +0100
Subject: [PATCH 38/81] Apply changes from #11805 and #11806 to v9 (#11904)

* Apply changes from #11805 and #11806 to v9

* Update documentation and cleanup code styling
---
 .../Models/PropertyTagsExtensions.cs          |   8 +-
 .../PropertyEditors/DataValueEditor.cs        | 157 ++++++++++--------
 .../PropertyEditors/GridPropertyEditor.cs     |   9 +-
 .../ImageCropperPropertyEditor.cs             |   7 +-
 .../ImageCropperPropertyValueEditor.cs        |  36 ++--
 .../MediaPicker3PropertyEditor.cs             |   7 +-
 .../MultiUrlPickerValueEditor.cs              |   6 +-
 .../MultipleTextStringPropertyEditor.cs       |   4 +-
 .../PropertyEditors/MultipleValueEditor.cs    |   3 +-
 .../NestedContentPropertyEditor.cs            |   6 +-
 .../PropertyEditors/RichTextPropertyEditor.cs |   4 +-
 .../PropertyEditors/TagsPropertyEditor.cs     |   2 +-
 .../ValueConverters/ImageCropperValue.cs      |  34 ++--
 .../Serialization/JsonNetSerializer.cs        |  21 +--
 .../Serialization/JsonToStringConverter.cs    |   3 +-
 .../BlockEditorComponentTests.cs              |   2 +-
 16 files changed, 159 insertions(+), 150 deletions(-)

diff --git a/src/Umbraco.Core/Models/PropertyTagsExtensions.cs b/src/Umbraco.Core/Models/PropertyTagsExtensions.cs
index 7168f99078..a9da454986 100644
--- a/src/Umbraco.Core/Models/PropertyTagsExtensions.cs
+++ b/src/Umbraco.Core/Models/PropertyTagsExtensions.cs
@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Linq;
 using Microsoft.Extensions.Logging;
@@ -75,8 +75,7 @@ namespace Umbraco.Extensions
                         var updatedTags = currentTags.Union(trimmedTags).ToArray();
                         var updatedValue = updatedTags.Length == 0 ? null : serializer.Serialize(updatedTags);
                         property.SetValue(updatedValue, culture); // json array
-                         break;
-                        property.SetValue(serializer.Serialize(currentTags.Union(trimmedTags).ToArray()), culture); // json array
+                        break;
                 }
             }
             else
@@ -88,7 +87,8 @@ namespace Umbraco.Extensions
                         break;
 
                     case TagsStorageType.Json:
-                        property.SetValue(serializer.Serialize(trimmedTags), culture); // json array
+                        var updatedValue = trimmedTags.Length == 0 ? null : serializer.Serialize(trimmedTags);
+                        property.SetValue(updatedValue, culture); // json array
                         break;
                 }
             }
diff --git a/src/Umbraco.Core/PropertyEditors/DataValueEditor.cs b/src/Umbraco.Core/PropertyEditors/DataValueEditor.cs
index 6d3e40067e..6f9e1b6611 100644
--- a/src/Umbraco.Core/PropertyEditors/DataValueEditor.cs
+++ b/src/Umbraco.Core/PropertyEditors/DataValueEditor.cs
@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
 using System.Globalization;
@@ -149,84 +149,90 @@ namespace Umbraco.Cms.Core.PropertyEditors
         public virtual bool IsReadOnly => false;
 
         /// <summary>
-        /// Used to try to convert the string value to the correct CLR type based on the DatabaseDataType specified for this value editor
+        /// Used to try to convert the string value to the correct CLR type based on the <see cref="ValueType" /> specified for this value editor.
         /// </summary>
-        /// <param name="value"></param>
-        /// <returns></returns>
+        /// <param name="value">The value.</param>
+        /// <returns>
+        /// The result of the conversion attempt.
+        /// </returns>
+        /// <exception cref="System.ArgumentOutOfRangeException">ValueType was out of range.</exception>
         internal Attempt<object> TryConvertValueToCrlType(object value)
         {
-            // if (value is JValue)
-            //     value = value.ToString();
-
-            //this is a custom check to avoid any errors, if it's a string and it's empty just make it null
+            // Ensure empty string values are converted to null
             if (value is string s && string.IsNullOrWhiteSpace(s))
+            {
                 value = null;
+            }
 
+            // Ensure JSON is serialized properly (without indentation or converted to null when empty)
+            if (value is not null && ValueType.InvariantEquals(ValueTypes.Json))
+            {
+                var jsonValue = _jsonSerializer.Serialize(value);
+
+                if (jsonValue.DetectIsEmptyJson())
+                {
+                    value = null;
+                }
+                else
+                {
+                    value = jsonValue;
+                }
+            }
+
+            // Convert the string to a known type
             Type valueType;
-            //convert the string to a known type
             switch (ValueTypes.ToStorageType(ValueType))
             {
                 case ValueStorageType.Ntext:
                 case ValueStorageType.Nvarchar:
                     valueType = typeof(string);
                     break;
-                case ValueStorageType.Integer:
-                    //ensure these are nullable so we can return a null if required
-                    //NOTE: This is allowing type of 'long' because I think json.net will deserialize a numerical value as long
-                    // instead of int. Even though our db will not support this (will get truncated), we'll at least parse to this.
 
+                case ValueStorageType.Integer:
+                    // Ensure these are nullable so we can return a null if required
+                    // NOTE: This is allowing type of 'long' because I think JSON.NEt will deserialize a numerical value as long instead of int
+                    // Even though our DB will not support this (will get truncated), we'll at least parse to this
                     valueType = typeof(long?);
 
-                    //if parsing is successful, we need to return as an Int, we're only dealing with long's here because of json.net, we actually
-                    //don't support long values and if we return a long value it will get set as a 'long' on the Property.Value (object) and then
-                    //when we compare the values for dirty tracking we'll be comparing an int -> long and they will not match.
+                    // If parsing is successful, we need to return as an int, we're only dealing with long's here because of JSON.NET,
+                    // we actually don't support long values and if we return a long value, it will get set as a 'long' on the Property.Value (object) and then
+                    // when we compare the values for dirty tracking we'll be comparing an int -> long and they will not match.
                     var result = value.TryConvertTo(valueType);
+
                     return result.Success && result.Result != null
                         ? Attempt<object>.Succeed((int)(long)result.Result)
                         : result;
 
                 case ValueStorageType.Decimal:
-                    //ensure these are nullable so we can return a null if required
+                    // Ensure these are nullable so we can return a null if required
                     valueType = typeof(decimal?);
                     break;
 
                 case ValueStorageType.Date:
-                    //ensure these are nullable so we can return a null if required
+                    // Ensure these are nullable so we can return a null if required
                     valueType = typeof(DateTime?);
                     break;
+
                 default:
-                    throw new ArgumentOutOfRangeException();
+                    throw new ArgumentOutOfRangeException("ValueType was out of range.");
             }
 
             return value.TryConvertTo(valueType);
         }
 
-        ///  <summary>
-        ///  A method to deserialize the string value that has been saved in the content editor
-        ///  to an object to be stored in the database.
-        ///  </summary>
-        ///  <param name="editorValue"></param>
-        ///  <param name="currentValue">
-        ///  The current value that has been persisted to the database for this editor. This value may be useful for
-        ///  how the value then get's deserialized again to be re-persisted. In most cases it will probably not be used.
-        ///  </param>
-        /// <param name="languageId"></param>
-        /// <param name="segment"></param>
-        /// <returns></returns>
-        ///  <remarks>
-        ///  By default this will attempt to automatically convert the string value to the value type supplied by ValueType.
-        ///
-        ///  If overridden then the object returned must match the type supplied in the ValueType, otherwise persisting the
-        ///  value to the DB will fail when it tries to validate the value type.
-        ///  </remarks>
+        /// <summary>
+        /// A method to deserialize the string value that has been saved in the content editor to an object to be stored in the database.
+        /// </summary>
+        /// <param name="editorValue">The value returned by the editor.</param>
+        /// <param name="currentValue">The current value that has been persisted to the database for this editor. This value may be useful for how the value then get's deserialized again to be re-persisted. In most cases it will probably not be used.</param>
+        /// <returns>The value that gets persisted to the database.</returns>
+        /// <remarks>
+        /// By default this will attempt to automatically convert the string value to the value type supplied by ValueType.
+        /// If overridden then the object returned must match the type supplied in the ValueType, otherwise persisting the
+        /// value to the DB will fail when it tries to validate the value type.
+        /// </remarks>
         public virtual object FromEditor(ContentPropertyData editorValue, object currentValue)
         {
-            //if it's json but it's empty json, then return null
-            if (ValueType.InvariantEquals(ValueTypes.Json) && editorValue.Value != null && editorValue.Value.ToString().DetectIsEmptyJson())
-            {
-                return null;
-            }
-
             var result = TryConvertValueToCrlType(editorValue.Value);
             if (result.Success == false)
             {
@@ -238,64 +244,71 @@ namespace Umbraco.Cms.Core.PropertyEditors
         }
 
         /// <summary>
-        /// A method used to format the database value to a value that can be used by the editor
+        /// A method used to format the database value to a value that can be used by the editor.
         /// </summary>
-        /// <param name="property"></param>
-        /// <param name="dataTypeService"></param>
-        /// <param name="culture"></param>
-        /// <param name="segment"></param>
+        /// <param name="property">The property.</param>
+        /// <param name="culture">The culture.</param>
+        /// <param name="segment">The segment.</param>
         /// <returns></returns>
+        /// <exception cref="System.ArgumentOutOfRangeException">ValueType was out of range.</exception>
         /// <remarks>
-        /// The object returned will automatically be serialized into json notation. For most property editors
-        /// the value returned is probably just a string but in some cases a json structure will be returned.
+        /// The object returned will automatically be serialized into JSON notation. For most property editors
+        /// the value returned is probably just a string, but in some cases a JSON structure will be returned.
         /// </remarks>
         public virtual object ToEditor(IProperty property, string culture = null, string segment = null)
         {
-            var val = property.GetValue(culture, segment);
-            if (val == null) return string.Empty;
+            var value = property.GetValue(culture, segment);
+            if (value == null)
+            {
+                return string.Empty;
+            }
 
             switch (ValueTypes.ToStorageType(ValueType))
             {
                 case ValueStorageType.Ntext:
                 case ValueStorageType.Nvarchar:
-                    //if it is a string type, we will attempt to see if it is json stored data, if it is we'll try to convert
-                    //to a real json object so we can pass the true json object directly to angular!
-                    var asString = val.ToString();
-                    if (asString.DetectIsJson())
+                    // If it is a string type, we will attempt to see if it is JSON stored data, if it is we'll try to convert
+                    // to a real JSON object so we can pass the true JSON object directly to Angular!
+                    var stringValue = value as string ?? value.ToString();
+                    if (stringValue.DetectIsJson())
                     {
                         try
                         {
-                            var json = _jsonSerializer.Deserialize<dynamic>(asString);
-                            return json;
+                            return _jsonSerializer.Deserialize<dynamic>(stringValue);
                         }
                         catch
                         {
-                            //swallow this exception, we thought it was json but it really isn't so continue returning a string
+                            // Swallow this exception, we thought it was JSON but it really isn't so continue returning a string
                         }
                     }
-                    return asString;
+
+                    return stringValue;
+
                 case ValueStorageType.Integer:
                 case ValueStorageType.Decimal:
-                    //Decimals need to be formatted with invariant culture (dots, not commas)
-                    //Anything else falls back to ToString()
-                    var decim = val.TryConvertTo<decimal>();
-                    return decim.Success
-                        ? decim.Result.ToString(NumberFormatInfo.InvariantInfo)
-                        : val.ToString();
+                    // Decimals need to be formatted with invariant culture (dots, not commas)
+                    // Anything else falls back to ToString()
+                    var decimalValue = value.TryConvertTo<decimal>();
+
+                    return decimalValue.Success
+                        ? decimalValue.Result.ToString(NumberFormatInfo.InvariantInfo)
+                        : value.ToString();
+
                 case ValueStorageType.Date:
-                    var date = val.TryConvertTo<DateTime?>();
-                    if (date.Success == false || date.Result == null)
+                    var dateValue = value.TryConvertTo<DateTime?>();
+                    if (dateValue.Success == false || dateValue.Result == null)
                     {
                         return string.Empty;
                     }
-                    //Dates will be formatted as yyyy-MM-dd HH:mm:ss
-                    return date.Result.Value.ToIsoString();
+
+                    // Dates will be formatted as yyyy-MM-dd HH:mm:ss
+                    return dateValue.Result.Value.ToIsoString();
+
                 default:
-                    throw new ArgumentOutOfRangeException();
+                    throw new ArgumentOutOfRangeException("ValueType was out of range.");
             }
         }
 
-
         // TODO: the methods below should be replaced by proper property value convert ToXPath usage!
 
         /// <summary>
diff --git a/src/Umbraco.Infrastructure/PropertyEditors/GridPropertyEditor.cs b/src/Umbraco.Infrastructure/PropertyEditors/GridPropertyEditor.cs
index 52a1e50fc4..f149757919 100644
--- a/src/Umbraco.Infrastructure/PropertyEditors/GridPropertyEditor.cs
+++ b/src/Umbraco.Infrastructure/PropertyEditors/GridPropertyEditor.cs
@@ -1,12 +1,10 @@
-// Copyright (c) Umbraco.
+// Copyright (c) Umbraco.
 // See LICENSE for more details.
 
 using System;
 using System.Collections.Generic;
 using System.Linq;
-using Microsoft.Extensions.Logging;
 using Newtonsoft.Json;
-using Umbraco.Cms.Core.Hosting;
 using Umbraco.Cms.Core.IO;
 using Umbraco.Cms.Core.Media;
 using Umbraco.Cms.Core.Models;
@@ -153,7 +151,8 @@ namespace Umbraco.Cms.Core.PropertyEditors
             public override object ToEditor(IProperty property, string culture = null, string segment = null)
             {
                 var val = property.GetValue(culture, segment)?.ToString();
-                if (val.IsNullOrWhiteSpace()) return string.Empty;
+                if (val.IsNullOrWhiteSpace())
+                    return string.Empty;
 
                 var grid = DeserializeGridValue(val, out var rtes, out _);
 
@@ -199,7 +198,7 @@ namespace Umbraco.Cms.Core.PropertyEditors
                     _richTextPropertyValueEditor.GetReferences(x.Value)))
                     yield return umbracoEntityReference;
 
-                foreach (var umbracoEntityReference in mediaValues.Where(x=>x.Value.HasValues)
+                foreach (var umbracoEntityReference in mediaValues.Where(x => x.Value.HasValues)
                     .SelectMany(x => _mediaPickerPropertyValueEditor.GetReferences(x.Value["udi"])))
                     yield return umbracoEntityReference;
             }
diff --git a/src/Umbraco.Infrastructure/PropertyEditors/ImageCropperPropertyEditor.cs b/src/Umbraco.Infrastructure/PropertyEditors/ImageCropperPropertyEditor.cs
index 8a38a85551..ed194038d9 100644
--- a/src/Umbraco.Infrastructure/PropertyEditors/ImageCropperPropertyEditor.cs
+++ b/src/Umbraco.Infrastructure/PropertyEditors/ImageCropperPropertyEditor.cs
@@ -208,6 +208,7 @@ namespace Umbraco.Cms.Core.PropertyEditors
                     {
                         continue;
                     }
+
                     var sourcePath = _mediaFileManager.FileSystem.GetRelativePath(src);
                     var copyPath = _mediaFileManager.CopyFile(notification.Copy, property.PropertyType, sourcePath);
                     jo["src"] = _mediaFileManager.FileSystem.GetUrl(copyPath);
@@ -273,10 +274,8 @@ namespace Umbraco.Cms.Core.PropertyEditors
                             // the property value will be the file source eg '/media/23454/hello.jpg' and we
                             // are fixing that anomaly here - does not make any sense at all but... bah...
                             src = svalue;
-                            property.SetValue(JsonConvert.SerializeObject(new
-                            {
-                                src = svalue
-                            }, Formatting.None), pvalue.Culture, pvalue.Segment);
+
+                            property.SetValue(JsonConvert.SerializeObject(new { src = svalue }, Formatting.None), pvalue.Culture, pvalue.Segment);
                         }
                         else
                         {
diff --git a/src/Umbraco.Infrastructure/PropertyEditors/ImageCropperPropertyValueEditor.cs b/src/Umbraco.Infrastructure/PropertyEditors/ImageCropperPropertyValueEditor.cs
index 5ae10bc178..d24a46f815 100644
--- a/src/Umbraco.Infrastructure/PropertyEditors/ImageCropperPropertyValueEditor.cs
+++ b/src/Umbraco.Infrastructure/PropertyEditors/ImageCropperPropertyValueEditor.cs
@@ -86,31 +86,42 @@ namespace Umbraco.Cms.Core.PropertyEditors
         /// </remarks>
         public override object FromEditor(ContentPropertyData editorValue, object currentValue)
         {
-            // get the current path
+            // Get the current path
             var currentPath = string.Empty;
             try
             {
                 var svalue = currentValue as string;
                 var currentJson = string.IsNullOrWhiteSpace(svalue) ? null : JObject.Parse(svalue);
-                if (currentJson != null && currentJson["src"] != null)
-                    currentPath = currentJson["src"].Value<string>();
+                if (currentJson != null && currentJson.TryGetValue("src", out var src))
+                {
+                    currentPath = src.Value<string>();
+                }
             }
             catch (Exception ex)
             {
-                // for some reason the value is invalid so continue as if there was no value there
+                // For some reason the value is invalid so continue as if there was no value there
                 _logger.LogWarning(ex, "Could not parse current db value to a JObject.");
             }
+
             if (string.IsNullOrWhiteSpace(currentPath) == false)
                 currentPath = _mediaFileManager.FileSystem.GetRelativePath(currentPath);
 
-            // get the new json and path
-            JObject editorJson = null;
+            // Get the new JSON and file path
             var editorFile = string.Empty;
-            if (editorValue.Value != null)
+            if (editorValue.Value is JObject editorJson)
             {
-                editorJson = editorValue.Value as JObject;
-                if (editorJson != null && editorJson["src"] != null)
+                // Populate current file
+                if (editorJson["src"] != null)
+                {
                     editorFile = editorJson["src"].Value<string>();
+                }
+
+                // Clean up redundant/default data
+                ImageCropperValue.Prune(editorJson);
+            }
+            else
+            {
+                editorJson = null;
             }
 
             // ensure we have the required guids
@@ -138,7 +149,7 @@ namespace Umbraco.Cms.Core.PropertyEditors
                     return null; // clear
                 }
 
-                return editorJson?.ToString(); // unchanged
+                return editorJson?.ToString(Formatting.None); // unchanged
             }
 
             // process the file
@@ -159,7 +170,7 @@ namespace Umbraco.Cms.Core.PropertyEditors
             // update json and return
             if (editorJson == null) return null;
             editorJson["src"] = filepath == null ? string.Empty : _mediaFileManager.FileSystem.GetUrl(filepath);
-            return editorJson.ToString();
+            return editorJson.ToString(Formatting.None);
         }
 
         private string ProcessFile(ContentPropertyFile file, Guid cuid, Guid puid)
@@ -186,7 +197,6 @@ namespace Umbraco.Cms.Core.PropertyEditors
             return filepath;
         }
 
-
         public override string ConvertDbToString(IPropertyType propertyType,  object value)
         {
             if (value == null || string.IsNullOrEmpty(value.ToString()))
@@ -205,7 +215,7 @@ namespace Umbraco.Cms.Core.PropertyEditors
             {
                 src = val,
                 crops = crops
-            },new JsonSerializerSettings()
+            }, new JsonSerializerSettings()
             {
                 Formatting = Formatting.None,
                 NullValueHandling = NullValueHandling.Ignore
diff --git a/src/Umbraco.Infrastructure/PropertyEditors/MediaPicker3PropertyEditor.cs b/src/Umbraco.Infrastructure/PropertyEditors/MediaPicker3PropertyEditor.cs
index 2cfe5dd56e..25174d5599 100644
--- a/src/Umbraco.Infrastructure/PropertyEditors/MediaPicker3PropertyEditor.cs
+++ b/src/Umbraco.Infrastructure/PropertyEditors/MediaPicker3PropertyEditor.cs
@@ -1,4 +1,4 @@
-using System.Collections.Generic;
+using System.Collections.Generic;
 using Microsoft.Extensions.Logging;
 using Umbraco.Cms.Core.Hosting;
 using Umbraco.Cms.Core.IO;
@@ -157,7 +157,6 @@ namespace Umbraco.Cms.Core.PropertyEditors
                 }
             }
 
-
             /// <summary>
             /// Model/DTO that represents the JSON that the MediaPicker3 stores.
             /// </summary>
@@ -176,7 +175,6 @@ namespace Umbraco.Cms.Core.PropertyEditors
                 [DataMember(Name = "focalPoint")]
                 public ImageCropperValue.ImageCropperFocalPoint FocalPoint { get; set; }
 
-
                 /// <summary>
                 /// Applies the configuration to ensure only valid crops are kept and have the correct width/height.
                 /// </summary>
@@ -214,9 +212,6 @@ namespace Umbraco.Cms.Core.PropertyEditors
                 /// Removes redundant crop data/default focal point.
                 /// </summary>
                 /// <param name="value">The media with crops DTO.</param>
-                /// <returns>
-                /// The cleaned up value.
-                /// </returns>
                 /// <remarks>
                 /// Because the DTO uses the same JSON keys as the image cropper value for crops and focal point, we can re-use the prune method.
                 /// </remarks>
diff --git a/src/Umbraco.Infrastructure/PropertyEditors/MultiUrlPickerValueEditor.cs b/src/Umbraco.Infrastructure/PropertyEditors/MultiUrlPickerValueEditor.cs
index f6d8a598b0..db55792a31 100644
--- a/src/Umbraco.Infrastructure/PropertyEditors/MultiUrlPickerValueEditor.cs
+++ b/src/Umbraco.Infrastructure/PropertyEditors/MultiUrlPickerValueEditor.cs
@@ -57,7 +57,7 @@ namespace Umbraco.Cms.Core.PropertyEditors
 
             try
             {
-                var links = JsonConvert.DeserializeObject<List<MultiUrlPickerValueEditor.LinkDto>>(value);
+                var links = JsonConvert.DeserializeObject<List<LinkDto>>(value);
 
                 var documentLinks = links.FindAll(link => link.Udi != null && link.Udi.EntityType == Constants.UdiEntityType.Document);
                 var mediaLinks = links.FindAll(link => link.Udi != null && link.Udi.EntityType == Constants.UdiEntityType.Media);
@@ -158,11 +158,13 @@ namespace Umbraco.Cms.Core.PropertyEditors
             {
                 var links = JsonConvert.DeserializeObject<List<LinkDisplay>>(value);
                 if (links.Count == 0)
+                {
                     return null;
+                }
 
                 return JsonConvert.SerializeObject(
                     from link in links
-                    select new MultiUrlPickerValueEditor.LinkDto
+                    select new LinkDto
                     {
                         Name = link.Name,
                         QueryString = link.QueryString,
diff --git a/src/Umbraco.Infrastructure/PropertyEditors/MultipleTextStringPropertyEditor.cs b/src/Umbraco.Infrastructure/PropertyEditors/MultipleTextStringPropertyEditor.cs
index 97cb677d4c..f0d5907e8e 100644
--- a/src/Umbraco.Infrastructure/PropertyEditors/MultipleTextStringPropertyEditor.cs
+++ b/src/Umbraco.Infrastructure/PropertyEditors/MultipleTextStringPropertyEditor.cs
@@ -1,14 +1,12 @@
-// Copyright (c) Umbraco.
+// Copyright (c) Umbraco.
 // See LICENSE for more details.
 
 using System;
 using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
 using System.Linq;
-using Microsoft.Extensions.Logging;
 using Newtonsoft.Json.Linq;
 using Umbraco.Cms.Core.Exceptions;
-using Umbraco.Cms.Core.Hosting;
 using Umbraco.Cms.Core.IO;
 using Umbraco.Cms.Core.Models;
 using Umbraco.Cms.Core.Models.Editors;
diff --git a/src/Umbraco.Infrastructure/PropertyEditors/MultipleValueEditor.cs b/src/Umbraco.Infrastructure/PropertyEditors/MultipleValueEditor.cs
index 47f8c9a169..8177c9ffeb 100644
--- a/src/Umbraco.Infrastructure/PropertyEditors/MultipleValueEditor.cs
+++ b/src/Umbraco.Infrastructure/PropertyEditors/MultipleValueEditor.cs
@@ -1,4 +1,4 @@
-// Copyright (c) Umbraco.
+// Copyright (c) Umbraco.
 // See LICENSE for more details.
 
 using System;
@@ -65,7 +65,6 @@ namespace Umbraco.Cms.Core.PropertyEditors
             }
 
             var values = json.Select(item => item.Value<string>()).ToArray();
-
             if (values.Length == 0)
             {
                 return null;
diff --git a/src/Umbraco.Infrastructure/PropertyEditors/NestedContentPropertyEditor.cs b/src/Umbraco.Infrastructure/PropertyEditors/NestedContentPropertyEditor.cs
index 835431820c..a3d30d0578 100644
--- a/src/Umbraco.Infrastructure/PropertyEditors/NestedContentPropertyEditor.cs
+++ b/src/Umbraco.Infrastructure/PropertyEditors/NestedContentPropertyEditor.cs
@@ -1,4 +1,4 @@
-// Copyright (c) Umbraco.
+// Copyright (c) Umbraco.
 // See LICENSE for more details.
 
 using System;
@@ -105,7 +105,9 @@ namespace Umbraco.Cms.Core.PropertyEditors
                 var rows = _nestedContentValues.GetPropertyValues(propertyValue);
 
                 if (rows.Count == 0)
+                {
                     return null;
+                }
 
                 foreach (var row in rows.ToList())
                 {
@@ -141,8 +143,6 @@ namespace Umbraco.Cms.Core.PropertyEditors
 
             #endregion
 
-
-
             #region Convert database // editor
 
             // note: there is NO variant support here
diff --git a/src/Umbraco.Infrastructure/PropertyEditors/RichTextPropertyEditor.cs b/src/Umbraco.Infrastructure/PropertyEditors/RichTextPropertyEditor.cs
index 8eeb935c12..1cfbc3449e 100644
--- a/src/Umbraco.Infrastructure/PropertyEditors/RichTextPropertyEditor.cs
+++ b/src/Umbraco.Infrastructure/PropertyEditors/RichTextPropertyEditor.cs
@@ -1,4 +1,4 @@
-// Copyright (c) Umbraco.
+// Copyright (c) Umbraco.
 // See LICENSE for more details.
 
 using System;
@@ -148,7 +148,9 @@ namespace Umbraco.Cms.Core.PropertyEditors
             public override object FromEditor(ContentPropertyData editorValue, object currentValue)
             {
                 if (editorValue.Value == null)
+                {
                     return null;
+                }
 
                 var userId = _backOfficeSecurityAccessor?.BackOfficeSecurity?.CurrentUser?.Id ?? Constants.Security.SuperUserId;
 
diff --git a/src/Umbraco.Infrastructure/PropertyEditors/TagsPropertyEditor.cs b/src/Umbraco.Infrastructure/PropertyEditors/TagsPropertyEditor.cs
index 42f6424bfa..30911b0866 100644
--- a/src/Umbraco.Infrastructure/PropertyEditors/TagsPropertyEditor.cs
+++ b/src/Umbraco.Infrastructure/PropertyEditors/TagsPropertyEditor.cs
@@ -1,4 +1,4 @@
-// Copyright (c) Umbraco.
+// Copyright (c) Umbraco.
 // See LICENSE for more details.
 
 using System;
diff --git a/src/Umbraco.Infrastructure/PropertyEditors/ValueConverters/ImageCropperValue.cs b/src/Umbraco.Infrastructure/PropertyEditors/ValueConverters/ImageCropperValue.cs
index 97f1b8398c..af9e820d66 100644
--- a/src/Umbraco.Infrastructure/PropertyEditors/ValueConverters/ImageCropperValue.cs
+++ b/src/Umbraco.Infrastructure/PropertyEditors/ValueConverters/ImageCropperValue.cs
@@ -21,14 +21,14 @@ namespace Umbraco.Cms.Core.PropertyEditors.ValueConverters
     /// </summary>
     [JsonConverter(typeof(NoTypeConverterJsonConverter<ImageCropperValue>))]
     [TypeConverter(typeof(ImageCropperValueTypeConverter))]
-    [DataContract(Name="imageCropDataSet")]
+    [DataContract(Name = "imageCropDataSet")]
     public class ImageCropperValue : IHtmlEncodedString, IEquatable<ImageCropperValue>
     {
         /// <summary>
         /// Gets or sets the value source image.
         /// </summary>
-        [DataMember(Name="src")]
-        public string Src { get; set;}
+        [DataMember(Name = "src")]
+        public string Src { get; set; }
 
         /// <summary>
         /// Gets or sets the value focal point.
@@ -44,9 +44,7 @@ namespace Umbraco.Cms.Core.PropertyEditors.ValueConverters
 
         /// <inheritdoc />
         public override string ToString()
-        {
-            return Crops != null ? (Crops.Any() ? JsonConvert.SerializeObject(this) : Src) : string.Empty;
-        }
+            => HasCrops() || HasFocalPoint() ? JsonConvert.SerializeObject(this, Formatting.None) : Src;
 
         /// <inheritdoc />
         public string ToHtmlString() => Src;
@@ -178,12 +176,10 @@ namespace Umbraco.Cms.Core.PropertyEditors.ValueConverters
         /// Removes redundant crop data/default focal point.
         /// </summary>
         /// <param name="value">The image cropper value.</param>
-        /// <returns>
-        /// The cleaned up value.
-        /// </returns>
         public static void Prune(JObject value)
         {
-            if (value is null) throw new ArgumentNullException(nameof(value));
+            if (value is null)
+                throw new ArgumentNullException(nameof(value));
 
             if (value.TryGetValue("crops", out var crops))
             {
@@ -252,8 +248,8 @@ namespace Umbraco.Cms.Core.PropertyEditors.ValueConverters
                 // properties are, practically, readonly
                 // ReSharper disable NonReadonlyMemberInGetHashCode
                 var hashCode = Src?.GetHashCode() ?? 0;
-                hashCode = (hashCode*397) ^ (FocalPoint?.GetHashCode() ?? 0);
-                hashCode = (hashCode*397) ^ (Crops?.GetHashCode() ?? 0);
+                hashCode = (hashCode * 397) ^ (FocalPoint?.GetHashCode() ?? 0);
+                hashCode = (hashCode * 397) ^ (Crops?.GetHashCode() ?? 0);
                 return hashCode;
                 // ReSharper restore NonReadonlyMemberInGetHashCode
             }
@@ -298,7 +294,7 @@ namespace Umbraco.Cms.Core.PropertyEditors.ValueConverters
                 {
                     // properties are, practically, readonly
                     // ReSharper disable NonReadonlyMemberInGetHashCode
-                    return (Left.GetHashCode()*397) ^ Top.GetHashCode();
+                    return (Left.GetHashCode() * 397) ^ Top.GetHashCode();
                     // ReSharper restore NonReadonlyMemberInGetHashCode
                 }
             }
@@ -352,9 +348,9 @@ namespace Umbraco.Cms.Core.PropertyEditors.ValueConverters
                     // properties are, practically, readonly
                     // ReSharper disable NonReadonlyMemberInGetHashCode
                     var hashCode = Alias?.GetHashCode() ?? 0;
-                    hashCode = (hashCode*397) ^ Width;
-                    hashCode = (hashCode*397) ^ Height;
-                    hashCode = (hashCode*397) ^ (Coordinates?.GetHashCode() ?? 0);
+                    hashCode = (hashCode * 397) ^ Width;
+                    hashCode = (hashCode * 397) ^ Height;
+                    hashCode = (hashCode * 397) ^ (Coordinates?.GetHashCode() ?? 0);
                     return hashCode;
                     // ReSharper restore NonReadonlyMemberInGetHashCode
                 }
@@ -409,9 +405,9 @@ namespace Umbraco.Cms.Core.PropertyEditors.ValueConverters
                     // properties are, practically, readonly
                     // ReSharper disable NonReadonlyMemberInGetHashCode
                     var hashCode = X1.GetHashCode();
-                    hashCode = (hashCode*397) ^ Y1.GetHashCode();
-                    hashCode = (hashCode*397) ^ X2.GetHashCode();
-                    hashCode = (hashCode*397) ^ Y2.GetHashCode();
+                    hashCode = (hashCode * 397) ^ Y1.GetHashCode();
+                    hashCode = (hashCode * 397) ^ X2.GetHashCode();
+                    hashCode = (hashCode * 397) ^ Y2.GetHashCode();
                     return hashCode;
                     // ReSharper restore NonReadonlyMemberInGetHashCode
                 }
diff --git a/src/Umbraco.Infrastructure/Serialization/JsonNetSerializer.cs b/src/Umbraco.Infrastructure/Serialization/JsonNetSerializer.cs
index 5c5377c0a1..dd228ac008 100644
--- a/src/Umbraco.Infrastructure/Serialization/JsonNetSerializer.cs
+++ b/src/Umbraco.Infrastructure/Serialization/JsonNetSerializer.cs
@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using Newtonsoft.Json;
 using Newtonsoft.Json.Converters;
@@ -15,25 +15,20 @@ namespace Umbraco.Cms.Infrastructure.Serialization
             {
                 new StringEnumConverter()
             },
-            Formatting = Formatting.None
+            Formatting = Formatting.None,
+            NullValueHandling = NullValueHandling.Ignore
         };
-        public string Serialize(object input)
-        {
-            return JsonConvert.SerializeObject(input, JsonSerializerSettings);
-        }
 
-        public T Deserialize<T>(string input)
-        {
-            return JsonConvert.DeserializeObject<T>(input, JsonSerializerSettings);
-        }
+        public string Serialize(object input) => JsonConvert.SerializeObject(input, JsonSerializerSettings);
+
+        public T Deserialize<T>(string input) => JsonConvert.DeserializeObject<T>(input, JsonSerializerSettings);
 
         public T DeserializeSubset<T>(string input, string key)
         {
             if (key == null) throw new ArgumentNullException(nameof(key));
 
-            var root = JsonConvert.DeserializeObject<JObject>(input);
-
-            var jToken = root.SelectToken(key);
+            var root = Deserialize<JObject>(input);
+            var jToken = root?.SelectToken(key);
 
             return jToken switch
             {
diff --git a/src/Umbraco.Infrastructure/Serialization/JsonToStringConverter.cs b/src/Umbraco.Infrastructure/Serialization/JsonToStringConverter.cs
index 2e7416b2d2..3cf23154c8 100644
--- a/src/Umbraco.Infrastructure/Serialization/JsonToStringConverter.cs
+++ b/src/Umbraco.Infrastructure/Serialization/JsonToStringConverter.cs
@@ -1,4 +1,4 @@
-using System;
+using System;
 using Newtonsoft.Json;
 using Newtonsoft.Json.Linq;
 
@@ -20,6 +20,7 @@ namespace Umbraco.Cms.Infrastructure.Serialization
             {
                 return reader.Value;
             }
+
             // Load JObject from stream
             JObject jObject = JObject.Load(reader);
             return jObject.ToString(Formatting.None);
diff --git a/tests/Umbraco.Tests.UnitTests/Umbraco.Core/PropertyEditors/BlockEditorComponentTests.cs b/tests/Umbraco.Tests.UnitTests/Umbraco.Core/PropertyEditors/BlockEditorComponentTests.cs
index b76719888f..efd753296a 100644
--- a/tests/Umbraco.Tests.UnitTests/Umbraco.Core/PropertyEditors/BlockEditorComponentTests.cs
+++ b/tests/Umbraco.Tests.UnitTests/Umbraco.Core/PropertyEditors/BlockEditorComponentTests.cs
@@ -21,7 +21,7 @@ namespace Umbraco.Cms.Tests.UnitTests.Umbraco.Core.PropertyEditors
         private readonly JsonSerializerSettings _serializerSettings = new JsonSerializerSettings
         {
             Formatting = Formatting.None,
-            NullValueHandling = NullValueHandling.Ignore,
+            NullValueHandling = NullValueHandling.Ignore
         };
 
         private const string ContentGuid1 = "036ce82586a64dfba2d523a99ed80f58";

From d4c43b69f77f5a7fd2a3ab45f61c85c7cfe0b5c0 Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Wed, 26 Jan 2022 12:40:14 +0100
Subject: [PATCH 39/81] Updated to use IOptionsMonitor

---
 .../Controllers/HelpController.cs                 | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/Umbraco.Web.BackOffice/Controllers/HelpController.cs b/src/Umbraco.Web.BackOffice/Controllers/HelpController.cs
index dd01f9621f..d79001d0f8 100644
--- a/src/Umbraco.Web.BackOffice/Controllers/HelpController.cs
+++ b/src/Umbraco.Web.BackOffice/Controllers/HelpController.cs
@@ -20,21 +20,28 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
     public class HelpController : UmbracoAuthorizedJsonController
     {
         private readonly ILogger<HelpController> _logger;
-        private readonly HelpPageSettings _helpPageSettings;
+        private HelpPageSettings _helpPageSettings;
 
         [Obsolete("Use constructor that takes IOptions<HelpPageSettings>")]
         public HelpController(ILogger<HelpController> logger)
-            : this(logger, StaticServiceProvider.Instance.GetRequiredService<IOptions<HelpPageSettings>>())
+            : this(logger, StaticServiceProvider.Instance.GetRequiredService<IOptionsMonitor<HelpPageSettings>>())
         {
         }
 
         [ActivatorUtilitiesConstructor]
         public HelpController(
             ILogger<HelpController> logger,
-            IOptions<HelpPageSettings> helpPageSettings)
+            IOptionsMonitor<HelpPageSettings> helpPageSettings)
         {
             _logger = logger;
-            _helpPageSettings = helpPageSettings.Value;
+
+            ResetHelpPageSettings(helpPageSettings.CurrentValue);
+            helpPageSettings.OnChange(ResetHelpPageSettings);
+        }
+
+        private void ResetHelpPageSettings(HelpPageSettings settings)
+        {
+            _helpPageSettings = settings;
         }
 
         private static HttpClient _httpClient;

From c73d0bf6a6b97ecc95f3d1e85db635ee0353deb5 Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Thu, 27 Jan 2022 09:53:16 +0100
Subject: [PATCH 40/81] Update logging message in HelpController

---
 src/Umbraco.Web.BackOffice/Controllers/HelpController.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Umbraco.Web.BackOffice/Controllers/HelpController.cs b/src/Umbraco.Web.BackOffice/Controllers/HelpController.cs
index d79001d0f8..f431b1a827 100644
--- a/src/Umbraco.Web.BackOffice/Controllers/HelpController.cs
+++ b/src/Umbraco.Web.BackOffice/Controllers/HelpController.cs
@@ -50,7 +50,7 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
         {
             if (IsAllowedUrl(baseUrl) is false)
             {
-                _logger.LogError($"The following URL is not listed in the allowlist for HelpPage in web.config: {baseUrl}");
+                _logger.LogError($"The following URL is not listed in the allowlist for HelpPage in HelpPageSettings: {baseUrl}");
                 HttpContext.Response.StatusCode = (int)HttpStatusCode.BadRequest;
 
                 // Ideally we'd want to return a BadRequestResult here,

From 7971f36b78e333aa61cb94e9fc3003b70459c6ff Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Thu, 27 Jan 2022 10:32:56 +0100
Subject: [PATCH 41/81] Add check for PluginControllerAttribute and compare
 area name (#11911)

* Add check for PluginControllerAttribute and compare area name

* Added null check
---
 .../Runtime/RuntimeState.cs                   | 43 ++++++++++---------
 .../Services/ConflictingRouteService.cs       | 18 ++++++--
 2 files changed, 37 insertions(+), 24 deletions(-)

diff --git a/src/Umbraco.Infrastructure/Runtime/RuntimeState.cs b/src/Umbraco.Infrastructure/Runtime/RuntimeState.cs
index 73b6692e3a..c81041849a 100644
--- a/src/Umbraco.Infrastructure/Runtime/RuntimeState.cs
+++ b/src/Umbraco.Infrastructure/Runtime/RuntimeState.cs
@@ -44,27 +44,6 @@ namespace Umbraco.Cms.Infrastructure.Runtime
         {
         }
 
-        /// <summary>
-        /// Initializes a new instance of the <see cref="RuntimeState"/> class.
-        /// </summary>
-        public RuntimeState(
-            IOptions<GlobalSettings> globalSettings,
-            IOptions<UnattendedSettings> unattendedSettings,
-            IUmbracoVersion umbracoVersion,
-            IUmbracoDatabaseFactory databaseFactory,
-            ILogger<RuntimeState> logger,
-            PendingPackageMigrations packageMigrationState)
-            : this(
-                globalSettings,
-                unattendedSettings,
-                umbracoVersion,
-                databaseFactory,
-                logger,
-                packageMigrationState,
-                StaticServiceProvider.Instance.GetRequiredService<IConflictingRouteService>())
-        {
-        }
-
         public RuntimeState(
             IOptions<GlobalSettings> globalSettings,
             IOptions<UnattendedSettings> unattendedSettings,
@@ -83,6 +62,28 @@ namespace Umbraco.Cms.Infrastructure.Runtime
             _conflictingRouteService = conflictingRouteService;
         }
 
+        /// <summary>
+        /// Initializes a new instance of the <see cref="RuntimeState"/> class.
+        /// </summary>
+        [Obsolete("use ctor with all params")]
+        public RuntimeState(
+            IOptions<GlobalSettings> globalSettings,
+            IOptions<UnattendedSettings> unattendedSettings,
+            IUmbracoVersion umbracoVersion,
+            IUmbracoDatabaseFactory databaseFactory,
+            ILogger<RuntimeState> logger,
+            PendingPackageMigrations packageMigrationState)
+            : this(
+                globalSettings,
+                unattendedSettings,
+                umbracoVersion,
+                databaseFactory,
+                logger,
+                packageMigrationState,
+                StaticServiceProvider.Instance.GetRequiredService<IConflictingRouteService>())
+        {
+        }
+
         /// <inheritdoc />
         public Version Version => _umbracoVersion.Version;
 
diff --git a/src/Umbraco.Web.BackOffice/Services/ConflictingRouteService.cs b/src/Umbraco.Web.BackOffice/Services/ConflictingRouteService.cs
index 2951ace9e1..af8d0d877e 100644
--- a/src/Umbraco.Web.BackOffice/Services/ConflictingRouteService.cs
+++ b/src/Umbraco.Web.BackOffice/Services/ConflictingRouteService.cs
@@ -1,7 +1,9 @@
 using System;
 using System.Linq;
+using System.Reflection;
 using Umbraco.Cms.Core.Composing;
 using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Web.Common.Attributes;
 using Umbraco.Cms.Web.Common.Controllers;
 
 namespace Umbraco.Cms.Web.BackOffice.Services
@@ -21,10 +23,20 @@ namespace Umbraco.Cms.Web.BackOffice.Services
             var controllers = _typeLoader.GetTypes<UmbracoApiControllerBase>().ToList();
             foreach (Type controller in controllers)
             {
-                if (controllers.Count(x => x.Name == controller.Name) > 1)
+                var potentialConflicting = controllers.Where(x => x.Name == controller.Name).ToArray();
+                if (potentialConflicting.Length > 1)
                 {
-                    controllerName = controller.Name;
-                    return true;
+                    //If we have any with same controller name and located in the same area, then it is a confict.
+                    var conflicting = potentialConflicting
+                        .Select(x => x.GetCustomAttribute<PluginControllerAttribute>())
+                        .GroupBy(x => x?.AreaName)
+                        .Any(x => x?.Count() > 1);
+
+                    if (conflicting)
+                    {
+                        controllerName = controller.Name;
+                        return true;
+                    }
                 }
             }
 

From 1b98f8985ec45c20ed23ab7d4bd7c71d5cba0dfd Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Tue, 21 Dec 2021 07:23:08 +0100
Subject: [PATCH 42/81] Use current request for emails (#11775)

* Use current request for emails

* Fix tests
---
 src/Umbraco.Core/Sync/ApplicationUrlHelper.cs | 17 ++++++++++
 .../AuthenticationControllerTests.cs          |  4 ++-
 .../Web/Controllers/UsersControllerTests.cs   | 13 ++++---
 .../Editors/AuthenticationController.cs       | 19 +++++++++--
 src/Umbraco.Web/Editors/UsersController.cs    | 34 +++++++++++++------
 5 files changed, 69 insertions(+), 18 deletions(-)

diff --git a/src/Umbraco.Core/Sync/ApplicationUrlHelper.cs b/src/Umbraco.Core/Sync/ApplicationUrlHelper.cs
index 52af734f1c..d934e24575 100644
--- a/src/Umbraco.Core/Sync/ApplicationUrlHelper.cs
+++ b/src/Umbraco.Core/Sync/ApplicationUrlHelper.cs
@@ -102,5 +102,22 @@ namespace Umbraco.Core.Sync
 
             return url.TrimEnd(Constants.CharArrays.ForwardSlash);
         }
+
+        /// <summary>
+        /// Will get the application URL from configuration, if none is specified will fall back to URL from request.
+        /// </summary>
+        /// <param name="request"></param>
+        /// <param name="umbracoSettingsSection"></param>
+        /// <param name="globalSettings"></param>
+        /// <returns></returns>
+        public static Uri GetApplicationUriUncached(
+            HttpRequestBase request,
+            IUmbracoSettingsSection umbracoSettingsSection)
+        {
+            var settingUrl = umbracoSettingsSection.WebRouting.UmbracoApplicationUrl;
+            return string.IsNullOrEmpty(settingUrl)
+                ? new Uri(request.Url, IOHelper.ResolveUrl(SystemDirectories.Umbraco))
+                : new Uri(settingUrl);
+        }
     }
 }
diff --git a/src/Umbraco.Tests/Web/Controllers/AuthenticationControllerTests.cs b/src/Umbraco.Tests/Web/Controllers/AuthenticationControllerTests.cs
index 3d264663b5..9bd9ee73ed 100644
--- a/src/Umbraco.Tests/Web/Controllers/AuthenticationControllerTests.cs
+++ b/src/Umbraco.Tests/Web/Controllers/AuthenticationControllerTests.cs
@@ -16,6 +16,7 @@ using Umbraco.Core;
 using Umbraco.Core.Cache;
 using Umbraco.Core.Composing;
 using Umbraco.Core.Configuration;
+using Umbraco.Core.Configuration.UmbracoSettings;
 using Umbraco.Core.IO;
 using Umbraco.Core.Logging;
 using Umbraco.Core.Persistence;
@@ -82,7 +83,8 @@ namespace Umbraco.Tests.Web.Controllers
                     Factory.GetInstance<AppCaches>(),
                     Factory.GetInstance<IProfilingLogger>(),
                     Factory.GetInstance<IRuntimeState>(),
-                    helper);
+                    helper,
+                    Factory.GetInstance<IUmbracoSettingsSection>());
                 return usersController;
             }
 
diff --git a/src/Umbraco.Tests/Web/Controllers/UsersControllerTests.cs b/src/Umbraco.Tests/Web/Controllers/UsersControllerTests.cs
index 85dd303432..b9289c1392 100644
--- a/src/Umbraco.Tests/Web/Controllers/UsersControllerTests.cs
+++ b/src/Umbraco.Tests/Web/Controllers/UsersControllerTests.cs
@@ -14,6 +14,7 @@ using Umbraco.Core;
 using Umbraco.Core.Cache;
 using Umbraco.Core.Composing;
 using Umbraco.Core.Configuration;
+using Umbraco.Core.Configuration.UmbracoSettings;
 using Umbraco.Core.Logging;
 using Umbraco.Core.Models;
 using Umbraco.Core.Models.Membership;
@@ -84,7 +85,8 @@ namespace Umbraco.Tests.Web.Controllers
                     Factory.GetInstance<AppCaches>(),
                     Factory.GetInstance<IProfilingLogger>(),
                     Factory.GetInstance<IRuntimeState>(),
-                    helper);
+                    helper,
+                    Factory.GetInstance<IUmbracoSettingsSection>());
                 return usersController;
             }
 
@@ -148,7 +150,8 @@ namespace Umbraco.Tests.Web.Controllers
                     Factory.GetInstance<AppCaches>(),
                     Factory.GetInstance<IProfilingLogger>(),
                     Factory.GetInstance<IRuntimeState>(),
-                    helper);
+                    helper,
+                    Factory.GetInstance<IUmbracoSettingsSection>());
                 return usersController;
             }
 
@@ -183,7 +186,8 @@ namespace Umbraco.Tests.Web.Controllers
                     Factory.GetInstance<AppCaches>(),
                     Factory.GetInstance<IProfilingLogger>(),
                     Factory.GetInstance<IRuntimeState>(),
-                    helper);
+                    helper,
+                    Factory.GetInstance<IUmbracoSettingsSection>());
                 return usersController;
             }
 
@@ -253,7 +257,8 @@ namespace Umbraco.Tests.Web.Controllers
                     Factory.GetInstance<AppCaches>(),
                     Factory.GetInstance<IProfilingLogger>(),
                     Factory.GetInstance<IRuntimeState>(),
-                    helper);
+                    helper,
+                    Factory.GetInstance<IUmbracoSettingsSection>());
                 return usersController;
             }
 
diff --git a/src/Umbraco.Web/Editors/AuthenticationController.cs b/src/Umbraco.Web/Editors/AuthenticationController.cs
index 3ecc6b64a4..54612377e0 100644
--- a/src/Umbraco.Web/Editors/AuthenticationController.cs
+++ b/src/Umbraco.Web/Editors/AuthenticationController.cs
@@ -27,6 +27,8 @@ using Umbraco.Web.Composing;
 using IUser = Umbraco.Core.Models.Membership.IUser;
 using Umbraco.Web.Editors.Filters;
 using Microsoft.Owin.Security;
+using Umbraco.Core.Configuration.UmbracoSettings;
+using Umbraco.Core.Sync;
 
 namespace Umbraco.Web.Editors
 {
@@ -40,12 +42,23 @@ namespace Umbraco.Web.Editors
     [DisableBrowserCache]
     public class AuthenticationController : UmbracoApiController
     {
+        private readonly IUmbracoSettingsSection _umbracoSettingsSection;
         private BackOfficeUserManager<BackOfficeIdentityUser> _userManager;
         private BackOfficeSignInManager _signInManager;
 
-        public AuthenticationController(IGlobalSettings globalSettings, IUmbracoContextAccessor umbracoContextAccessor, ISqlContext sqlContext, ServiceContext services, AppCaches appCaches, IProfilingLogger logger, IRuntimeState runtimeState, UmbracoHelper umbracoHelper)
+        public AuthenticationController(
+            IGlobalSettings globalSettings,
+            IUmbracoContextAccessor umbracoContextAccessor,
+            ISqlContext sqlContext,
+            ServiceContext services,
+            AppCaches appCaches,
+            IProfilingLogger logger,
+            IRuntimeState runtimeState,
+            UmbracoHelper umbracoHelper,
+            IUmbracoSettingsSection umbracoSettingsSection)
             : base(globalSettings, umbracoContextAccessor, sqlContext, services, appCaches, logger, runtimeState, umbracoHelper, Current.Mapper)
         {
+            _umbracoSettingsSection = umbracoSettingsSection;
         }
 
         protected BackOfficeUserManager<BackOfficeIdentityUser> UserManager => _userManager
@@ -552,8 +565,8 @@ namespace Umbraco.Web.Editors
                     r = code
                 });
 
-            // Construct full URL using configured application URL (which will fall back to request)
-            var applicationUri = Current.RuntimeState.ApplicationUrl;
+            // Construct full URL using configured application URL (which will fall back to current request)
+            var applicationUri = ApplicationUrlHelper.GetApplicationUriUncached(http.Request, _umbracoSettingsSection);
             var callbackUri = new Uri(applicationUri, action);
             return callbackUri.ToString();
         }
diff --git a/src/Umbraco.Web/Editors/UsersController.cs b/src/Umbraco.Web/Editors/UsersController.cs
index dda0dfc933..4bfd72854f 100644
--- a/src/Umbraco.Web/Editors/UsersController.cs
+++ b/src/Umbraco.Web/Editors/UsersController.cs
@@ -17,6 +17,7 @@ using Umbraco.Core;
 using Umbraco.Core.Cache;
 using Umbraco.Core.Composing;
 using Umbraco.Core.Configuration;
+using Umbraco.Core.Configuration.UmbracoSettings;
 using Umbraco.Core.IO;
 using Umbraco.Core.Logging;
 using Umbraco.Core.Models;
@@ -27,6 +28,7 @@ using Umbraco.Core.Persistence;
 using Umbraco.Core.Persistence.DatabaseModelDefinitions;
 using Umbraco.Core.Security;
 using Umbraco.Core.Services;
+using Umbraco.Core.Sync;
 using Umbraco.Web.Editors.Filters;
 using Umbraco.Web.Models;
 using Umbraco.Web.Models.ContentEditing;
@@ -46,9 +48,21 @@ namespace Umbraco.Web.Editors
     [IsCurrentUserModelFilter]
     public class UsersController : UmbracoAuthorizedJsonController
     {
-        public UsersController(IGlobalSettings globalSettings, IUmbracoContextAccessor umbracoContextAccessor, ISqlContext sqlContext, ServiceContext services, AppCaches appCaches, IProfilingLogger logger, IRuntimeState runtimeState, UmbracoHelper umbracoHelper)
+        private readonly IUmbracoSettingsSection _umbracoSettingsSection;
+
+        public UsersController(
+            IGlobalSettings globalSettings,
+            IUmbracoContextAccessor umbracoContextAccessor,
+            ISqlContext sqlContext,
+            ServiceContext services,
+            AppCaches appCaches,
+            IProfilingLogger logger,
+            IRuntimeState runtimeState,
+            UmbracoHelper umbracoHelper,
+            IUmbracoSettingsSection umbracoSettingsSection)
             : base(globalSettings, umbracoContextAccessor, sqlContext, services, appCaches, logger, runtimeState, umbracoHelper)
         {
+            _umbracoSettingsSection = umbracoSettingsSection;
         }
 
         /// <summary>
@@ -390,7 +404,7 @@ namespace Umbraco.Web.Editors
             user = CheckUniqueEmail(userSave.Email, u => u.LastLoginDate != default || u.EmailConfirmedDate.HasValue);
 
             var userMgr = TryGetOwinContext().Result.GetBackOfficeUserManager();
-            
+
             if (!EmailSender.CanSendRequiredEmail && !userMgr.HasSendingUserInviteEventHandler)
             {
                 throw new HttpResponseException(
@@ -462,12 +476,12 @@ namespace Umbraco.Web.Editors
                         Email = userSave.Email,
                         Username = userSave.Username
                     };
-                }                
+                }
             }
             else
             {
                 //send the email
-                await SendUserInviteEmailAsync(display, Security.CurrentUser.Name, Security.CurrentUser.Email, user, userSave.Message);                
+                await SendUserInviteEmailAsync(display, Security.CurrentUser.Name, Security.CurrentUser.Email, user, userSave.Message);
             }
 
             display.AddSuccessNotification(Services.TextService.Localize("speechBubbles", "resendInviteHeader"), Services.TextService.Localize("speechBubbles", "resendInviteSuccess", new[] { user.Name }));
@@ -525,9 +539,9 @@ namespace Umbraco.Web.Editors
                     invite = inviteToken
                 });
 
-            // Construct full URL using configured application URL (which will fall back to request)
-            var applicationUri = RuntimeState.ApplicationUrl;
-            var inviteUri = new Uri(applicationUri, action);
+            // Construct full URL will use the value in settings if specified, otherwise will use the current request URL
+            var requestUrl = ApplicationUrlHelper.GetApplicationUriUncached(http.Request, _umbracoSettingsSection);
+            var inviteUri = new Uri(requestUrl, action);
 
             var emailSubject = Services.TextService.Localize("user", "inviteEmailCopySubject",
                 //Ensure the culture of the found user is used for the email!
@@ -622,7 +636,7 @@ namespace Umbraco.Web.Editors
             if (Current.Configs.Settings().Security.UsernameIsEmail && found.Username == found.Email && userSave.Username != userSave.Email)
             {
                 userSave.Username = userSave.Email;
-            }          
+            }
 
             if (hasErrors)
                 throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState));
@@ -647,13 +661,13 @@ namespace Umbraco.Web.Editors
         }
 
         /// <summary>
-        /// 
+        ///
         /// </summary>
         /// <param name="changingPasswordModel"></param>
         /// <returns></returns>
         public async Task<ModelWithNotifications<string>> PostChangePassword(ChangingPasswordModel changingPasswordModel)
         {
-            changingPasswordModel = changingPasswordModel ?? throw new ArgumentNullException(nameof(changingPasswordModel));            
+            changingPasswordModel = changingPasswordModel ?? throw new ArgumentNullException(nameof(changingPasswordModel));
 
             if (ModelState.IsValid == false)
             {

From a779803763d45c079579f4216d4f516d6e8e9648 Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Thu, 27 Jan 2022 13:18:21 +0100
Subject: [PATCH 43/81] Bump version to 8.17.2

---
 src/SolutionInfo.cs                      | 4 ++--
 src/Umbraco.Web.UI/Umbraco.Web.UI.csproj | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/SolutionInfo.cs b/src/SolutionInfo.cs
index a7cfdaa562..a8a04a0679 100644
--- a/src/SolutionInfo.cs
+++ b/src/SolutionInfo.cs
@@ -18,5 +18,5 @@ using System.Resources;
 [assembly: AssemblyVersion("8.0.0")]
 
 // these are FYI and changed automatically
-[assembly: AssemblyFileVersion("8.17.1")]
-[assembly: AssemblyInformationalVersion("8.17.1")]
+[assembly: AssemblyFileVersion("8.17.2")]
+[assembly: AssemblyInformationalVersion("8.17.2")]
diff --git a/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj b/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
index afe9ade5f7..6114a84b2a 100644
--- a/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
+++ b/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
@@ -348,9 +348,9 @@
         <WebProjectProperties>
           <UseIIS>False</UseIIS>
           <AutoAssignPort>True</AutoAssignPort>
-          <DevelopmentServerPort>8171</DevelopmentServerPort>
+          <DevelopmentServerPort>8172</DevelopmentServerPort>
           <DevelopmentServerVPath>/</DevelopmentServerVPath>
-          <IISUrl>http://localhost:8171</IISUrl>
+          <IISUrl>http://localhost:8172</IISUrl>
           <NTLMAuthentication>False</NTLMAuthentication>
           <UseCustomServer>False</UseCustomServer>
           <CustomServerUrl>
@@ -433,4 +433,4 @@
     <Message Text="ConfigFile: $(OriginalFileName) -&gt; $(OutputFileName)" Importance="high" Condition="Exists('$(ModifiedFileName)')" />
     <Copy SourceFiles="$(ModifiedFileName)" DestinationFiles="$(OutputFileName)" OverwriteReadOnlyFiles="true" SkipUnchangedFiles="false" Condition="Exists('$(ModifiedFileName)')" />
   </Target>
-</Project>
\ No newline at end of file
+</Project>

From c79380191bfa206d081fcd08ca9008be39a79d6c Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Thu, 27 Jan 2022 15:57:22 +0100
Subject: [PATCH 44/81] Use Umbraco Path instead of constant

---
 src/Umbraco.Core/Sync/ApplicationUrlHelper.cs | 21 +++++++++++++++----
 .../Editors/AuthenticationController.cs       |  2 +-
 src/Umbraco.Web/Editors/UsersController.cs    |  2 +-
 3 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/src/Umbraco.Core/Sync/ApplicationUrlHelper.cs b/src/Umbraco.Core/Sync/ApplicationUrlHelper.cs
index d934e24575..f3cc5a6db6 100644
--- a/src/Umbraco.Core/Sync/ApplicationUrlHelper.cs
+++ b/src/Umbraco.Core/Sync/ApplicationUrlHelper.cs
@@ -112,12 +112,25 @@ namespace Umbraco.Core.Sync
         /// <returns></returns>
         public static Uri GetApplicationUriUncached(
             HttpRequestBase request,
-            IUmbracoSettingsSection umbracoSettingsSection)
+            IUmbracoSettingsSection umbracoSettingsSection,
+            IGlobalSettings globalSettings)
         {
             var settingUrl = umbracoSettingsSection.WebRouting.UmbracoApplicationUrl;
-            return string.IsNullOrEmpty(settingUrl)
-                ? new Uri(request.Url, IOHelper.ResolveUrl(SystemDirectories.Umbraco))
-                : new Uri(settingUrl);
+
+
+            if (string.IsNullOrEmpty(settingUrl))
+            {
+                if (!Uri.TryCreate(request.Url, VirtualPathUtility.ToAbsolute(globalSettings.Path), out var result))
+                {
+                    throw new InvalidOperationException(
+                        $"Could not create an url from {request.Url} and {globalSettings.Path}");
+                }
+                return result;
+            }
+            else
+            {
+                return new Uri(settingUrl);
+            }
         }
     }
 }
diff --git a/src/Umbraco.Web/Editors/AuthenticationController.cs b/src/Umbraco.Web/Editors/AuthenticationController.cs
index 54612377e0..85889c5869 100644
--- a/src/Umbraco.Web/Editors/AuthenticationController.cs
+++ b/src/Umbraco.Web/Editors/AuthenticationController.cs
@@ -566,7 +566,7 @@ namespace Umbraco.Web.Editors
                 });
 
             // Construct full URL using configured application URL (which will fall back to current request)
-            var applicationUri = ApplicationUrlHelper.GetApplicationUriUncached(http.Request, _umbracoSettingsSection);
+            var applicationUri = ApplicationUrlHelper.GetApplicationUriUncached(http.Request, _umbracoSettingsSection, GlobalSettings);
             var callbackUri = new Uri(applicationUri, action);
             return callbackUri.ToString();
         }
diff --git a/src/Umbraco.Web/Editors/UsersController.cs b/src/Umbraco.Web/Editors/UsersController.cs
index 4bfd72854f..58bb5dcb0a 100644
--- a/src/Umbraco.Web/Editors/UsersController.cs
+++ b/src/Umbraco.Web/Editors/UsersController.cs
@@ -540,7 +540,7 @@ namespace Umbraco.Web.Editors
                 });
 
             // Construct full URL will use the value in settings if specified, otherwise will use the current request URL
-            var requestUrl = ApplicationUrlHelper.GetApplicationUriUncached(http.Request, _umbracoSettingsSection);
+            var requestUrl = ApplicationUrlHelper.GetApplicationUriUncached(http.Request, _umbracoSettingsSection, GlobalSettings);
             var inviteUri = new Uri(requestUrl, action);
 
             var emailSubject = Services.TextService.Localize("user", "inviteEmailCopySubject",

From a71529a0583fc357616494d4ce36a1961391e7e6 Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Thu, 27 Jan 2022 17:37:32 +0100
Subject: [PATCH 45/81] V9/feature/merge v8 27012022 (#11915)

* Add allowlist for HelpPage

* Use current request for emails (#11775)

* Use current request for emails

* Fix tests

* Bump version to 8.17.2

* Use Umbraco Path instead of constant

Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>
---
 src/Umbraco.Web.UI/Umbraco.Web.UI.csproj | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj b/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
index 69f812b6e6..e1067f31e3 100644
--- a/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
+++ b/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
@@ -91,8 +91,8 @@
     <Message Text="-CheckPreconditions-" Importance="high" />
     <Message Text="JsonSchemaPath:  $(JsonSchemaPath)" Importance="high" />
     <Message Text="BellePath:       $(BellePath)" Importance="high" />
-
-   <!-- Build Belle, if building is Visual Studio and the build folder does not exist yet -->
+    
+    <!-- Build Belle, if building is Visual Studio and the build folder does not exist yet -->
     <Message Text="Skip Belle because UmbracoBuild is '$(UmbracoBuild)' (this is not Visual Studio)." Importance="High" Condition="'$(UmbracoBuild)' != ''" />
     <Message Text="Skip Belle because $(BellePath) exists." Importance="High" Condition="Exists('$(BellePath)')" />
     <Message Text="Build Belle because UmbracoBuild is empty (this is Visual Studio), and $(BellePath) does not exist." Importance="High" Condition="!Exists('$(BellePath)') and '$(UmbracoBuild)' == ''" />

From 477697a70cd8b10703f6cf428ceb1da47bfad257 Mon Sep 17 00:00:00 2001
From: Lennard Fonteijn <lennard@lennardf1989.com>
Date: Fri, 22 Oct 2021 13:28:18 +0200
Subject: [PATCH 46/81] Removed if-check to allow empty values from blocks

---
 .../common/services/blockeditormodelobject.service.js  | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/src/Umbraco.Web.UI.Client/src/common/services/blockeditormodelobject.service.js b/src/Umbraco.Web.UI.Client/src/common/services/blockeditormodelobject.service.js
index 22baed8472..168abfaa6a 100644
--- a/src/Umbraco.Web.UI.Client/src/common/services/blockeditormodelobject.service.js
+++ b/src/Umbraco.Web.UI.Client/src/common/services/blockeditormodelobject.service.js
@@ -30,9 +30,8 @@
 
                 for (var p = 0; p < tab.properties.length; p++) {
                     var prop = tab.properties[p];
-                    if (dataModel[prop.alias]) {
-                        prop.value = dataModel[prop.alias];
-                    }
+
+                    prop.value = dataModel[prop.alias];
                 }
             }
 
@@ -53,9 +52,8 @@
 
                 for (var p = 0; p < tab.properties.length; p++) {
                     var prop = tab.properties[p];
-                    if (prop.value) {
-                        dataModel[prop.alias] = prop.value;
-                    }
+
+                    dataModel[prop.alias] = prop.value;
                 }
             }
 

From c0dfb3391656589a8c85364bac97f1adfc35921a Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Fri, 28 Jan 2022 12:30:44 +0100
Subject: [PATCH 47/81] Fix importing DocType if parent folder already exists
 (#11885)

* Don't try to create parent folder if it already exists

* Fix typo

Co-authored-by: Elitsa Marinovska <elm@umbraco.dk>
---
 .../Packaging/PackageDataInstallation.cs      | 31 ++++++++++---------
 1 file changed, 16 insertions(+), 15 deletions(-)

diff --git a/src/Umbraco.Infrastructure/Packaging/PackageDataInstallation.cs b/src/Umbraco.Infrastructure/Packaging/PackageDataInstallation.cs
index defea0ea51..790cefe7e9 100644
--- a/src/Umbraco.Infrastructure/Packaging/PackageDataInstallation.cs
+++ b/src/Umbraco.Infrastructure/Packaging/PackageDataInstallation.cs
@@ -575,21 +575,22 @@ namespace Umbraco.Cms.Infrastructure.Packaging
         {
             var importedFolders = new Dictionary<string, int>();
             var trackEntityContainersInstalled = new List<EntityContainer>();
-            foreach (var documentType in unsortedDocumentTypes)
+
+            foreach (XElement documentType in unsortedDocumentTypes)
             {
-                var foldersAttribute = documentType.Attribute("Folders");
-                var infoElement = documentType.Element("Info");
+                XAttribute foldersAttribute = documentType.Attribute("Folders");
+                XElement infoElement = documentType.Element("Info");
                 if (foldersAttribute != null && infoElement != null
-                    //don't import any folder if this is a child doc type - the parent doc type will need to
-                    //exist which contains it's folders
+                    // don't import any folder if this is a child doc type - the parent doc type will need to
+                    // exist which contains it's folders
                     && ((string)infoElement.Element("Master")).IsNullOrWhiteSpace())
                 {
                     var alias = documentType.Element("Info").Element("Alias").Value;
                     var folders = foldersAttribute.Value.Split(Constants.CharArrays.ForwardSlash);
 
-                    var folderKeysAttribute = documentType.Attribute("FolderKeys");
+                    XAttribute folderKeysAttribute = documentType.Attribute("FolderKeys");
 
-                    var folderKeys = Array.Empty<Guid>();
+                    Guid[] folderKeys = Array.Empty<Guid>();
                     if (folderKeysAttribute != null)
                     {
                         folderKeys = folderKeysAttribute.Value.Split(Constants.CharArrays.ForwardSlash).Select(x=>Guid.Parse(x)).ToArray();
@@ -597,22 +598,22 @@ namespace Umbraco.Cms.Infrastructure.Packaging
 
                     var rootFolder = WebUtility.UrlDecode(folders[0]);
 
-                    EntityContainer current;
+                    EntityContainer current = null;
                     Guid? rootFolderKey = null;
                     if (folderKeys.Length == folders.Length && folderKeys.Length > 0)
                     {
                         rootFolderKey = folderKeys[0];
                         current = _contentTypeService.GetContainer(rootFolderKey.Value);
                     }
-                    else
-                    {
-                        //level 1 = root level folders, there can only be one with the same name
-                        current = _contentTypeService.GetContainers(rootFolder, 1).FirstOrDefault();
-                    }
+
+                    // The folder might already exist, but with a different key, so check if it exists, even if there is a key.
+                    // Level 1 = root level folders, there can only be one with the same name
+                    current ??= _contentTypeService.GetContainers(rootFolder, 1).FirstOrDefault();
 
                     if (current == null)
                     {
-                        var tryCreateFolder = _contentTypeService.CreateContainer(-1, rootFolderKey ?? Guid.NewGuid(), rootFolder);
+                        Attempt<OperationResult<OperationResultType, EntityContainer>> tryCreateFolder = _contentTypeService.CreateContainer(-1, rootFolderKey ?? Guid.NewGuid(), rootFolder);
+
                         if (tryCreateFolder == false)
                         {
                             _logger.LogError(tryCreateFolder.Exception, "Could not create folder: {FolderName}", rootFolder);
@@ -644,7 +645,7 @@ namespace Umbraco.Cms.Infrastructure.Packaging
         private EntityContainer CreateContentTypeChildFolder(string folderName, Guid folderKey, IUmbracoEntity current)
         {
             var children = _entityService.GetChildren(current.Id).ToArray();
-            var found = children.Any(x => x.Name.InvariantEquals(folderName) ||x.Key.Equals(folderKey));
+            var found = children.Any(x => x.Name.InvariantEquals(folderName) || x.Key.Equals(folderKey));
             if (found)
             {
                 var containerId = children.Single(x => x.Name.InvariantEquals(folderName)).Id;

From 3167c8b2131754f145d66a2997ce1d5a2cc54688 Mon Sep 17 00:00:00 2001
From: andreymkarandashov <andrey.karandashov@ukad-group.com>
Date: Wed, 9 Jun 2021 10:17:01 +0300
Subject: [PATCH 48/81] encode group name to avoid the issue

---
 .../src/views/content/content.protect.controller.js             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Umbraco.Web.UI.Client/src/views/content/content.protect.controller.js b/src/Umbraco.Web.UI.Client/src/views/content/content.protect.controller.js
index fcd0294849..92efb24e63 100644
--- a/src/Umbraco.Web.UI.Client/src/views/content/content.protect.controller.js
+++ b/src/Umbraco.Web.UI.Client/src/views/content/content.protect.controller.js
@@ -92,7 +92,7 @@
 
         function save() {
             vm.buttonState = "busy";
-            var groups = _.map(vm.groups, function (group) { return group.name; });
+            var groups = _.map(vm.groups, function (group) { return encodeURIComponent(group.name); });
             var usernames = _.map(vm.members, function (member) { return member.username; });
             contentResource.updatePublicAccess(id, groups, usernames, vm.loginPage.id, vm.errorPage.id).then(
                 function () {

From 472cc716c464e39976d64c7f4610fff5303d50b5 Mon Sep 17 00:00:00 2001
From: Bjarne Fyrstenborg <bjarne_fyrstenborg@hotmail.com>
Date: Mon, 31 Jan 2022 02:40:15 +0100
Subject: [PATCH 49/81] Accept zip as extension in local package installer
 (#11109)

* Update ngf-pattern and accept

* Restructure less

* Remove ng-invalid again
---
 .../components/umb-package-local-install.less | 75 ++++++++++---------
 .../views/install-local.controller.js         |  2 +-
 .../views/packages/views/install-local.html   | 16 ++--
 3 files changed, 49 insertions(+), 44 deletions(-)

diff --git a/src/Umbraco.Web.UI.Client/src/less/components/umb-package-local-install.less b/src/Umbraco.Web.UI.Client/src/less/components/umb-package-local-install.less
index ead54ac49f..43f3c5e353 100644
--- a/src/Umbraco.Web.UI.Client/src/less/components/umb-package-local-install.less
+++ b/src/Umbraco.Web.UI.Client/src/less/components/umb-package-local-install.less
@@ -9,44 +9,51 @@
     color: @gray-5;
 }
 
-.umb-upload-local__dropzone {
-    position: relative;
-    width: 500px;
-    height: 300px;
-    border: 2px dashed @ui-action-border;
-    border-radius: 3px;
-    background: @white;
-    display: flex;
-    flex-direction: column;
-    justify-content: center;
-    align-items: center;
-    margin-bottom: 30px;
-    transition: 100ms box-shadow ease, 100ms border ease;
+.umb-upload-local {
 
-    &.drag-over {
-        border-color: @ui-action-border-hover;
-        border-style: solid;
-        box-shadow: 0 3px 8px rgba(0,0,0, .1);
+    &__dropzone {
+        position: relative;
+        width: 500px;
+        height: 300px;
+        border: 2px dashed @ui-action-border;
+        border-radius: 3px;
+        background: @white;
+        display: flex;
+        flex-direction: column;
+        justify-content: center;
+        align-items: center;
+        margin-bottom: 30px;
         transition: 100ms box-shadow ease, 100ms border ease;
+
+        &.drag-over {
+            border-color: @ui-action-border-hover;
+            border-style: solid;
+            box-shadow: 0 3px 8px rgba(0,0,0, .1);
+            transition: 100ms box-shadow ease, 100ms border ease;
+        }
+
+        .umb-icon {
+            display: block;
+            color: @ui-action-type;
+            font-size: 6.75rem;
+            line-height: 1;
+            margin: 0 auto;
+        }
+
+        .umb-info-local-item {
+            margin: 20px;
+        }
     }
 
-    .umb-icon {
-        display: block;
+    &__select-file {
+        font-weight: bold;
         color: @ui-action-type;
-        font-size: 6.75rem;
-        line-height: 1;
-        margin: 0 auto;
-    }
-}
+        cursor: pointer;
 
-.umb-upload-local__select-file {
-    font-weight: bold;
-    color: @ui-action-type;
-    cursor: pointer;
-
-    &:hover {
-        text-decoration: underline;
-        color: @ui-action-type-hover;
+        &:hover {
+            text-decoration: underline;
+            color: @ui-action-type-hover;
+        }
     }
 }
 
@@ -117,7 +124,3 @@
 .umb-info-local-item {
     margin-bottom: 20px;
 }
-
-.umb-upload-local__dropzone .umb-info-local-item {
-    margin:20px;
-}
diff --git a/src/Umbraco.Web.UI.Client/src/views/packages/views/install-local.controller.js b/src/Umbraco.Web.UI.Client/src/views/packages/views/install-local.controller.js
index 0d9341243b..5996ae105c 100644
--- a/src/Umbraco.Web.UI.Client/src/views/packages/views/install-local.controller.js
+++ b/src/Umbraco.Web.UI.Client/src/views/packages/views/install-local.controller.js
@@ -19,7 +19,7 @@
             serverErrorMessage: null
         };
 
-        $scope.handleFiles = function (files, event) {
+        $scope.handleFiles = function (files, event, invalidFiles) {
             if (files) {
                 for (var i = 0; i < files.length; i++) {
                     upload(files[i]);
diff --git a/src/Umbraco.Web.UI.Client/src/views/packages/views/install-local.html b/src/Umbraco.Web.UI.Client/src/views/packages/views/install-local.html
index 3ad15e15b9..4d44af7d6e 100644
--- a/src/Umbraco.Web.UI.Client/src/views/packages/views/install-local.html
+++ b/src/Umbraco.Web.UI.Client/src/views/packages/views/install-local.html
@@ -10,14 +10,15 @@
                 <div ngf-drop
                      ng-hide="hideDropzone"
                      ng-model="filesHolder"
-                     ngf-change="handleFiles($files, $event)"
+                     ngf-change="handleFiles($files, $event, $invalidFiles)"
                      class="umb-upload-local__dropzone"
                      ngf-drag-over-class="'drag-over'"
                      ngf-multiple="false"
                      ngf-allow-dir="false"
-                     ngf-pattern="*.zip"
-                     ngf-max-size="{{ maxFileSize }}"
-                     ng-class="{'is-small': compact!=='false' || (done.length+queue.length) > 0 }">
+                     ngf-max-size="{{maxFileSize}}"
+                     ngf-pattern="'.zip'"
+                     accept=".zip"
+                     ng-class="{ 'is-small': compact !== 'false' || (done.length + queue.length) > 0 }">
 
                     <div class="content" draggable="false">
 
@@ -31,10 +32,11 @@
                         <div class="umb-upload-local__select-file"
                              ngf-select
                              ng-model="filesHolder"
-                             ngf-change="handleFiles($files, $event)"
+                             ngf-change="handleFiles($files, $event, $invalidFiles)"
                              ngf-multiple="true"
-                             ngf-pattern="*.zip"
-                             ngf-max-size="{{ maxFileSize }}">
+                             ngf-max-size="{{maxFileSize}}"
+                             ngf-pattern="'.zip'"
+                             accept=".zip">
                             - <localize key="packager_orClickHereToUpload">or click here to choose files</localize>
                         </div>
 

From 1810cec80a2af07027c9c036c1a126089a840ab4 Mon Sep 17 00:00:00 2001
From: Paul Johnson <pmj@umbraco.com>
Date: Mon, 31 Jan 2022 08:39:33 +0000
Subject: [PATCH 50/81] Simplify registration for ambiguous ctor

ActivatorUtilitiesConstructor respected.
---
 .../DependencyInjection/UmbracoBuilderExtensions.cs          | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilderExtensions.cs b/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilderExtensions.cs
index 46002a6c8d..63027a3c9e 100644
--- a/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilderExtensions.cs
+++ b/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilderExtensions.cs
@@ -130,10 +130,7 @@ namespace Umbraco.Extensions
             this IUmbracoBuilder builder)
         {
             builder.Services.TryAddTransient(sp =>
-            {
-                IUserDataService userDataService = sp.GetRequiredService<IUserDataService>();
-                return ActivatorUtilities.CreateInstance<CurrentUserController>(sp, userDataService);
-            });
+                ActivatorUtilities.CreateInstance<CurrentUserController>(sp));
 
             return builder;
         }

From bdcb5d859e3a2524f8b43ade340dc9ac15e873c4 Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Mon, 31 Jan 2022 10:12:02 +0100
Subject: [PATCH 51/81] Get site name from appsettings if possible

---
 .../Configuration/Models/HostingSettings.cs   |  7 ++++++-
 .../AspNetCoreHostingEnvironment.cs           | 20 +++++++++++++++----
 2 files changed, 22 insertions(+), 5 deletions(-)

diff --git a/src/Umbraco.Core/Configuration/Models/HostingSettings.cs b/src/Umbraco.Core/Configuration/Models/HostingSettings.cs
index b9e11e99ca..cbe1fa6965 100644
--- a/src/Umbraco.Core/Configuration/Models/HostingSettings.cs
+++ b/src/Umbraco.Core/Configuration/Models/HostingSettings.cs
@@ -22,7 +22,7 @@ namespace Umbraco.Cms.Core.Configuration.Models
         /// <summary>
         /// Gets or sets a value for the location of temporary files.
         /// </summary>
-        [DefaultValue(StaticLocalTempStorageLocation)] 
+        [DefaultValue(StaticLocalTempStorageLocation)]
         public LocalTempStorage LocalTempStorageLocation { get; set; } = Enum<LocalTempStorage>.Parse(StaticLocalTempStorageLocation);
 
         /// <summary>
@@ -31,5 +31,10 @@ namespace Umbraco.Cms.Core.Configuration.Models
         /// <value><c>true</c> if [debug mode]; otherwise, <c>false</c>.</value>
         [DefaultValue(StaticDebug)]
         public bool Debug { get; set; } = StaticDebug;
+
+        /// <summary>
+        /// Gets or sets a value specifying the name of the site.
+        /// </summary>
+        public string SiteName { get; set; }
     }
 }
diff --git a/src/Umbraco.Web.Common/AspNetCore/AspNetCoreHostingEnvironment.cs b/src/Umbraco.Web.Common/AspNetCore/AspNetCoreHostingEnvironment.cs
index 9e5919c1e2..13f73e1b41 100644
--- a/src/Umbraco.Web.Common/AspNetCore/AspNetCoreHostingEnvironment.cs
+++ b/src/Umbraco.Web.Common/AspNetCore/AspNetCoreHostingEnvironment.cs
@@ -37,7 +37,16 @@ namespace Umbraco.Cms.Web.Common.AspNetCore
             _webHostEnvironment = webHostEnvironment ?? throw new ArgumentNullException(nameof(webHostEnvironment));
             _urlProviderMode = _webRoutingSettings.CurrentValue.UrlProviderMode;
 
-            SiteName = webHostEnvironment.ApplicationName;
+            SetSiteName(hostingSettings.CurrentValue.SiteName);
+
+            // We have to ensure that the OptionsMonitor is an actual options monitor since we have a hack
+            // where we initially use an OptionsMonitorAdapter, which doesn't implement OnChange.
+            // See summery of OptionsMonitorAdapter for more information.
+            if (hostingSettings is OptionsMonitor<HostingSettings>)
+            {
+                hostingSettings.OnChange(settings => SetSiteName(settings.SiteName));
+            }
+
             ApplicationPhysicalPath = webHostEnvironment.ContentRootPath;
 
             if (_webRoutingSettings.CurrentValue.UmbracoApplicationUrl is not null)
@@ -53,7 +62,7 @@ namespace Umbraco.Cms.Web.Common.AspNetCore
         public Uri ApplicationMainUrl { get; private set; }
 
         /// <inheritdoc/>
-        public string SiteName { get; }
+        public string SiteName { get; private set; }
 
         /// <inheritdoc/>
         public string ApplicationId
@@ -198,7 +207,10 @@ namespace Umbraco.Cms.Web.Common.AspNetCore
                 }
             }
         }
+
+        private void SetSiteName(string siteName) =>
+            SiteName = string.IsNullOrWhiteSpace(siteName)
+                ? _webHostEnvironment.ApplicationName
+                : siteName;
     }
-
-
 }

From 4382868f8248a3e7ce30619a68ab609d9f92dc8c Mon Sep 17 00:00:00 2001
From: Sebastiaan Janssen <sebastiaan@umbraco.com>
Date: Mon, 31 Jan 2022 14:18:55 +0100
Subject: [PATCH 52/81] Upgrade Examine to v1.2.2

---
 build/NuSpecs/UmbracoCms.Web.nuspec        | 2 +-
 src/Umbraco.Examine/Umbraco.Examine.csproj | 2 +-
 src/Umbraco.Tests/Umbraco.Tests.csproj     | 2 +-
 src/Umbraco.Web.UI/Umbraco.Web.UI.csproj   | 2 +-
 src/Umbraco.Web/Umbraco.Web.csproj         | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/build/NuSpecs/UmbracoCms.Web.nuspec b/build/NuSpecs/UmbracoCms.Web.nuspec
index fa7c9b5c17..e0b41f08d8 100644
--- a/build/NuSpecs/UmbracoCms.Web.nuspec
+++ b/build/NuSpecs/UmbracoCms.Web.nuspec
@@ -28,7 +28,7 @@
                 <dependency id="ClientDependency" version="[1.9.9,1.999999)" />
                 <dependency id="ClientDependency-Mvc5" version="[1.9.3,1.999999)" />
                 <dependency id="CSharpTest.Net.Collections" version="[14.906.1403.1082,14.999999)" />
-                <dependency id="Examine" version="[1.2.0,1.999999)" />
+                <dependency id="Examine" version="[1.2.2,1.999999)" />
                 <dependency id="HtmlAgilityPack" version="[1.8.14,1.999999)" />
                 <dependency id="ImageProcessor" version="[2.9.1,2.999999)" />
                 <dependency id="LightInject.Mvc" version="[2.0.0,2.999999)" />
diff --git a/src/Umbraco.Examine/Umbraco.Examine.csproj b/src/Umbraco.Examine/Umbraco.Examine.csproj
index 39fbe927d4..d515361344 100644
--- a/src/Umbraco.Examine/Umbraco.Examine.csproj
+++ b/src/Umbraco.Examine/Umbraco.Examine.csproj
@@ -49,7 +49,7 @@
   </ItemGroup>
   <ItemGroup>
     <!-- note: NuGet deals with transitive references now -->
-    <PackageReference Include="Examine" Version="1.2.0" />
+    <PackageReference Include="Examine" Version="1.2.2" />
     <PackageReference Include="Microsoft.SourceLink.GitHub">
       <Version>1.0.0-beta2-19324-01</Version>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
diff --git a/src/Umbraco.Tests/Umbraco.Tests.csproj b/src/Umbraco.Tests/Umbraco.Tests.csproj
index c106e0206c..48889a0694 100644
--- a/src/Umbraco.Tests/Umbraco.Tests.csproj
+++ b/src/Umbraco.Tests/Umbraco.Tests.csproj
@@ -81,7 +81,7 @@
     <PackageReference Include="AutoFixture.NUnit3" Version="4.17.0" />
     <PackageReference Include="AutoFixture.AutoMoq" Version="4.17.0" />
     <PackageReference Include="Castle.Core" Version="4.4.1" />
-    <PackageReference Include="Examine" Version="1.2.0" />
+    <PackageReference Include="Examine" Version="1.2.2" />
     <PackageReference Include="HtmlAgilityPack">
       <Version>1.8.14</Version>
     </PackageReference>
diff --git a/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj b/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
index 6114a84b2a..92a60682e8 100644
--- a/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
+++ b/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
@@ -88,7 +88,7 @@
     <PackageReference Include="CSharpTest.Net.Collections" Version="14.906.1403.1082" />
     <PackageReference Include="ClientDependency" Version="1.9.9" />
     <PackageReference Include="ClientDependency-Mvc5" Version="1.9.3" />
-    <PackageReference Include="Examine" Version="1.2.0" />
+    <PackageReference Include="Examine" Version="1.2.2" />
     <PackageReference Include="ImageProcessor.Web" Version="4.12.1" />
     <PackageReference Include="ImageProcessor.Web.Config" Version="2.6.0" />
     <PackageReference Include="Microsoft.AspNet.Identity.Owin" Version="2.2.2" />
diff --git a/src/Umbraco.Web/Umbraco.Web.csproj b/src/Umbraco.Web/Umbraco.Web.csproj
index 89317e8f99..d58082ae96 100644
--- a/src/Umbraco.Web/Umbraco.Web.csproj
+++ b/src/Umbraco.Web/Umbraco.Web.csproj
@@ -63,7 +63,7 @@
   <ItemGroup>
     <PackageReference Include="ClientDependency" Version="1.9.9" />
     <PackageReference Include="CSharpTest.Net.Collections" Version="14.906.1403.1082" />
-    <PackageReference Include="Examine" Version="1.2.0" />
+    <PackageReference Include="Examine" Version="1.2.2" />
     <PackageReference Include="HtmlAgilityPack" Version="1.8.14" />
     <PackageReference Include="ImageProcessor">
       <Version>2.9.1</Version>

From 22dd3a214cef510eb5764382b1e209decb1ab5aa Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Mon, 31 Jan 2022 14:39:29 +0100
Subject: [PATCH 53/81] Stop TouchServerTask is registered role accessor is not
 elected

---
 .../RecurringHostedServiceBase.cs             |  3 +-
 .../ServerRegistration/TouchServerTask.cs     | 34 ++++++++++++++++++-
 2 files changed, 35 insertions(+), 2 deletions(-)

diff --git a/src/Umbraco.Infrastructure/HostedServices/RecurringHostedServiceBase.cs b/src/Umbraco.Infrastructure/HostedServices/RecurringHostedServiceBase.cs
index 70dcb3a04e..b6f2b469f6 100644
--- a/src/Umbraco.Infrastructure/HostedServices/RecurringHostedServiceBase.cs
+++ b/src/Umbraco.Infrastructure/HostedServices/RecurringHostedServiceBase.cs
@@ -21,7 +21,7 @@ namespace Umbraco.Cms.Infrastructure.HostedServices
         /// </summary>
         protected static readonly TimeSpan DefaultDelay = TimeSpan.FromMinutes(3);
 
-        private readonly TimeSpan _period;
+        private TimeSpan _period;
         private readonly TimeSpan _delay;
         private Timer _timer;
 
@@ -73,6 +73,7 @@ namespace Umbraco.Cms.Infrastructure.HostedServices
         /// <inheritdoc/>
         public Task StopAsync(CancellationToken cancellationToken)
         {
+            _period = Timeout.InfiniteTimeSpan;
             _timer?.Change(Timeout.Infinite, 0);
             return Task.CompletedTask;
         }
diff --git a/src/Umbraco.Infrastructure/HostedServices/ServerRegistration/TouchServerTask.cs b/src/Umbraco.Infrastructure/HostedServices/ServerRegistration/TouchServerTask.cs
index 282847963f..f650ce9c94 100644
--- a/src/Umbraco.Infrastructure/HostedServices/ServerRegistration/TouchServerTask.cs
+++ b/src/Umbraco.Infrastructure/HostedServices/ServerRegistration/TouchServerTask.cs
@@ -2,13 +2,17 @@
 // See LICENSE for more details.
 
 using System;
+using System.Threading;
 using System.Threading.Tasks;
+using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using Umbraco.Cms.Core;
 using Umbraco.Cms.Core.Configuration.Models;
 using Umbraco.Cms.Core.Hosting;
 using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Sync;
+using Umbraco.Cms.Web.Common.DependencyInjection;
 using Umbraco.Extensions;
 
 namespace Umbraco.Cms.Infrastructure.HostedServices.ServerRegistration
@@ -22,6 +26,7 @@ namespace Umbraco.Cms.Infrastructure.HostedServices.ServerRegistration
         private readonly IServerRegistrationService _serverRegistrationService;
         private readonly IHostingEnvironment _hostingEnvironment;
         private readonly ILogger<TouchServerTask> _logger;
+        private readonly IServerRoleAccessor _serverRoleAccessor;
         private readonly GlobalSettings _globalSettings;
 
         /// <summary>
@@ -37,7 +42,8 @@ namespace Umbraco.Cms.Infrastructure.HostedServices.ServerRegistration
             IServerRegistrationService serverRegistrationService,
             IHostingEnvironment hostingEnvironment,
             ILogger<TouchServerTask> logger,
-            IOptions<GlobalSettings> globalSettings)
+            IOptions<GlobalSettings> globalSettings,
+            IServerRoleAccessor serverRoleAccessor)
             : base(globalSettings.Value.DatabaseServerRegistrar.WaitTimeBetweenCalls, TimeSpan.FromSeconds(15))
         {
             _runtimeState = runtimeState;
@@ -45,6 +51,24 @@ namespace Umbraco.Cms.Infrastructure.HostedServices.ServerRegistration
             _hostingEnvironment = hostingEnvironment;
             _logger = logger;
             _globalSettings = globalSettings.Value;
+            _serverRoleAccessor = serverRoleAccessor;
+        }
+
+        [Obsolete("Use constructor that takes an IServerRoleAccessor")]
+        public TouchServerTask(
+            IRuntimeState runtimeState,
+            IServerRegistrationService serverRegistrationService,
+            IHostingEnvironment hostingEnvironment,
+            ILogger<TouchServerTask> logger,
+            IOptions<GlobalSettings> globalSettings)
+            : this(
+                runtimeState,
+                serverRegistrationService,
+                hostingEnvironment,
+                logger,
+                globalSettings,
+                StaticServiceProvider.Instance.GetRequiredService<IServerRoleAccessor>())
+        {
         }
 
         public override Task PerformExecuteAsync(object state)
@@ -54,6 +78,14 @@ namespace Umbraco.Cms.Infrastructure.HostedServices.ServerRegistration
                 return Task.CompletedTask;
             }
 
+            // If we're the IServerRoleAccessor has been changed away from ElectedServerRoleAccessor
+            // this task no longer makes sense, since all it's used for is to allow the ElectedServerRoleAccessor
+            // to figure out what role a given server has, so we just stop this task.
+            if (_serverRoleAccessor is not ElectedServerRoleAccessor)
+            {
+                return StopAsync(CancellationToken.None);
+            }
+
             var serverAddress = _hostingEnvironment.ApplicationMainUrl?.ToString();
             if (serverAddress.IsNullOrWhiteSpace())
             {

From febdac5713fe7c648bd7824e6614d7956163c60b Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Mon, 31 Jan 2022 14:46:25 +0100
Subject: [PATCH 54/81] Fix tests

---
 .../ServerRegistration/TouchServerTaskTests.cs | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/tests/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/HostedServices/ServerRegistration/TouchServerTaskTests.cs b/tests/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/HostedServices/ServerRegistration/TouchServerTaskTests.cs
index 29b011a5a6..c690f35b7a 100644
--- a/tests/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/HostedServices/ServerRegistration/TouchServerTaskTests.cs
+++ b/tests/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/HostedServices/ServerRegistration/TouchServerTaskTests.cs
@@ -11,6 +11,7 @@ using Umbraco.Cms.Core;
 using Umbraco.Cms.Core.Configuration.Models;
 using Umbraco.Cms.Core.Hosting;
 using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Sync;
 using Umbraco.Cms.Infrastructure.HostedServices.ServerRegistration;
 
 namespace Umbraco.Cms.Tests.UnitTests.Umbraco.Infrastructure.HostedServices.ServerRegistration
@@ -51,7 +52,15 @@ namespace Umbraco.Cms.Tests.UnitTests.Umbraco.Infrastructure.HostedServices.Serv
             VerifyServerTouched();
         }
 
-        private TouchServerTask CreateTouchServerTask(RuntimeLevel runtimeLevel = RuntimeLevel.Run, string applicationUrl = ApplicationUrl)
+        [Test]
+        public async Task Does_Not_Execute_When_Role_Accessor_Is_Not_Elected()
+        {
+            TouchServerTask sut = CreateTouchServerTask(useElection: false);
+            await sut.PerformExecuteAsync(null);
+            VerifyServerNotTouched();
+        }
+
+        private TouchServerTask CreateTouchServerTask(RuntimeLevel runtimeLevel = RuntimeLevel.Run, string applicationUrl = ApplicationUrl, bool useElection = true)
         {
             var mockRequestAccessor = new Mock<IHostingEnvironment>();
             mockRequestAccessor.SetupGet(x => x.ApplicationMainUrl).Returns(!string.IsNullOrEmpty(applicationUrl) ? new Uri(ApplicationUrl) : null);
@@ -71,12 +80,17 @@ namespace Umbraco.Cms.Tests.UnitTests.Umbraco.Infrastructure.HostedServices.Serv
                 }
             };
 
+            IServerRoleAccessor roleAccessor = useElection
+                ? new ElectedServerRoleAccessor(_mockServerRegistrationService.Object)
+                : new SingleServerRoleAccessor();
+
             return new TouchServerTask(
                 mockRunTimeState.Object,
                 _mockServerRegistrationService.Object,
                 mockRequestAccessor.Object,
                 mockLogger.Object,
-                Options.Create(settings));
+                Options.Create(settings),
+                roleAccessor);
         }
 
         private void VerifyServerNotTouched() => VerifyServerTouchedTimes(Times.Never());

From 824bc2ac285651999492378a3c04890d6ca823f8 Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Mon, 31 Jan 2022 14:58:45 +0100
Subject: [PATCH 55/81] Fix word salad in comment

---
 .../HostedServices/ServerRegistration/TouchServerTask.cs      | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Umbraco.Infrastructure/HostedServices/ServerRegistration/TouchServerTask.cs b/src/Umbraco.Infrastructure/HostedServices/ServerRegistration/TouchServerTask.cs
index f650ce9c94..d54d67338e 100644
--- a/src/Umbraco.Infrastructure/HostedServices/ServerRegistration/TouchServerTask.cs
+++ b/src/Umbraco.Infrastructure/HostedServices/ServerRegistration/TouchServerTask.cs
@@ -78,8 +78,8 @@ namespace Umbraco.Cms.Infrastructure.HostedServices.ServerRegistration
                 return Task.CompletedTask;
             }
 
-            // If we're the IServerRoleAccessor has been changed away from ElectedServerRoleAccessor
-            // this task no longer makes sense, since all it's used for is to allow the ElectedServerRoleAccessor
+            // If the IServerRoleAccessor has been changed away from ElectedServerRoleAccessor this task no longer makes sense,
+            // since all it's used for is to allow the ElectedServerRoleAccessor
             // to figure out what role a given server has, so we just stop this task.
             if (_serverRoleAccessor is not ElectedServerRoleAccessor)
             {

From 3af6645ad89a8b541e81284deab9bae765c4b73e Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Mon, 31 Jan 2022 15:02:25 +0100
Subject: [PATCH 56/81] Fix URL with culture (#11886)

* Ignore casing when comparing default culture

* Ignore casing in GetAssignedWithCulture

Co-authored-by: Bjarke Berg <mail@bergmania.dk>
---
 src/Umbraco.Core/Routing/DefaultUrlProvider.cs      | 13 +++++++++----
 .../DomainCacheExtensions.cs                        |  4 +++-
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/src/Umbraco.Core/Routing/DefaultUrlProvider.cs b/src/Umbraco.Core/Routing/DefaultUrlProvider.cs
index ae2c3d7f3a..5c27760b2a 100644
--- a/src/Umbraco.Core/Routing/DefaultUrlProvider.cs
+++ b/src/Umbraco.Core/Routing/DefaultUrlProvider.cs
@@ -134,8 +134,13 @@ namespace Umbraco.Cms.Core.Routing
             return GetUrlFromRoute(route, umbracoContext, content.Id, current, mode, culture);
         }
 
-        internal UrlInfo GetUrlFromRoute(string route, IUmbracoContext umbracoContext, int id, Uri current,
-            UrlMode mode, string culture)
+        internal UrlInfo GetUrlFromRoute(
+            string route,
+            IUmbracoContext umbracoContext,
+            int id,
+            Uri current,
+            UrlMode mode,
+            string culture)
         {
             if (string.IsNullOrWhiteSpace(route))
             {
@@ -149,12 +154,12 @@ namespace Umbraco.Cms.Core.Routing
             // route is /<path> or <domainRootId>/<path>
             var pos = route.IndexOf('/');
             var path = pos == 0 ? route : route.Substring(pos);
-            var domainUri = pos == 0
+            DomainAndUri domainUri = pos == 0
                 ? null
                 : DomainUtilities.DomainForNode(umbracoContext.PublishedSnapshot.Domains, _siteDomainMapper, int.Parse(route.Substring(0, pos), CultureInfo.InvariantCulture), current, culture);
 
             var defaultCulture = _localizationService.GetDefaultLanguageIsoCode();
-            if (domainUri is not null || culture == defaultCulture || string.IsNullOrEmpty(culture))
+            if (domainUri is not null || culture is null || culture.Equals(defaultCulture, StringComparison.InvariantCultureIgnoreCase))
             {
                 var url = AssembleUrl(domainUri, path, current, mode).ToString();
                 return UrlInfo.Url(url, culture);
diff --git a/src/Umbraco.PublishedCache.NuCache/DomainCacheExtensions.cs b/src/Umbraco.PublishedCache.NuCache/DomainCacheExtensions.cs
index 61f10917fd..47cc427217 100644
--- a/src/Umbraco.PublishedCache.NuCache/DomainCacheExtensions.cs
+++ b/src/Umbraco.PublishedCache.NuCache/DomainCacheExtensions.cs
@@ -1,3 +1,4 @@
+using System;
 using System.Linq;
 using Umbraco.Cms.Core.PublishedCache;
 
@@ -9,7 +10,8 @@ namespace Umbraco.Cms.Infrastructure.PublishedCache
         {
             var assigned = domainCache.GetAssigned(documentId, includeWildcards);
 
-            return culture is null ? assigned.Any() : assigned.Any(x => x.Culture == culture);
+            // It's super important that we always compare cultures with ignore case, since we can't be sure of the casing!
+            return culture is null ? assigned.Any() : assigned.Any(x => x.Culture.Equals(culture, StringComparison.InvariantCultureIgnoreCase));
         }
     }
 }

From 924a819baa51c73f7a5795590c66c892b2908e99 Mon Sep 17 00:00:00 2001
From: Sebastiaan Janssen <sebastiaan@umbraco.com>
Date: Mon, 31 Jan 2022 15:39:34 +0100
Subject: [PATCH 57/81] Upgrade ClientDependency to 1.9.10

---
 build/NuSpecs/UmbracoCms.Web.nuspec      | 2 +-
 src/Umbraco.Web.UI/Umbraco.Web.UI.csproj | 2 +-
 src/Umbraco.Web/Umbraco.Web.csproj       | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/build/NuSpecs/UmbracoCms.Web.nuspec b/build/NuSpecs/UmbracoCms.Web.nuspec
index e0b41f08d8..c51890397f 100644
--- a/build/NuSpecs/UmbracoCms.Web.nuspec
+++ b/build/NuSpecs/UmbracoCms.Web.nuspec
@@ -25,7 +25,7 @@
                   not want this to happen as the alpha of the next major is, really, the next major already.
                 -->
                 <dependency id="UmbracoCms.Core" version="[$version$]" />
-                <dependency id="ClientDependency" version="[1.9.9,1.999999)" />
+                <dependency id="ClientDependency" version="[1.9.10,1.999999)" />
                 <dependency id="ClientDependency-Mvc5" version="[1.9.3,1.999999)" />
                 <dependency id="CSharpTest.Net.Collections" version="[14.906.1403.1082,14.999999)" />
                 <dependency id="Examine" version="[1.2.2,1.999999)" />
diff --git a/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj b/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
index 92a60682e8..7367dc4936 100644
--- a/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
+++ b/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
@@ -86,7 +86,7 @@
   </ItemGroup>
   <ItemGroup>
     <PackageReference Include="CSharpTest.Net.Collections" Version="14.906.1403.1082" />
-    <PackageReference Include="ClientDependency" Version="1.9.9" />
+    <PackageReference Include="ClientDependency" Version="1.9.10" />
     <PackageReference Include="ClientDependency-Mvc5" Version="1.9.3" />
     <PackageReference Include="Examine" Version="1.2.2" />
     <PackageReference Include="ImageProcessor.Web" Version="4.12.1" />
diff --git a/src/Umbraco.Web/Umbraco.Web.csproj b/src/Umbraco.Web/Umbraco.Web.csproj
index d58082ae96..248984c330 100644
--- a/src/Umbraco.Web/Umbraco.Web.csproj
+++ b/src/Umbraco.Web/Umbraco.Web.csproj
@@ -61,7 +61,7 @@
     <Reference Include="System.Xml.Linq" />
   </ItemGroup>
   <ItemGroup>
-    <PackageReference Include="ClientDependency" Version="1.9.9" />
+    <PackageReference Include="ClientDependency" Version="1.9.10" />
     <PackageReference Include="CSharpTest.Net.Collections" Version="14.906.1403.1082" />
     <PackageReference Include="Examine" Version="1.2.2" />
     <PackageReference Include="HtmlAgilityPack" Version="1.8.14" />

From ec183e481c4b02997eee5750f4a3aff0aadc32b4 Mon Sep 17 00:00:00 2001
From: Sebastiaan Janssen <sebastiaan@umbraco.com>
Date: Mon, 31 Jan 2022 15:47:51 +0100
Subject: [PATCH 58/81] Bump version to 8.18.0-rc

---
 src/SolutionInfo.cs                      | 6 +++---
 src/Umbraco.Web.UI/Umbraco.Web.UI.csproj | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/SolutionInfo.cs b/src/SolutionInfo.cs
index a8a04a0679..4f9fa93a31 100644
--- a/src/SolutionInfo.cs
+++ b/src/SolutionInfo.cs
@@ -2,7 +2,7 @@
 using System.Resources;
 
 [assembly: AssemblyCompany("Umbraco")]
-[assembly: AssemblyCopyright("Copyright © Umbraco 2021")]
+[assembly: AssemblyCopyright("Copyright © Umbraco 2022")]
 [assembly: AssemblyTrademark("")]
 [assembly: AssemblyCulture("")]
 
@@ -18,5 +18,5 @@ using System.Resources;
 [assembly: AssemblyVersion("8.0.0")]
 
 // these are FYI and changed automatically
-[assembly: AssemblyFileVersion("8.17.2")]
-[assembly: AssemblyInformationalVersion("8.17.2")]
+[assembly: AssemblyFileVersion("8.18.0")]
+[assembly: AssemblyInformationalVersion("8.18.0-rc")]
diff --git a/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj b/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
index 7367dc4936..b733678ec9 100644
--- a/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
+++ b/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
@@ -348,9 +348,9 @@
         <WebProjectProperties>
           <UseIIS>False</UseIIS>
           <AutoAssignPort>True</AutoAssignPort>
-          <DevelopmentServerPort>8172</DevelopmentServerPort>
+          <DevelopmentServerPort>8180</DevelopmentServerPort>
           <DevelopmentServerVPath>/</DevelopmentServerVPath>
-          <IISUrl>http://localhost:8172</IISUrl>
+          <IISUrl>http://localhost:8180</IISUrl>
           <NTLMAuthentication>False</NTLMAuthentication>
           <UseCustomServer>False</UseCustomServer>
           <CustomServerUrl>
@@ -433,4 +433,4 @@
     <Message Text="ConfigFile: $(OriginalFileName) -&gt; $(OutputFileName)" Importance="high" Condition="Exists('$(ModifiedFileName)')" />
     <Copy SourceFiles="$(ModifiedFileName)" DestinationFiles="$(OutputFileName)" OverwriteReadOnlyFiles="true" SkipUnchangedFiles="false" Condition="Exists('$(ModifiedFileName)')" />
   </Target>
-</Project>
+</Project>
\ No newline at end of file

From 9a5bcf290d53f1def9d689831c32c8c4ea3fc6b2 Mon Sep 17 00:00:00 2001
From: Kenn Jacobsen <kja@vertica.dk>
Date: Tue, 1 Feb 2022 01:50:22 +0100
Subject: [PATCH 59/81] Retain mculture when clicking results from global
 search (#7192)

---
 .../src/common/services/navigation.service.js                 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Umbraco.Web.UI.Client/src/common/services/navigation.service.js b/src/Umbraco.Web.UI.Client/src/common/services/navigation.service.js
index c8553ec02a..b586d50d89 100644
--- a/src/Umbraco.Web.UI.Client/src/common/services/navigation.service.js
+++ b/src/Umbraco.Web.UI.Client/src/common/services/navigation.service.js
@@ -259,8 +259,8 @@ function navigationService($routeParams, $location, $q, $injector, eventsService
             var updated = false;
 
             retainedQueryStrings.forEach(r => {
-                // if mculture is set to null in nextRouteParams, the value will be undefined and we will not retain any query string that has a value of "null"
-                if (currRouteParams[r] && nextRouteParams[r] !== undefined && !nextRouteParams[r]) {
+                // testing explicitly for undefined in nextRouteParams here, as it must be possible to "unset" e.g. mculture by specifying a null value
+                if (currRouteParams[r] && nextRouteParams[r] === undefined) {
                     toRetain[r] = currRouteParams[r];
                     updated = true;
                 }

From 158f4d29f6e7854e596d434078eae765d884a0b1 Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Fri, 4 Feb 2022 13:02:19 +0100
Subject: [PATCH 60/81] Bump version to 9.4.0-rc

---
 .../UmbracoPackage/.template.config/template.json         | 2 +-
 .../UmbracoProject/.template.config/template.json         | 2 +-
 src/Directory.Build.props                                 | 8 ++++----
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/build/templates/UmbracoPackage/.template.config/template.json b/build/templates/UmbracoPackage/.template.config/template.json
index 1a4dd16fd7..082f9301bf 100644
--- a/build/templates/UmbracoPackage/.template.config/template.json
+++ b/build/templates/UmbracoPackage/.template.config/template.json
@@ -24,7 +24,7 @@
         "version": {
             "type": "parameter",
             "datatype": "string",
-            "defaultValue": "9.3.0-rc",
+            "defaultValue": "9.4.0-rc",
             "description": "The version of Umbraco to load using NuGet",
             "replaces": "UMBRACO_VERSION_FROM_TEMPLATE"
         },
diff --git a/build/templates/UmbracoProject/.template.config/template.json b/build/templates/UmbracoProject/.template.config/template.json
index fd41de8d1c..810940c4eb 100644
--- a/build/templates/UmbracoProject/.template.config/template.json
+++ b/build/templates/UmbracoProject/.template.config/template.json
@@ -57,7 +57,7 @@
         "version": {
             "type": "parameter",
             "datatype": "string",
-            "defaultValue": "9.3.0-rc",
+            "defaultValue": "9.4.0-rc",
             "description": "The version of Umbraco to load using NuGet",
             "replaces": "UMBRACO_VERSION_FROM_TEMPLATE"
         },
diff --git a/src/Directory.Build.props b/src/Directory.Build.props
index 995c8afebd..68962caef4 100644
--- a/src/Directory.Build.props
+++ b/src/Directory.Build.props
@@ -3,10 +3,10 @@
   <Import Project="$([MSBuild]::GetPathOfFileAbove('Directory.Build.props', '$(MSBuildThisFileDirectory)../'))" />
 
   <PropertyGroup>
-    <Version>9.3.0</Version>
-    <AssemblyVersion>9.3.0</AssemblyVersion>
-    <InformationalVersion>9.3.0-rc</InformationalVersion>
-    <FileVersion>9.3.0</FileVersion>
+    <Version>9.4.0</Version>
+    <AssemblyVersion>9.4.0</AssemblyVersion>
+    <InformationalVersion>9.4.0-rc</InformationalVersion>
+    <FileVersion>9.4.0</FileVersion>
     <LangVersion Condition="'$(LangVersion)' == ''">9.0</LangVersion>
     <NeutralLanguage>en-US</NeutralLanguage>
     <Company>Umbraco CMS</Company>

From 58b75c58aa2116a53760ef090cddbaab55cb180f Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Mon, 7 Feb 2022 09:21:26 +0100
Subject: [PATCH 61/81] Fixes issue with miniprofiler losing the information
 when doing a redirect, e.g. in a successful surfacecontroller call. (#11939)

Now we store the profiler in a cookie on local redirects and pick it up on next request and add it as a child to that profiler
---
 .../Profiler/WebProfiler.cs                   | 45 ++++++++++++++++---
 1 file changed, 39 insertions(+), 6 deletions(-)

diff --git a/src/Umbraco.Web.Common/Profiler/WebProfiler.cs b/src/Umbraco.Web.Common/Profiler/WebProfiler.cs
index 7c5a89fa71..688414b3de 100644
--- a/src/Umbraco.Web.Common/Profiler/WebProfiler.cs
+++ b/src/Umbraco.Web.Common/Profiler/WebProfiler.cs
@@ -1,11 +1,16 @@
 using System;
 using System.Linq;
+using System.Net;
 using System.Threading;
 using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc.ViewFeatures;
+using Microsoft.Extensions.DependencyInjection;
 using StackExchange.Profiling;
+using StackExchange.Profiling.Internal;
 using Umbraco.Cms.Core;
 using Umbraco.Cms.Core.Logging;
 using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Web;
 using Umbraco.Extensions;
 
 namespace Umbraco.Cms.Web.Common.Profiler
@@ -13,6 +18,8 @@ namespace Umbraco.Cms.Web.Common.Profiler
 
     public class WebProfiler : IProfiler
     {
+        private const string WebProfileCookieKey = "umbracoWebProfiler";
+
         public static readonly AsyncLocal<MiniProfiler> MiniProfilerContext = new AsyncLocal<MiniProfiler>(x =>
         {
             _ = x;
@@ -39,7 +46,6 @@ namespace Umbraco.Cms.Web.Common.Profiler
 
         public void Stop(bool discardResults = false) => MiniProfilerContext.Value?.Stop(discardResults);
 
-
         public void UmbracoApplicationBeginRequest(HttpContext context, RuntimeLevel runtimeLevel)
         {
             if (runtimeLevel != RuntimeLevel.Run)
@@ -50,9 +56,13 @@ namespace Umbraco.Cms.Web.Common.Profiler
             if (ShouldProfile(context.Request))
             {
                 Start();
+                ICookieManager cookieManager = GetCookieManager(context);
+                cookieManager.ExpireCookie(WebProfileCookieKey); //Ensure we expire the cookie, so we do not reuse the old potential value saved
             }
         }
 
+        private static ICookieManager GetCookieManager(HttpContext context) => context.RequestServices.GetRequiredService<ICookieManager>();
+
         public void UmbracoApplicationEndRequest(HttpContext context, RuntimeLevel runtimeLevel)
         {
             if (runtimeLevel != RuntimeLevel.Run)
@@ -70,19 +80,42 @@ namespace Umbraco.Cms.Web.Common.Profiler
                     var first = Interlocked.Exchange(ref _first, 1) == 0;
                     if (first)
                     {
-
-                        var startupDuration = _startupProfiler.Root.DurationMilliseconds.GetValueOrDefault();
-                        MiniProfilerContext.Value.DurationMilliseconds += startupDuration;
-                        MiniProfilerContext.Value.GetTimingHierarchy().First().DurationMilliseconds += startupDuration;
-                        MiniProfilerContext.Value.Root.AddChild(_startupProfiler.Root);
+                        AddSubProfiler(_startupProfiler);
 
                         _startupProfiler = null;
                     }
+
+                    ICookieManager cookieManager = GetCookieManager(context);
+                    var cookieValue = cookieManager.GetCookieValue(WebProfileCookieKey);
+
+                    if (cookieValue is not null)
+                    {
+                        AddSubProfiler(MiniProfiler.FromJson(cookieValue));
+                    }
+
+                    //If it is a redirect to a relative path (local redirect)
+                    if (context.Response.StatusCode == (int)HttpStatusCode.Redirect
+                        && context.Response.Headers.TryGetValue(Microsoft.Net.Http.Headers.HeaderNames.Location, out var location)
+                        && !location.Contains("://"))
+                    {
+                        MiniProfilerContext.Value.Root.Name = "Before Redirect";
+                        cookieManager.SetCookieValue(WebProfileCookieKey, MiniProfilerContext.Value.ToJson());
+                    }
+
                 }
 
             }
         }
 
+        private void AddSubProfiler(MiniProfiler subProfiler)
+        {
+            var startupDuration = subProfiler.Root.DurationMilliseconds.GetValueOrDefault();
+            MiniProfilerContext.Value.DurationMilliseconds += startupDuration;
+            MiniProfilerContext.Value.GetTimingHierarchy().First().DurationMilliseconds += startupDuration;
+            MiniProfilerContext.Value.Root.AddChild(subProfiler.Root);
+
+        }
+
         private static bool ShouldProfile(HttpRequest request)
         {
             if (request.IsClientSideRequest()) return false;

From d7fef7cd0cbfe824220b27f3bed0f07bdead64fa Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Mon, 7 Feb 2022 12:09:13 +0100
Subject: [PATCH 62/81] Check blockObject.content for null

---
 .../blockeditormodelobject.service.js         | 34 ++++++++++++++-----
 1 file changed, 26 insertions(+), 8 deletions(-)

diff --git a/src/Umbraco.Web.UI.Client/src/common/services/blockeditormodelobject.service.js b/src/Umbraco.Web.UI.Client/src/common/services/blockeditormodelobject.service.js
index 22baed8472..09c1659775 100644
--- a/src/Umbraco.Web.UI.Client/src/common/services/blockeditormodelobject.service.js
+++ b/src/Umbraco.Web.UI.Client/src/common/services/blockeditormodelobject.service.js
@@ -101,11 +101,30 @@
 
         /**
          * Generate label for Block, uses either the labelInterpolator or falls back to the contentTypeName.
-         * @param {Object} blockObject BlockObject to recive data values from.
+         * @param {Object} blockObject BlockObject to receive data values from.
          */
         function getBlockLabel(blockObject) {
             if (blockObject.labelInterpolator !== undefined) {
-                var labelVars = Object.assign({"$contentTypeName": blockObject.content.contentTypeName, "$settings": blockObject.settingsData || {}, "$layout": blockObject.layout || {}, "$index": (blockObject.index || 0)+1 }, blockObject.data);
+                // blockobject.content may be null if the block is no longer allowed,
+                // so try and fall back to the label in the config,
+                // if that too is null, there's not much we can do, so just default to empty string.
+                var contentTypeName;
+                if(blockObject.content != null){
+                  contentTypeName = blockObject.content.contentTypeName;
+                }
+                else if(blockObject.config != null && blockObject.config.label != null){
+                  contentTypeName = blockObject.config.label;
+                }
+                else {
+                  contentTypeName = "";
+                }
+
+                var labelVars = Object.assign({
+                  "$contentTypeName": contentTypeName,
+                  "$settings": blockObject.settingsData || {},
+                  "$layout": blockObject.layout || {},
+                  "$index": (blockObject.index || 0)+1
+                }, blockObject.data);
                 var label = blockObject.labelInterpolator(labelVars);
                 if (label) {
                     return label;
@@ -511,10 +530,10 @@
              * @methodOf umbraco.services.blockEditorModelObject
              * @description Retrieve a Block Object for the given layout entry.
              * The Block Object offers the necessary data to display and edit a block.
-             * The Block Object setups live syncronization of content and settings models back to the data of your Property Editor model.
-             * The returned object, named ´BlockObject´, contains several usefull models to make editing of this block happen.
+             * The Block Object setups live synchronization of content and settings models back to the data of your Property Editor model.
+             * The returned object, named ´BlockObject´, contains several useful models to make editing of this block happen.
              * The ´BlockObject´ contains the following properties:
-             * - key {string}: runtime generated key, usefull for tracking of this object
+             * - key {string}: runtime generated key, useful for tracking of this object
              * - content {Object}: Content model, the content data in a ElementType model.
              * - settings {Object}: Settings model, the settings data in a ElementType model.
              * - config {Object}: A local deep copy of the block configuration model.
@@ -522,12 +541,11 @@
              * - updateLabel {Method}: Method to trigger an update of the label for this block.
              * - data {Object}: A reference to the content data object from your property editor model.
              * - settingsData {Object}: A reference to the settings data object from your property editor model.
-             * - layout {Object}: A refernce to the layout entry from your property editor model.
+             * - layout {Object}: A reference to the layout entry from your property editor model.
              * @param {Object} layoutEntry the layout entry object to build the block model from.
-             * @return {Object | null} The BlockObject for the given layout entry. Or null if data or configuration wasnt found for this block.
+             * @return {Object | null} The BlockObject for the given layout entry. Or null if data or configuration wasn't found for this block.
              */
             getBlockObject: function (layoutEntry) {
-
                 var contentUdi = layoutEntry.contentUdi;
 
                 var dataModel = getDataByUdi(contentUdi, this.value.contentData);

From 23803a44b7c32c446decceff3794c4bb7d60f327 Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Mon, 7 Feb 2022 14:32:58 +0100
Subject: [PATCH 63/81] Fixed minor issues and added xml docs (#11943)

---
 .../Services/ITwoFactorLoginService.cs        | 41 ++++++++++++++--
 .../Implement/TwoFactorLoginService.cs        | 49 ++++++++++++++++---
 .../Security/TwoFactorValidationProvider.cs   |  2 +-
 3 files changed, 79 insertions(+), 13 deletions(-)

diff --git a/src/Umbraco.Core/Services/ITwoFactorLoginService.cs b/src/Umbraco.Core/Services/ITwoFactorLoginService.cs
index dd11f864fb..33a96ad751 100644
--- a/src/Umbraco.Core/Services/ITwoFactorLoginService.cs
+++ b/src/Umbraco.Core/Services/ITwoFactorLoginService.cs
@@ -5,24 +5,57 @@ using Umbraco.Cms.Core.Models;
 
 namespace Umbraco.Cms.Core.Services
 {
+    /// <summary>
+    /// Service handling 2FA logins.
+    /// </summary>
     public interface ITwoFactorLoginService : IService
     {
         /// <summary>
-        /// Deletes all user logins - normally used when a member is deleted
+        /// Deletes all user logins - normally used when a member is deleted.
         /// </summary>
         Task DeleteUserLoginsAsync(Guid userOrMemberKey);
 
-        Task<bool> IsTwoFactorEnabledAsync(Guid userKey);
-        Task<string> GetSecretForUserAndProviderAsync(Guid userKey, string providerName);
+        /// <summary>
+        /// Checks whether 2FA is enabled for the user or member with the specified key.
+        /// </summary>
+        Task<bool> IsTwoFactorEnabledAsync(Guid userOrMemberKey);
 
+        /// <summary>
+        /// Gets the secret for user or member and a specific provider.
+        /// </summary>
+        Task<string> GetSecretForUserAndProviderAsync(Guid userOrMemberKey, string providerName);
+
+        /// <summary>
+        /// Gets the setup info for a specific user or member and a specific provider.
+        /// </summary>
+        /// <remarks>
+        /// The returned type can be anything depending on the setup providers. You will need to cast it to the type handled by the provider.
+        /// </remarks>
         Task<object> GetSetupInfoAsync(Guid userOrMemberKey, string providerName);
 
+        /// <summary>
+        /// Gets all registered providers names.
+        /// </summary>
         IEnumerable<string> GetAllProviderNames();
+
+        /// <summary>
+        /// Disables the 2FA provider with the specified provider name for the specified user or member.
+        /// </summary>
         Task<bool> DisableAsync(Guid userOrMemberKey, string providerName);
 
+        /// <summary>
+        /// Validates the setup of the provider using the secret and code.
+        /// </summary>
         bool ValidateTwoFactorSetup(string providerName, string secret, string code);
+
+        /// <summary>
+        /// Saves the 2FA login information.
+        /// </summary>
         Task SaveAsync(TwoFactorLogin twoFactorLogin);
+
+        /// <summary>
+        /// Gets all the enabled 2FA providers for the user or member with the specified key.
+        /// </summary>
         Task<IEnumerable<string>> GetEnabledTwoFactorProviderNamesAsync(Guid userOrMemberKey);
     }
-
 }
diff --git a/src/Umbraco.Infrastructure/Services/Implement/TwoFactorLoginService.cs b/src/Umbraco.Infrastructure/Services/Implement/TwoFactorLoginService.cs
index 713a73c1df..cdcc6b19e9 100644
--- a/src/Umbraco.Infrastructure/Services/Implement/TwoFactorLoginService.cs
+++ b/src/Umbraco.Infrastructure/Services/Implement/TwoFactorLoginService.cs
@@ -11,31 +11,41 @@ using Umbraco.Cms.Core.Security;
 
 namespace Umbraco.Cms.Core.Services
 {
+    /// <inheritdoc />
     public class TwoFactorLoginService : ITwoFactorLoginService
     {
         private readonly ITwoFactorLoginRepository _twoFactorLoginRepository;
         private readonly IScopeProvider _scopeProvider;
         private readonly IOptions<IdentityOptions> _identityOptions;
+        private readonly IOptions<BackOfficeIdentityOptions> _backOfficeIdentityOptions;
         private readonly IDictionary<string, ITwoFactorProvider> _twoFactorSetupGenerators;
 
+        /// <summary>
+        /// Initializes a new instance of the <see cref="TwoFactorLoginService"/> class.
+        /// </summary>
         public TwoFactorLoginService(
             ITwoFactorLoginRepository twoFactorLoginRepository,
             IScopeProvider scopeProvider,
             IEnumerable<ITwoFactorProvider> twoFactorSetupGenerators,
-            IOptions<IdentityOptions> identityOptions)
+            IOptions<IdentityOptions> identityOptions,
+            IOptions<BackOfficeIdentityOptions> backOfficeIdentityOptions
+            )
         {
             _twoFactorLoginRepository = twoFactorLoginRepository;
             _scopeProvider = scopeProvider;
             _identityOptions = identityOptions;
-            _twoFactorSetupGenerators = twoFactorSetupGenerators.ToDictionary(x=>x.ProviderName);
+            _backOfficeIdentityOptions = backOfficeIdentityOptions;
+            _twoFactorSetupGenerators = twoFactorSetupGenerators.ToDictionary(x =>x.ProviderName);
         }
 
+        /// <inheritdoc />
         public async Task DeleteUserLoginsAsync(Guid userOrMemberKey)
         {
             using IScope scope = _scopeProvider.CreateScope(autoComplete: true);
             await _twoFactorLoginRepository.DeleteUserLoginsAsync(userOrMemberKey);
         }
 
+        /// <inheritdoc />
         public async Task<IEnumerable<string>> GetEnabledTwoFactorProviderNamesAsync(Guid userOrMemberKey)
         {
             return await GetEnabledProviderNamesAsync(userOrMemberKey);
@@ -47,26 +57,46 @@ namespace Umbraco.Cms.Core.Services
             var providersOnUser = (await _twoFactorLoginRepository.GetByUserOrMemberKeyAsync(userOrMemberKey))
                 .Select(x => x.ProviderName).ToArray();
 
-            return providersOnUser.Where(x => _identityOptions.Value.Tokens.ProviderMap.ContainsKey(x));
+            return providersOnUser.Where(IsKnownProviderName);
         }
 
+        /// <summary>
+        /// The provider needs to be registered as either a member provider or backoffice provider to show up.
+        /// </summary>
+        private bool IsKnownProviderName(string providerName)
+        {
+            if (_identityOptions.Value.Tokens.ProviderMap.ContainsKey(providerName))
+            {
+                return true;
+            }
 
+            if (_backOfficeIdentityOptions.Value.Tokens.ProviderMap.ContainsKey(providerName))
+            {
+                return true;
+            }
+
+            return false;
+        }
+
+        /// <inheritdoc />
         public async Task<bool> IsTwoFactorEnabledAsync(Guid userOrMemberKey)
         {
             return (await GetEnabledProviderNamesAsync(userOrMemberKey)).Any();
         }
 
+        /// <inheritdoc />
         public async Task<string> GetSecretForUserAndProviderAsync(Guid userOrMemberKey, string providerName)
         {
             using IScope scope = _scopeProvider.CreateScope(autoComplete: true);
-            return (await _twoFactorLoginRepository.GetByUserOrMemberKeyAsync(userOrMemberKey)).FirstOrDefault(x=>x.ProviderName == providerName)?.Secret;
+            return (await _twoFactorLoginRepository.GetByUserOrMemberKeyAsync(userOrMemberKey)).FirstOrDefault(x => x.ProviderName == providerName)?.Secret;
         }
 
+        /// <inheritdoc />
         public async Task<object> GetSetupInfoAsync(Guid userOrMemberKey, string providerName)
         {
             var secret = await GetSecretForUserAndProviderAsync(userOrMemberKey, providerName);
 
-            //Dont allow to generate a new secrets if user already has one
+            // Dont allow to generate a new secrets if user already has one
             if (!string.IsNullOrEmpty(secret))
             {
                 return default;
@@ -82,14 +112,17 @@ namespace Umbraco.Cms.Core.Services
             return await generator.GetSetupDataAsync(userOrMemberKey, secret);
         }
 
+        /// <inheritdoc />
         public IEnumerable<string> GetAllProviderNames() => _twoFactorSetupGenerators.Keys;
+
+        /// <inheritdoc />
         public async Task<bool> DisableAsync(Guid userOrMemberKey, string providerName)
         {
             using IScope scope = _scopeProvider.CreateScope(autoComplete: true);
-            return (await _twoFactorLoginRepository.DeleteUserLoginsAsync(userOrMemberKey, providerName));
-
+            return await _twoFactorLoginRepository.DeleteUserLoginsAsync(userOrMemberKey, providerName);
         }
 
+        /// <inheritdoc />
         public bool ValidateTwoFactorSetup(string providerName, string secret, string code)
         {
             if (!_twoFactorSetupGenerators.TryGetValue(providerName, out ITwoFactorProvider generator))
@@ -100,6 +133,7 @@ namespace Umbraco.Cms.Core.Services
             return generator.ValidateTwoFactorSetup(secret, code);
         }
 
+        /// <inheritdoc />
         public Task SaveAsync(TwoFactorLogin twoFactorLogin)
         {
             using IScope scope = _scopeProvider.CreateScope(autoComplete: true);
@@ -108,7 +142,6 @@ namespace Umbraco.Cms.Core.Services
             return Task.CompletedTask;
         }
 
-
         /// <summary>
         /// Generates a new random unique secret.
         /// </summary>
diff --git a/src/Umbraco.Web.Common/Security/TwoFactorValidationProvider.cs b/src/Umbraco.Web.Common/Security/TwoFactorValidationProvider.cs
index 32b3226440..d4272515e5 100644
--- a/src/Umbraco.Web.Common/Security/TwoFactorValidationProvider.cs
+++ b/src/Umbraco.Web.Common/Security/TwoFactorValidationProvider.cs
@@ -15,7 +15,7 @@ namespace Umbraco.Cms.Infrastructure.Security
     public class TwoFactorBackOfficeValidationProvider<TTwoFactorSetupGenerator> : TwoFactorValidationProvider<BackOfficeIdentityUser, TTwoFactorSetupGenerator>
         where TTwoFactorSetupGenerator : ITwoFactorProvider
     {
-        protected TwoFactorBackOfficeValidationProvider(IDataProtectionProvider dataProtectionProvider, IOptions<DataProtectionTokenProviderOptions> options, ILogger<TwoFactorBackOfficeValidationProvider<TTwoFactorSetupGenerator>> logger, ITwoFactorLoginService twoFactorLoginService, TTwoFactorSetupGenerator generator) : base(dataProtectionProvider, options, logger, twoFactorLoginService, generator)
+        public TwoFactorBackOfficeValidationProvider(IDataProtectionProvider dataProtectionProvider, IOptions<DataProtectionTokenProviderOptions> options, ILogger<TwoFactorBackOfficeValidationProvider<TTwoFactorSetupGenerator>> logger, ITwoFactorLoginService twoFactorLoginService, TTwoFactorSetupGenerator generator) : base(dataProtectionProvider, options, logger, twoFactorLoginService, generator)
         {
         }
 

From 0b0182f5507cf646f117aebf0f1338fdf408afa8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20Lyngs=C3=B8?= <niels.lyngso@gmail.com>
Date: Tue, 8 Feb 2022 10:35:06 +0100
Subject: [PATCH 64/81] Apply the Umbraco logo to BackOffice (#11949)

* adding logo as text in replacement of umbraco_logo_white, this will enable existing configuration to continue to work and minimise the breaking change of this PR.

* adjust logo position to fit with logged-in logomark. Allowing for the logo and customised logo to be very wide.

* adding logomark in topbar of backoffice

* login box style

* correction of shadow

* Logo modal, to display more information about the product including linking to the website

* rename to modal

* stop hidden when mouse is out

* Version line without Umbraco

* focus link and use blur as the indication for closing.

* correcting to rgba

* focus and click outside needs a little help to work well

* use @zindexUmbOverlay to ensure right depth going forward.

* adding large logo svg

* append ;

* tidy logo svg file
---
 .../application/umbappheader.directive.js     |  33 +++-
 .../application/umb-app-header.less           |  55 +++++-
 .../src/less/pages/login.less                 |  12 +-
 .../application/umb-app-header.html           | 100 +++++++++--
 .../src/views/errors/BootFailed.html          | 160 +++++++++---------
 .../application/umbraco_logo_large_blue.svg   |  41 +++++
 .../img/application/umbraco_logo_white.svg    |  44 ++++-
 .../application/umbraco_logomark_white.svg    |   3 +
 8 files changed, 344 insertions(+), 104 deletions(-)
 create mode 100644 src/Umbraco.Web.UI/Umbraco/assets/img/application/umbraco_logo_large_blue.svg
 create mode 100644 src/Umbraco.Web.UI/Umbraco/assets/img/application/umbraco_logomark_white.svg

diff --git a/src/Umbraco.Web.UI.Client/src/common/directives/components/application/umbappheader.directive.js b/src/Umbraco.Web.UI.Client/src/common/directives/components/application/umbappheader.directive.js
index b52b0a5763..6cf6dd85f3 100644
--- a/src/Umbraco.Web.UI.Client/src/common/directives/components/application/umbappheader.directive.js
+++ b/src/Umbraco.Web.UI.Client/src/common/directives/components/application/umbappheader.directive.js
@@ -1,9 +1,9 @@
 (function () {
     "use strict";
 
-    function AppHeaderDirective(eventsService, appState, userService, focusService, backdropService, overlayService) {
+    function AppHeaderDirective(eventsService, appState, userService, focusService, overlayService, $timeout) {
 
-        function link(scope, el, attr, ctrl) {
+        function link(scope, element) {
 
             var evts = [];
 
@@ -84,6 +84,35 @@
                 overlayService.open(dialog);
             };
 
+            scope.logoModal = {
+                show: false,
+                text: "",
+                timer: null
+            };
+            scope.showLogoModal = function() {
+                $timeout.cancel(scope.logoModal.timer);
+                scope.logoModal.show = true;
+                scope.logoModal.text = "version "+Umbraco.Sys.ServerVariables.application.version;
+                $timeout(function () {
+                    const anchorLink = element[0].querySelector('.umb-app-header__logo-modal');
+                    if(anchorLink) {
+                        anchorLink.focus();
+                    }
+                });
+            };
+            scope.keepLogoModal = function() {
+                $timeout.cancel(scope.logoModal.timer);
+            };
+            scope.hideLogoModal = function() {
+                $timeout.cancel(scope.logoModal.timer);
+                scope.logoModal.timer = $timeout(function () {
+                    scope.logoModal.show = false;
+                }, 100);
+            };
+            scope.stopClickEvent = function($event) {
+                $event.stopPropagation();
+            };
+
         }
 
         var directive = {
diff --git a/src/Umbraco.Web.UI.Client/src/less/components/application/umb-app-header.less b/src/Umbraco.Web.UI.Client/src/less/components/application/umb-app-header.less
index 68a29df89e..bb346fc402 100644
--- a/src/Umbraco.Web.UI.Client/src/less/components/application/umb-app-header.less
+++ b/src/Umbraco.Web.UI.Client/src/less/components/application/umb-app-header.less
@@ -2,12 +2,65 @@
     background: @blueExtraDark;
     display: flex;
     align-items: center;
-    justify-content: space-between;
     max-width: 100%;
     height: @appHeaderHeight;
     padding: 0 20px;
 }
 
+.umb-app-header__logo {
+    margin-right: 30px;
+    button {
+        img {
+            height: 30px;
+        }
+    }
+}
+
+.umb-app-header__logo-modal {
+    position: absolute;
+    z-index: @zindexUmbOverlay;
+    top: 50px;
+    left: 17px;
+    font-size: 13px;
+
+    border-radius: 6px;
+    
+    width: 160px;
+    padding: 20px 20px;
+    background-color:@white;
+    color: @blueExtraDark;
+    box-shadow: 0 1px 2px 0 rgba(0, 0, 0, .14), 0 1px 6px 1px rgba(0, 0, 0, .14);
+    text-decoration: none;
+
+    text-align: center;
+
+    &::before {
+        content:'';
+        position: absolute;
+        transform: rotate(45deg);
+        background-color:@white;
+        top: -4px;
+        left: 14px;
+        width: 8px;
+        height: 8px;
+    }
+
+    img {
+        display: block;
+        height: auto;
+        width: 120px;
+        margin-left: auto;
+        margin-right: auto;
+        margin-bottom: 3px;
+    }
+}
+
+.umb-app-header__right {
+    display: flex;
+    align-items: center;
+    margin-left: auto;
+}
+
 .umb-app-header__actions {
     display: flex;
     list-style: none;
diff --git a/src/Umbraco.Web.UI.Client/src/less/pages/login.less b/src/Umbraco.Web.UI.Client/src/less/pages/login.less
index cf49af526b..015c291564 100644
--- a/src/Umbraco.Web.UI.Client/src/less/pages/login.less
+++ b/src/Umbraco.Web.UI.Client/src/less/pages/login.less
@@ -28,12 +28,15 @@
 
 .login-overlay__logo {
     position: absolute;
-    top: 22px;
-    left: 25px;
-    width: 30px;
+    top: 12.5px;
+    left: 20px;
+    right: 25px;
     height: 30px;
     z-index: 1;
 }
+.login-overlay__logo img {
+    height: 100%;
+}
 
 .login-overlay .umb-modalcolumn {
     background: none;
@@ -66,7 +69,8 @@
     margin-right: 25px;
     margin-top: auto;
     margin-bottom: auto;
-    border-radius: @baseBorderRadius;
+    border-radius: @doubleBorderRadius;
+    box-shadow: 0 1px 6px 1px rgba(0, 0, 0, 0.12);
 }
 
 .login-overlay .form input[type="text"],
diff --git a/src/Umbraco.Web.UI.Client/src/views/components/application/umb-app-header.html b/src/Umbraco.Web.UI.Client/src/views/components/application/umb-app-header.html
index e0fb4aeb77..98b8d88869 100644
--- a/src/Umbraco.Web.UI.Client/src/views/components/application/umb-app-header.html
+++ b/src/Umbraco.Web.UI.Client/src/views/components/application/umb-app-header.html
@@ -1,34 +1,99 @@
-
 <div>
-
     <div class="umb-app-header">
-        <umb-sections
-            ng-if="authenticated"
-            sections="sections">
-        </umb-sections>
+        <div class="umb-app-header__logo">
+            <button type="button" class="btn-reset" ng-click="showLogoModal()">
+                <img
+                    src="assets/img/application/umbraco_logomark_white.svg"
+                    alt="Umbraco"
+                />
+            </button>
+            <div
+                tabindex="0"
+                on-outside-click="hideLogoModal()"
+                ng-click="stopClickEvent($event)"
+                ng-focus="keepLogoModal()"
+                ng-blur="hideLogoModal()"
+                class="umb-app-header__logo-modal"
+                ng-if="logoModal.show"
+            >
+                <img
+                    src="assets/img/application/umbraco_logo_large_blue.svg"
+                    alt="Umbraco — The Friendly CMS"
+                />
+                <small> {{logoModal.text}} </small>
+                <br /><br />
+                <a
+                    href="https://umbraco.com"
+                    title="Umbraco website"
+                    target="_blank"
+                    rel="noopener"
+                    ng-focus="keepLogoModal()"
+                    ng-blur="hideLogoModal()"
+                    >Umbraco.com</a
+                >
+            </div>
+        </div>
 
-        <div class="flex items-center">
+        <umb-sections ng-if="authenticated" sections="sections"> </umb-sections>
+
+        <div class="umb-app-header__right">
             <ul class="umb-app-header__actions">
                 <li data-element="global-search" class="umb-app-header__action">
-                    <button type="button" class="umb-app-header__button btn-reset" hotkey="ctrl+space" ng-click="searchClick()" ng-mousedown="rememberFocus()" localize="title" title="@general_search">
+                    <button
+                        type="button"
+                        class="umb-app-header__button btn-reset"
+                        hotkey="ctrl+space"
+                        ng-click="searchClick()"
+                        ng-mousedown="rememberFocus()"
+                        localize="title"
+                        title="@general_search"
+                    >
                         <span class="sr-only">
-                            <localize key="visuallyHiddenTexts_openBackofficeSearch">Open backoffice search</localize>...
+                            <localize
+                                key="visuallyHiddenTexts_openBackofficeSearch"
+                                >Open backoffice search</localize
+                            >...
                         </span>
-                        <umb-icon icon="icon-search" class="umb-app-header__action-icon"></umb-icon>
+                        <umb-icon
+                            icon="icon-search"
+                            class="umb-app-header__action-icon"
+                        ></umb-icon>
                     </button>
                 </li>
                 <li data-element="global-help" class="umb-app-header__action">
-                    <button type="button" class="umb-app-header__button btn-reset" hotkey="ctrl+shift+h" ng-click="helpClick()" localize="title" title="@general_help">
+                    <button
+                        type="button"
+                        class="umb-app-header__button btn-reset"
+                        hotkey="ctrl+shift+h"
+                        ng-click="helpClick()"
+                        localize="title"
+                        title="@general_help"
+                    >
                         <span class="sr-only">
-                            <localize key="visuallyHiddenTexts_openCloseBackofficeHelp">Open/Close backoffice help</localize>...
+                            <localize
+                                key="visuallyHiddenTexts_openCloseBackofficeHelp"
+                                >Open/Close backoffice help</localize
+                            >...
                         </span>
-                        <umb-icon icon="icon-help-alt" class="umb-app-header__action-icon"></umb-icon>
+                        <umb-icon
+                            icon="icon-help-alt"
+                            class="umb-app-header__action-icon"
+                        ></umb-icon>
                     </button>
                 </li>
                 <li data-element="global-user" class="umb-app-header__action">
-                   <button type="button" class="umb-app-header__button btn-reset" ng-click="avatarClick()" hotkey="ctrl+shift+u" title="{{user.name}}">
+                    <button
+                        type="button"
+                        class="umb-app-header__button btn-reset"
+                        ng-click="avatarClick()"
+                        hotkey="ctrl+shift+u"
+                        title="{{user.name}}"
+                    >
                         <span class="sr-only">
-                            <localize key="visuallyHiddenTexts_openCloseBackofficeProfileOptions">Open/Close your profile options</localize>...
+                            <localize
+                                key="visuallyHiddenTexts_openCloseBackofficeProfileOptions"
+                                >Open/Close your profile options</localize
+                            >...
                         </span>
                         <umb-avatar
                             class="umb-app-header__action-icon"
@@ -36,13 +101,12 @@
                             color="secondary"
                             name="{{user.name}}"
                             img-src="{{avatar[0].value}}"
-                            img-srcset="{{avatar[1].value}} 2x, {{avatar[2].value}} 3x">
+                            img-srcset="{{avatar[1].value}} 2x, {{avatar[2].value}} 3x"
+                        >
                         </umb-avatar>
                     </button>
                 </li>
             </ul>
         </div>
-
     </div>
-
 </div>
diff --git a/src/Umbraco.Web.UI.Client/src/views/errors/BootFailed.html b/src/Umbraco.Web.UI.Client/src/views/errors/BootFailed.html
index c08627739a..7b91125e09 100644
--- a/src/Umbraco.Web.UI.Client/src/views/errors/BootFailed.html
+++ b/src/Umbraco.Web.UI.Client/src/views/errors/BootFailed.html
@@ -1,79 +1,87 @@
 <!DOCTYPE html>
 <html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Boot Failed</title>
-    <style>
-    @font-face {
-        font-family: Lato;
-        src: local("LatoLatin Regular"), local("LatoLatin-Regular"),
-            url(/umbraco/assets/fonts/lato/LatoLatin-Regular.woff2) format("woff2");
-        font-style: normal;
-        font-weight: 400;
-        font-display: swap;
-        text-rendering: optimizeLegibility;
-    }
-    @font-face {
-        font-family: Lato;
-        src: local("LatoLatin Bold"), local("LatoLatin-Bold"),
-            url(/umbraco/assets/fonts/lato/LatoLatin-Bold.woff2) format("woff2");
-        font-style: normal;
-        font-weight: 700;
-        font-display: swap;
-        text-rendering: optimizeLegibility;
-    }
-    body {
-        background-repeat: no-repeat;
-        background-size: cover;
-        background-position: 50%;
-        background-image: url(/umbraco/assets/img/login.jpg);
-        margin: 0;
-        padding: 0;
-        font-family: Lato, Helvetica Neue, Helvetica, Arial, sans-serif;
-        font-size: 15px;
-        line-height: 20px;
-        color: #000;
-        background-color: #f3f3f5;
-        -webkit-font-smoothing: antialiased;
-        font-smoothing: antialiased;
-        -moz-osx-font-smoothing: grayscale;
-    }
-    .logo {
-        position: absolute;
-        top: 22px;
-        left: 25px;
-        width: 30px;
-        height: 30px;
-        z-index: 1;
-    }
-    .error-container {
-        display: grid;
-        justify-content: center;
-        align-content: center;
-        height: 100vh;
-    }
-    .error {
-        background: #fff;
-        padding: 30px;
-        max-width: 500px;
-        margin: auto 25px;
-        border-radius: 3px;
-    }
-    .error h1 {
-        font-size: 24px;
-        font-weight: 700;
-        margin-bottom: 20px;
-    }
-    </style>
-</head>
-<body>
-<main class="error-container">
-    <img src="/umbraco/assets/img/application/umbraco_logo_white.svg" class="logo">
-    <div class="error">
-        <h1>Boot Failed</h1>
-        <p>Umbraco failed to boot, if you are the owner of the website please see the log file for more details.</p>
-    </div>
-</main>
-</body>
+    <head>
+        <meta charset="UTF-8" />
+        <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+        <title>Boot Failed</title>
+        <style>
+            @font-face {
+                font-family: Lato;
+                src: local("LatoLatin Regular"), local("LatoLatin-Regular"),
+                    url(/umbraco/assets/fonts/lato/LatoLatin-Regular.woff2)
+                        format("woff2");
+                font-style: normal;
+                font-weight: 400;
+                font-display: swap;
+                text-rendering: optimizeLegibility;
+            }
+            @font-face {
+                font-family: Lato;
+                src: local("LatoLatin Bold"), local("LatoLatin-Bold"),
+                    url(/umbraco/assets/fonts/lato/LatoLatin-Bold.woff2)
+                        format("woff2");
+                font-style: normal;
+                font-weight: 700;
+                font-display: swap;
+                text-rendering: optimizeLegibility;
+            }
+            body {
+                background-repeat: no-repeat;
+                background-size: cover;
+                background-position: 50%;
+                background-image: url(/umbraco/assets/img/login.jpg);
+                margin: 0;
+                padding: 0;
+                font-family: Lato, Helvetica Neue, Helvetica, Arial, sans-serif;
+                font-size: 15px;
+                line-height: 20px;
+                color: #000;
+                background-color: #f3f3f5;
+                -webkit-font-smoothing: antialiased;
+                font-smoothing: antialiased;
+                -moz-osx-font-smoothing: grayscale;
+            }
+            .logo {
+                position: absolute;
+                top: 22px;
+                left: 25px;
+                width: 30px;
+                height: 30px;
+                z-index: 1;
+            }
+            .error-container {
+                display: grid;
+                justify-content: center;
+                align-content: center;
+                height: 100vh;
+            }
+            .error {
+                background: #fff;
+                padding: 30px;
+                max-width: 500px;
+                margin: auto 25px;
+                border-radius: 3px;
+            }
+            .error h1 {
+                font-size: 24px;
+                font-weight: 700;
+                margin-bottom: 20px;
+            }
+        </style>
+    </head>
+    <body>
+        <main class="error-container">
+            <img
+                src="/umbraco/assets/img/application/umbraco_logomark_white.svg"
+                class="logo"
+            />
+            <div class="error">
+                <h1>Boot Failed</h1>
+                <p>
+                    Umbraco failed to boot, if you are the owner of the website
+                    please see the log file for more details.
+                </p>
+            </div>
+        </main>
+    </body>
 </html>
diff --git a/src/Umbraco.Web.UI/Umbraco/assets/img/application/umbraco_logo_large_blue.svg b/src/Umbraco.Web.UI/Umbraco/assets/img/application/umbraco_logo_large_blue.svg
new file mode 100644
index 0000000000..95d9bc6084
--- /dev/null
+++ b/src/Umbraco.Web.UI/Umbraco/assets/img/application/umbraco_logo_large_blue.svg
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="utf-8"?>
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 viewBox="0 0 530 627.8" style="enable-background:new 0 0 530 627.8;" xml:space="preserve">
+<style type="text/css">
+	.st0{fill:#3544B1;}
+</style>
+	<path class="st0" d="M21.2,243.5C21.3,108.8,130.6-0.2,265.3,0S509,109.5,508.8,244.1S399.5,487.6,265,487.6
+		C130.3,487.5,21.1,378.3,21.2,243.5L21.2,243.5z M260,327c-18.9,0.6-37.8-1.1-56.3-5c-13.7-2.8-25.1-12-30.8-24.8
+		c-5.5-12.7-8.2-32.3-8-58.8c0.1-13.8,1-27.7,2.6-41.4c1.6-13.4,3.2-24.4,4.8-33.1l1.7-8.6c0-0.3,0-0.5,0-0.8c0-2.4-1.7-4.5-4.1-4.9
+		l-31.5-4.9h-0.7c-2.3,0-4.3,1.6-4.8,3.8c-0.5,2-0.9,3.5-1.8,8.3c-1.8,9.3-3.5,18.3-5.3,31.5c-1.9,14.3-3.1,28.7-3.5,43.1
+		c-0.7,10.1-0.7,20.1,0,30.2c0.7,26.7,5.3,48,13.7,63.9c8.4,16,22.7,27.4,42.8,34.4c20.1,7,48.1,10.4,84,10.3h4.5
+		c35.9,0.1,63.9-3.3,84-10.3s34.3-18.5,42.8-34.4c8.4-16,13-37.3,13.8-63.9c0.7-10.1,0.7-20.1,0-30.2c-0.4-14.4-1.6-28.8-3.5-43.1
+		c-1.8-13-3.5-22-5.3-31.5c-1-4.8-1.3-6.3-1.8-8.3c-0.5-2.2-2.5-3.8-4.8-3.8h-0.8l-31.5,4.9c-2.4,0.4-4.1,2.5-4.1,4.9
+		c0,0.3,0,0.5,0,0.8l1.7,8.6c1.6,8.7,3.2,19.7,4.8,33.1c1.6,13.8,2.5,27.6,2.6,41.4c0.3,26.5-2.4,46-8,58.8
+		c-5.6,12.7-17,22-30.6,24.8c-18.5,3.9-37.4,5.6-56.3,5.1L260,327z"/>
+	<g>
+		<path class="st0" d="M469.1,591.8c0-21.1,6-35.9,30.4-35.9s30.4,14.8,30.4,35.9s-6,35.9-30.4,35.9S469.1,612.9,469.1,591.8z
+			 M514.4,591.8c0-14.7-1.9-23-14.9-23s-14.9,8.4-14.9,23s1.9,23,14.9,23S514.4,606.4,514.4,591.8z"/>
+		<path class="st0" d="M48,625c0.4,0.6,1,1,1.8,1h5.7c1.1,0,2-0.9,2-2v-64.4c0-1.1-0.9-2-2-2H44.1c-1.1,0-2,0.9-2,2v51.1
+			c-4.8,2.7-10.3,4.1-15.9,4c-7.2,0-10.8-3.2-10.8-10.1v-45c0-1.1-0.9-2-2-2H2c-1.1,0-2,0.9-2,2v46.3c0,13.1,6.2,21.8,23.5,21.8
+			c7.9-0.1,15.7-2.6,22.2-7.1l2,4.5L48,625z"/>
+		<path class="st0" d="M175.7,577.7c0-13-6.4-21.8-22.7-21.8c-7.8,0-15.4,2.4-21.9,6.8c-2.9-4.2-8.4-6.8-17.5-6.8
+			c-7.5,0.1-14.7,2.6-20.6,7.1l-2-4.5l0,0c-0.4-0.6-1-1-1.8-1h-5.7c-1.1,0-2,0.9-2,2v64.4c0,1.1,0.9,2,2,2h11.3c1.1,0,2-0.9,2-2v-51
+			c4.3-2.6,9.3-4,14.4-4c6.2,0,9.7,2.3,9.7,8.8V624c0,1.1,0.9,2,2,2h11.3c1.1,0,2-0.9,2-2v-51.1c4.3-2.7,9.3-4.1,14.4-4
+			c6,0,9.7,2.3,9.7,8.8V624c0,1.1,0.9,2,2,2h11.3c1.1,0,2-0.9,2-2L175.7,577.7z"/>
+		<path class="st0" d="M210.7,620.6c6.4,4.8,14.2,7.3,22.2,7.1c20,0,27.4-13.4,27.4-35.9s-7.4-35.9-27.4-35.9
+			c-6.5,0-12.9,1.9-18.4,5.3v-20.7c0-1.1-0.8-2-1.9-2.1c0,0,0,0-0.1,0h-11.4c-1.1,0-2,0.9-2,2V624c0,1.1,0.9,2,2,2h5.7
+			c0.7,0,1.4-0.4,1.8-1l0,0L210.7,620.6z M229.3,614.7c-5.2,0-10.3-1.4-14.8-4v-37.8c4.5-2.6,9.6-4,14.8-4
+			c13.4,0,15.5,10.3,15.5,22.9S242.8,614.7,229.3,614.7L229.3,614.7z"/>
+		<path class="st0" d="M317,569.4c-1.8-0.2-3.5-0.4-5.3-0.3c-6.1-0.3-12.2,1.2-17.5,4.1V624c0,1.1-0.9,2-2,2h-11.3c-1.1,0-2-0.9-2-2
+			v-64.4c0-1.1,0.9-2,2-2h5.7c0.7,0,1.4,0.4,1.8,1l0,0l2,4.5c6.2-4.7,13.8-7.2,21.6-7.1c1.8,0,3.6,0.2,5.4,0.5l0,0
+			c1,0,1.9,1.7,1.9,2.8v8.2c0,1.1-0.9,2-2,2L317,569.4"/>
+		<path class="st0" d="M356.2,594.4c-6.8,0.8-10.8,3.4-10.8,10.5c0,5.2,2.3,10.1,10.5,10.1c5.2,0,10.4-1.5,14.7-4.5v-17.7
+			L356.2,594.4z M374.4,620.6c-5.9,4.6-13.2,7.1-20.7,7.1c-17.7,0-23.5-10.9-23.5-21.9c0-14.8,9.6-21.1,25.1-22.3l15.3-1.2v-3.4
+			c0-7-3.3-9.7-13.4-9.7c-6.4,0-12.7,1.1-18.7,3.1c-0.2,0-0.4,0-0.6,0c-1.1,0-2-0.9-2-2v-9.1c0-0.9,0.5-1.6,1.3-1.9l0,0
+			c6.8-2.3,14-3.4,21.1-3.4c22.5,0,27.6,9.8,27.6,24.4v43.7c0,1.1-0.9,2-2,2h-5.7c-0.7,0-1.4-0.4-1.8-1l0,0L374.4,620.6z"/>
+		<path class="st0" d="M452.4,611.9c0.2,0,0.4,0,0.6,0c1.1,0,2,0.9,2,2v9.1c0,0.8-0.5,1.6-1.2,1.9l0,0c-5.7,2-11.6,3-17.6,2.9
+			c-24.2,0-31.7-14.5-31.7-35.9s7.4-35.9,31.7-35.9c6-0.2,11.9,0.8,17.5,2.8l0,0c0.8,0.3,1.3,1.1,1.3,1.9v9.1c0,1.1-0.9,2-2,2
+			c-0.2,0-0.4,0-0.7,0l0,0c-4.9-1.6-10.1-2.3-15.3-2.2c-13.3,0-17.1,9.1-17.1,22.3s3.8,22.3,17.1,22.3c5.2,0.1,10.3-0.7,15.3-2.3"/>
+	</g>
+</svg>
diff --git a/src/Umbraco.Web.UI/Umbraco/assets/img/application/umbraco_logo_white.svg b/src/Umbraco.Web.UI/Umbraco/assets/img/application/umbraco_logo_white.svg
index b27ae89e91..c0bdbdd40c 100644
--- a/src/Umbraco.Web.UI/Umbraco/assets/img/application/umbraco_logo_white.svg
+++ b/src/Umbraco.Web.UI/Umbraco/assets/img/application/umbraco_logo_white.svg
@@ -1,3 +1,41 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 315.89 315.89">
-  <path fill="#ffffff" d="M0,157.74A157.95,157.95,0,1,1,158,315.89,157.95,157.95,0,0,1,0,157.74Zm154.74,54.09a155.41,155.41,0,0,1-36.5-3.29,27.92,27.92,0,0,1-19.94-16q-5.35-12.34-5.21-38.1a243,243,0,0,1,1.69-26.84q1.55-13,3.09-21.46l1.07-5.59a2,2,0,0,0,0-.49,3.2,3.2,0,0,0-2.65-3.17L75.92,93.67h-.44a3.19,3.19,0,0,0-3.11,2.48c-.35,1.31-.56,2.27-1.17,5.38-1.16,6-2.24,11.85-3.43,20.38a264.17,264.17,0,0,0-2.3,27.94,145.24,145.24,0,0,0,0,19.57q.72,25.94,8.9,41.42t27.72,22.3q19.53,6.81,54.43,6.66h2.91q34.94.15,54.41-6.66t27.71-22.3q8.17-15.53,8.91-41.42a145.24,145.24,0,0,0,0-19.57,266.84,266.84,0,0,0-2.3-27.94c-1.2-8.44-2.27-14.26-3.44-20.38-.61-3.11-.81-4.07-1.16-5.38a3.21,3.21,0,0,0-3.12-2.48h-.52l-20.38,3.18a3.2,3.2,0,0,0-2.68,3.17,4,4,0,0,0,0,.49l1.08,5.59q1.55,8.48,3.12,21.46a245.68,245.68,0,0,1,1.65,26.84q.27,25.69-5.21,38.07a27.9,27.9,0,0,1-19.76,16.07,155.19,155.19,0,0,1-36.48,3.29Z"/>
-</svg>
+<?xml version="1.0" encoding="utf-8"?>
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 viewBox="0 0 1180 316" style="enable-background:new 0 0 1180 316;" xml:space="preserve">
+<style type="text/css">
+	.st0{fill:#FFFFFF;}
+</style>
+<path class="st0" d="M0.2,157.8C0.3,70.6,71.1-0.1,158.3,0.1S316.2,71,316.1,158.2s-70.8,157.7-157.9,157.7
+    C70.8,315.9,0.1,245.1,0.2,157.8L0.2,157.8z M154.9,211.9c-12.3,0.4-24.5-0.7-36.5-3.3c-8.8-1.8-16.3-7.8-19.9-16
+    c-3.6-8.2-5.3-20.9-5.2-38.1c0.1-9,0.6-17.9,1.7-26.8c1-8.7,2.1-15.8,3.1-21.5l1.1-5.6c0-0.2,0-0.3,0-0.5c0-1.6-1.1-2.9-2.6-3.2
+    l-20.4-3.2h-0.4c-1.5,0-2.8,1-3.1,2.5c-0.3,1.3-0.6,2.3-1.2,5.4c-1.2,6-2.2,11.8-3.4,20.4c-1.3,9.3-2,18.6-2.3,27.9
+    c-0.4,6.5-0.4,13,0,19.6c0.5,17.3,3.4,31.1,8.9,41.4c5.5,10.3,14.7,17.8,27.7,22.3c13,4.5,31.2,6.8,54.4,6.7h2.9
+    c23.3,0.1,41.4-2.1,54.4-6.7c13-4.5,22.2-12,27.7-22.3c5.5-10.3,8.4-24.1,8.9-41.4c0.4-6.5,0.4-13,0-19.6
+    c-0.3-9.3-1-18.7-2.3-27.9c-1.2-8.4-2.3-14.3-3.4-20.4c-0.6-3.1-0.8-4.1-1.2-5.4c-0.3-1.4-1.6-2.5-3.1-2.5h-0.5l-20.4,3.2
+    c-1.6,0.3-2.7,1.6-2.7,3.2c0,0.2,0,0.3,0,0.5l1.1,5.6c1,5.6,2.1,12.8,3.1,21.5c1,8.9,1.6,17.9,1.7,26.8
+    c0.2,17.1-1.6,29.8-5.2,38.1c-3.6,8.2-11,14.2-19.8,16.1c-12,2.5-24.2,3.6-36.5,3.3L154.9,211.9z"/>
+<path class="st0" d="M1087.2,168c0-30.4,8.6-51.7,43.8-51.7s43.8,21.3,43.8,51.7s-8.6,51.7-43.8,51.7S1087.2,198.4,1087.2,168
+    L1087.2,168z M1152.5,168c0-21.1-2.7-33.1-21.5-33.1s-21.5,12-21.5,33.1s2.8,33.1,21.5,33.1C1149.8,201.1,1152.5,189.1,1152.5,168
+    z"/>
+<path class="st0" d="M480.4,215.8c0.5,0.9,1.5,1.5,2.5,1.4h8.2c1.6,0,2.9-1.3,2.9-2.9v-92.7c0-1.6-1.3-2.9-2.9-2.9h-16.3
+    c-1.6,0-2.9,1.3-2.9,2.9v73.6c-7,3.9-14.9,5.9-22.8,5.8c-10.4,0-15.6-4.5-15.6-14.6v-64.8c0-1.6-1.3-2.9-2.9-2.9h-16.4
+    c-1.6,0-2.9,1.3-2.9,2.9v66.7c0,18.9,8.9,31.3,33.9,31.3c11.4-0.1,22.6-3.7,32-10.2l2.9,6.5L480.4,215.8z"/>
+<path class="st0" d="M664.5,147.7c0-18.7-9.3-31.4-32.6-31.4c-11.3,0-22.3,3.4-31.6,9.8c-4.1-6.1-12-9.8-25.3-9.8
+    c-10.7,0.2-21.1,3.8-29.7,10.2l-2.9-6.5c-0.5-0.9-1.5-1.5-2.5-1.4h-8.3c-1.6,0-2.9,1.3-2.9,2.9v92.8c0,1.6,1.3,2.9,2.9,2.9h16.3
+    c1.6,0,2.9-1.3,2.9-2.9v-73.5c6.2-3.8,13.4-5.8,20.7-5.8c8.9,0,14,3.3,14,12.6v66.7c0,1.6,1.3,2.9,2.9,2.9h16.3
+    c1.6,0,2.9-1.3,2.9-2.9v-73.6c6.2-3.9,13.4-5.9,20.7-5.8c8.6,0,14,3.3,14,12.6v66.7c0,1.6,1.3,2.9,2.9,2.9h16.3
+    c1.6,0,2.9-1.3,2.9-2.9L664.5,147.7z"/>
+<path class="st0" d="M714.9,209.4c9.3,6.9,20.5,10.5,32,10.2c28.8,0,39.4-19.3,39.4-51.7s-10.7-51.7-39.4-51.7
+    c-9.4,0-18.5,2.7-26.4,7.7V94.2c0-1.6-1.2-2.9-2.8-3c0,0-0.1,0-0.1,0h-16.5c-1.6,0-2.9,1.3-2.9,2.9v120.3c0,1.6,1.3,2.9,2.9,2.9
+    h8.2c1,0,2-0.5,2.5-1.4L714.9,209.4z M741.7,200.9c-7.5,0-14.8-2-21.3-5.8v-54.4c6.5-3.8,13.8-5.8,21.3-5.8
+    c19.3,0,22.3,14.8,22.3,32.9S761.2,200.9,741.7,200.9L741.7,200.9z"/>
+<path class="st0" d="M868,135.7c-2.5-0.3-5.1-0.5-7.7-0.5c-8.8-0.4-17.5,1.7-25.3,5.9v73.2c0,1.6-1.3,2.9-2.9,2.9h-16.3
+    c-1.6,0-2.9-1.3-2.9-2.9v-92.7c0-1.6,1.3-2.9,2.9-2.9h8.2c1,0,2,0.5,2.5,1.4l2.9,6.5c8.9-6.8,19.9-10.4,31.2-10.2
+    c2.6,0,5.2,0.2,7.7,0.6c1.4,0,2.7,2.4,2.7,4v11.8c0,1.6-1.3,2.9-2.9,2.9h-0.2"/>
+<path class="st0" d="M924.6,171.8c-9.8,1.2-15.6,4.9-15.6,15.2c0,7.5,3.3,14.6,15.2,14.6c7.5,0.1,14.9-2.2,21.1-6.5v-25.5
+    L924.6,171.8z M950.7,209.4c-8.5,6.7-19,10.3-29.8,10.2c-25.5,0-33.9-15.8-33.9-31.6c0-21.3,13.8-30.4,36.1-32.1l22.1-1.8v-4.9
+    c0-10.1-4.7-14-19.3-14c-9.2,0-18.3,1.5-26.9,4.5c-0.3,0-0.6,0-0.9,0c-1.6,0-2.9-1.3-2.9-2.9v-13.1c0-1.2,0.7-2.4,1.9-2.8
+    c9.8-3.3,20.1-5,30.5-4.9c32.3,0,39.8,14.2,39.8,35.1v62.9c0,1.6-1.3,2.9-2.9,2.9h-8.2c-1,0-2-0.5-2.5-1.4L950.7,209.4z"/>
+<path class="st0" d="M1063,197c0.3,0,0.6,0,0.9,0c1.6,0,2.9,1.3,2.9,2.9v13.1c0,1.2-0.7,2.3-1.8,2.7c-8.1,2.9-16.7,4.3-25.4,4.1
+    c-34.9,0-45.7-20.9-45.7-51.7s10.7-51.7,45.7-51.7c8.6-0.2,17.1,1.1,25.2,4c1.1,0.4,1.9,1.5,1.8,2.7v13.1c0,1.6-1.3,2.9-2.9,2.9
+    c-0.3,0-0.6,0-0.9,0c-7.1-2.2-14.6-3.3-22-3.1c-19.1,0-24.7,13.1-24.7,32.2s5.5,32.1,24.7,32.1c7.5,0.1,14.9-1,22-3.3"/>
+</svg>
diff --git a/src/Umbraco.Web.UI/Umbraco/assets/img/application/umbraco_logomark_white.svg b/src/Umbraco.Web.UI/Umbraco/assets/img/application/umbraco_logomark_white.svg
new file mode 100644
index 0000000000..b27ae89e91
--- /dev/null
+++ b/src/Umbraco.Web.UI/Umbraco/assets/img/application/umbraco_logomark_white.svg
@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 315.89 315.89">
+  <path fill="#ffffff" d="M0,157.74A157.95,157.95,0,1,1,158,315.89,157.95,157.95,0,0,1,0,157.74Zm154.74,54.09a155.41,155.41,0,0,1-36.5-3.29,27.92,27.92,0,0,1-19.94-16q-5.35-12.34-5.21-38.1a243,243,0,0,1,1.69-26.84q1.55-13,3.09-21.46l1.07-5.59a2,2,0,0,0,0-.49,3.2,3.2,0,0,0-2.65-3.17L75.92,93.67h-.44a3.19,3.19,0,0,0-3.11,2.48c-.35,1.31-.56,2.27-1.17,5.38-1.16,6-2.24,11.85-3.43,20.38a264.17,264.17,0,0,0-2.3,27.94,145.24,145.24,0,0,0,0,19.57q.72,25.94,8.9,41.42t27.72,22.3q19.53,6.81,54.43,6.66h2.91q34.94.15,54.41-6.66t27.71-22.3q8.17-15.53,8.91-41.42a145.24,145.24,0,0,0,0-19.57,266.84,266.84,0,0,0-2.3-27.94c-1.2-8.44-2.27-14.26-3.44-20.38-.61-3.11-.81-4.07-1.16-5.38a3.21,3.21,0,0,0-3.12-2.48h-.52l-20.38,3.18a3.2,3.2,0,0,0-2.68,3.17,4,4,0,0,0,0,.49l1.08,5.59q1.55,8.48,3.12,21.46a245.68,245.68,0,0,1,1.65,26.84q.27,25.69-5.21,38.07a27.9,27.9,0,0,1-19.76,16.07,155.19,155.19,0,0,1-36.48,3.29Z"/>
+</svg>

From b89cd86d850c2cc3e817b0ee78d9b190fd19f11f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20Lyngs=C3=B8?= <niels.lyngso@gmail.com>
Date: Tue, 8 Feb 2022 10:35:06 +0100
Subject: [PATCH 65/81] Apply the Umbraco logo to BackOffice (#11949)

* adding logo as text in replacement of umbraco_logo_white, this will enable existing configuration to continue to work and minimise the breaking change of this PR.

* adjust logo position to fit with logged-in logomark. Allowing for the logo and customised logo to be very wide.

* adding logomark in topbar of backoffice

* login box style

* correction of shadow

* Logo modal, to display more information about the product including linking to the website

* rename to modal

* stop hidden when mouse is out

* Version line without Umbraco

* focus link and use blur as the indication for closing.

* correcting to rgba

* focus and click outside needs a little help to work well

* use @zindexUmbOverlay to ensure right depth going forward.

* adding large logo svg

* append ;

* tidy logo svg file
---
 .../application/umbraco_logo_large_blue.svg   |  41 +++++
 .../img/application/umbraco_logo_white.svg    |  44 ++++-
 .../application/umbraco_logomark_white.svg    |   3 +
 .../application/umbappheader.directive.js     |  33 +++-
 .../application/umb-app-header.less           |  55 +++++-
 .../src/less/pages/login.less                 |  13 +-
 .../application/umb-app-header.html           | 100 +++++++++--
 .../src/views/errors/BootFailed.html          | 160 +++++++++---------
 8 files changed, 343 insertions(+), 106 deletions(-)
 create mode 100644 src/Umbraco.Web.UI.Client/src/assets/img/application/umbraco_logo_large_blue.svg
 create mode 100644 src/Umbraco.Web.UI.Client/src/assets/img/application/umbraco_logomark_white.svg

diff --git a/src/Umbraco.Web.UI.Client/src/assets/img/application/umbraco_logo_large_blue.svg b/src/Umbraco.Web.UI.Client/src/assets/img/application/umbraco_logo_large_blue.svg
new file mode 100644
index 0000000000..ce15dd3092
--- /dev/null
+++ b/src/Umbraco.Web.UI.Client/src/assets/img/application/umbraco_logo_large_blue.svg
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="utf-8"?>
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 viewBox="0 0 530 627.8" style="enable-background:new 0 0 530 627.8;" xml:space="preserve">
+<style type="text/css">
+	.st0{fill:#3544B1;}
+</style>
+	<path class="st0" d="M21.2,243.5C21.3,108.8,130.6-0.2,265.3,0S509,109.5,508.8,244.1S399.5,487.6,265,487.6
+		C130.3,487.5,21.1,378.3,21.2,243.5L21.2,243.5z M260,327c-18.9,0.6-37.8-1.1-56.3-5c-13.7-2.8-25.1-12-30.8-24.8
+		c-5.5-12.7-8.2-32.3-8-58.8c0.1-13.8,1-27.7,2.6-41.4c1.6-13.4,3.2-24.4,4.8-33.1l1.7-8.6c0-0.3,0-0.5,0-0.8c0-2.4-1.7-4.5-4.1-4.9
+		l-31.5-4.9h-0.7c-2.3,0-4.3,1.6-4.8,3.8c-0.5,2-0.9,3.5-1.8,8.3c-1.8,9.3-3.5,18.3-5.3,31.5c-1.9,14.3-3.1,28.7-3.5,43.1
+		c-0.7,10.1-0.7,20.1,0,30.2c0.7,26.7,5.3,48,13.7,63.9c8.4,16,22.7,27.4,42.8,34.4c20.1,7,48.1,10.4,84,10.3h4.5
+		c35.9,0.1,63.9-3.3,84-10.3s34.3-18.5,42.8-34.4c8.4-16,13-37.3,13.8-63.9c0.7-10.1,0.7-20.1,0-30.2c-0.4-14.4-1.6-28.8-3.5-43.1
+		c-1.8-13-3.5-22-5.3-31.5c-1-4.8-1.3-6.3-1.8-8.3c-0.5-2.2-2.5-3.8-4.8-3.8h-0.8l-31.5,4.9c-2.4,0.4-4.1,2.5-4.1,4.9
+		c0,0.3,0,0.5,0,0.8l1.7,8.6c1.6,8.7,3.2,19.7,4.8,33.1c1.6,13.8,2.5,27.6,2.6,41.4c0.3,26.5-2.4,46-8,58.8
+		c-5.6,12.7-17,22-30.6,24.8c-18.5,3.9-37.4,5.6-56.3,5.1L260,327z"/>
+	<g>
+		<path class="st0" d="M469.1,591.8c0-21.1,6-35.9,30.4-35.9s30.4,14.8,30.4,35.9s-6,35.9-30.4,35.9S469.1,612.9,469.1,591.8z
+			 M514.4,591.8c0-14.7-1.9-23-14.9-23s-14.9,8.4-14.9,23s1.9,23,14.9,23S514.4,606.4,514.4,591.8z"/>
+		<path class="st0" d="M48,625c0.4,0.6,1,1,1.8,1h5.7c1.1,0,2-0.9,2-2v-64.4c0-1.1-0.9-2-2-2H44.1c-1.1,0-2,0.9-2,2v51.1
+			c-4.8,2.7-10.3,4.1-15.9,4c-7.2,0-10.8-3.2-10.8-10.1v-45c0-1.1-0.9-2-2-2H2c-1.1,0-2,0.9-2,2v46.3c0,13.1,6.2,21.8,23.5,21.8
+			c7.9-0.1,15.7-2.6,22.2-7.1l2,4.5L48,625z"/>
+		<path class="st0" d="M175.7,577.7c0-13-6.4-21.8-22.7-21.8c-7.8,0-15.4,2.4-21.9,6.8c-2.9-4.2-8.4-6.8-17.5-6.8
+			c-7.5,0.1-14.7,2.6-20.6,7.1l-2-4.5l0,0c-0.4-0.6-1-1-1.8-1h-5.7c-1.1,0-2,0.9-2,2v64.4c0,1.1,0.9,2,2,2h11.3c1.1,0,2-0.9,2-2v-51
+			c4.3-2.6,9.3-4,14.4-4c6.2,0,9.7,2.3,9.7,8.8V624c0,1.1,0.9,2,2,2h11.3c1.1,0,2-0.9,2-2v-51.1c4.3-2.7,9.3-4.1,14.4-4
+			c6,0,9.7,2.3,9.7,8.8V624c0,1.1,0.9,2,2,2h11.3c1.1,0,2-0.9,2-2L175.7,577.7z"/>
+		<path class="st0" d="M210.7,620.6c6.4,4.8,14.2,7.3,22.2,7.1c20,0,27.4-13.4,27.4-35.9s-7.4-35.9-27.4-35.9
+			c-6.5,0-12.9,1.9-18.4,5.3v-20.7c0-1.1-0.8-2-1.9-2.1c0,0,0,0-0.1,0h-11.4c-1.1,0-2,0.9-2,2V624c0,1.1,0.9,2,2,2h5.7
+			c0.7,0,1.4-0.4,1.8-1l0,0L210.7,620.6z M229.3,614.7c-5.2,0-10.3-1.4-14.8-4v-37.8c4.5-2.6,9.6-4,14.8-4
+			c13.4,0,15.5,10.3,15.5,22.9S242.8,614.7,229.3,614.7L229.3,614.7z"/>
+		<path class="st0" d="M317,569.4c-1.8-0.2-3.5-0.4-5.3-0.3c-6.1-0.3-12.2,1.2-17.5,4.1V624c0,1.1-0.9,2-2,2h-11.3c-1.1,0-2-0.9-2-2
+			v-64.4c0-1.1,0.9-2,2-2h5.7c0.7,0,1.4,0.4,1.8,1l0,0l2,4.5c6.2-4.7,13.8-7.2,21.6-7.1c1.8,0,3.6,0.2,5.4,0.5l0,0
+			c1,0,1.9,1.7,1.9,2.8v8.2c0,1.1-0.9,2-2,2L317,569.4"/>
+		<path class="st0" d="M356.2,594.4c-6.8,0.8-10.8,3.4-10.8,10.5c0,5.2,2.3,10.1,10.5,10.1c5.2,0,10.4-1.5,14.7-4.5v-17.7
+			L356.2,594.4z M374.4,620.6c-5.9,4.6-13.2,7.1-20.7,7.1c-17.7,0-23.5-10.9-23.5-21.9c0-14.8,9.6-21.1,25.1-22.3l15.3-1.2v-3.4
+			c0-7-3.3-9.7-13.4-9.7c-6.4,0-12.7,1.1-18.7,3.1c-0.2,0-0.4,0-0.6,0c-1.1,0-2-0.9-2-2v-9.1c0-0.9,0.5-1.6,1.3-1.9l0,0
+			c6.8-2.3,14-3.4,21.1-3.4c22.5,0,27.6,9.8,27.6,24.4v43.7c0,1.1-0.9,2-2,2h-5.7c-0.7,0-1.4-0.4-1.8-1l0,0L374.4,620.6z"/>
+		<path class="st0" d="M452.4,611.9c0.2,0,0.4,0,0.6,0c1.1,0,2,0.9,2,2v9.1c0,0.8-0.5,1.6-1.2,1.9l0,0c-5.7,2-11.6,3-17.6,2.9
+			c-24.2,0-31.7-14.5-31.7-35.9s7.4-35.9,31.7-35.9c6-0.2,11.9,0.8,17.5,2.8l0,0c0.8,0.3,1.3,1.1,1.3,1.9v9.1c0,1.1-0.9,2-2,2
+			c-0.2,0-0.4,0-0.7,0l0,0c-4.9-1.6-10.1-2.3-15.3-2.2c-13.3,0-17.1,9.1-17.1,22.3s3.8,22.3,17.1,22.3c5.2,0.1,10.3-0.7,15.3-2.3"/>
+	</g>
+</svg>
diff --git a/src/Umbraco.Web.UI.Client/src/assets/img/application/umbraco_logo_white.svg b/src/Umbraco.Web.UI.Client/src/assets/img/application/umbraco_logo_white.svg
index b27ae89e91..c0bdbdd40c 100644
--- a/src/Umbraco.Web.UI.Client/src/assets/img/application/umbraco_logo_white.svg
+++ b/src/Umbraco.Web.UI.Client/src/assets/img/application/umbraco_logo_white.svg
@@ -1,3 +1,41 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 315.89 315.89">
-  <path fill="#ffffff" d="M0,157.74A157.95,157.95,0,1,1,158,315.89,157.95,157.95,0,0,1,0,157.74Zm154.74,54.09a155.41,155.41,0,0,1-36.5-3.29,27.92,27.92,0,0,1-19.94-16q-5.35-12.34-5.21-38.1a243,243,0,0,1,1.69-26.84q1.55-13,3.09-21.46l1.07-5.59a2,2,0,0,0,0-.49,3.2,3.2,0,0,0-2.65-3.17L75.92,93.67h-.44a3.19,3.19,0,0,0-3.11,2.48c-.35,1.31-.56,2.27-1.17,5.38-1.16,6-2.24,11.85-3.43,20.38a264.17,264.17,0,0,0-2.3,27.94,145.24,145.24,0,0,0,0,19.57q.72,25.94,8.9,41.42t27.72,22.3q19.53,6.81,54.43,6.66h2.91q34.94.15,54.41-6.66t27.71-22.3q8.17-15.53,8.91-41.42a145.24,145.24,0,0,0,0-19.57,266.84,266.84,0,0,0-2.3-27.94c-1.2-8.44-2.27-14.26-3.44-20.38-.61-3.11-.81-4.07-1.16-5.38a3.21,3.21,0,0,0-3.12-2.48h-.52l-20.38,3.18a3.2,3.2,0,0,0-2.68,3.17,4,4,0,0,0,0,.49l1.08,5.59q1.55,8.48,3.12,21.46a245.68,245.68,0,0,1,1.65,26.84q.27,25.69-5.21,38.07a27.9,27.9,0,0,1-19.76,16.07,155.19,155.19,0,0,1-36.48,3.29Z"/>
-</svg>
+<?xml version="1.0" encoding="utf-8"?>
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 viewBox="0 0 1180 316" style="enable-background:new 0 0 1180 316;" xml:space="preserve">
+<style type="text/css">
+	.st0{fill:#FFFFFF;}
+</style>
+<path class="st0" d="M0.2,157.8C0.3,70.6,71.1-0.1,158.3,0.1S316.2,71,316.1,158.2s-70.8,157.7-157.9,157.7
+    C70.8,315.9,0.1,245.1,0.2,157.8L0.2,157.8z M154.9,211.9c-12.3,0.4-24.5-0.7-36.5-3.3c-8.8-1.8-16.3-7.8-19.9-16
+    c-3.6-8.2-5.3-20.9-5.2-38.1c0.1-9,0.6-17.9,1.7-26.8c1-8.7,2.1-15.8,3.1-21.5l1.1-5.6c0-0.2,0-0.3,0-0.5c0-1.6-1.1-2.9-2.6-3.2
+    l-20.4-3.2h-0.4c-1.5,0-2.8,1-3.1,2.5c-0.3,1.3-0.6,2.3-1.2,5.4c-1.2,6-2.2,11.8-3.4,20.4c-1.3,9.3-2,18.6-2.3,27.9
+    c-0.4,6.5-0.4,13,0,19.6c0.5,17.3,3.4,31.1,8.9,41.4c5.5,10.3,14.7,17.8,27.7,22.3c13,4.5,31.2,6.8,54.4,6.7h2.9
+    c23.3,0.1,41.4-2.1,54.4-6.7c13-4.5,22.2-12,27.7-22.3c5.5-10.3,8.4-24.1,8.9-41.4c0.4-6.5,0.4-13,0-19.6
+    c-0.3-9.3-1-18.7-2.3-27.9c-1.2-8.4-2.3-14.3-3.4-20.4c-0.6-3.1-0.8-4.1-1.2-5.4c-0.3-1.4-1.6-2.5-3.1-2.5h-0.5l-20.4,3.2
+    c-1.6,0.3-2.7,1.6-2.7,3.2c0,0.2,0,0.3,0,0.5l1.1,5.6c1,5.6,2.1,12.8,3.1,21.5c1,8.9,1.6,17.9,1.7,26.8
+    c0.2,17.1-1.6,29.8-5.2,38.1c-3.6,8.2-11,14.2-19.8,16.1c-12,2.5-24.2,3.6-36.5,3.3L154.9,211.9z"/>
+<path class="st0" d="M1087.2,168c0-30.4,8.6-51.7,43.8-51.7s43.8,21.3,43.8,51.7s-8.6,51.7-43.8,51.7S1087.2,198.4,1087.2,168
+    L1087.2,168z M1152.5,168c0-21.1-2.7-33.1-21.5-33.1s-21.5,12-21.5,33.1s2.8,33.1,21.5,33.1C1149.8,201.1,1152.5,189.1,1152.5,168
+    z"/>
+<path class="st0" d="M480.4,215.8c0.5,0.9,1.5,1.5,2.5,1.4h8.2c1.6,0,2.9-1.3,2.9-2.9v-92.7c0-1.6-1.3-2.9-2.9-2.9h-16.3
+    c-1.6,0-2.9,1.3-2.9,2.9v73.6c-7,3.9-14.9,5.9-22.8,5.8c-10.4,0-15.6-4.5-15.6-14.6v-64.8c0-1.6-1.3-2.9-2.9-2.9h-16.4
+    c-1.6,0-2.9,1.3-2.9,2.9v66.7c0,18.9,8.9,31.3,33.9,31.3c11.4-0.1,22.6-3.7,32-10.2l2.9,6.5L480.4,215.8z"/>
+<path class="st0" d="M664.5,147.7c0-18.7-9.3-31.4-32.6-31.4c-11.3,0-22.3,3.4-31.6,9.8c-4.1-6.1-12-9.8-25.3-9.8
+    c-10.7,0.2-21.1,3.8-29.7,10.2l-2.9-6.5c-0.5-0.9-1.5-1.5-2.5-1.4h-8.3c-1.6,0-2.9,1.3-2.9,2.9v92.8c0,1.6,1.3,2.9,2.9,2.9h16.3
+    c1.6,0,2.9-1.3,2.9-2.9v-73.5c6.2-3.8,13.4-5.8,20.7-5.8c8.9,0,14,3.3,14,12.6v66.7c0,1.6,1.3,2.9,2.9,2.9h16.3
+    c1.6,0,2.9-1.3,2.9-2.9v-73.6c6.2-3.9,13.4-5.9,20.7-5.8c8.6,0,14,3.3,14,12.6v66.7c0,1.6,1.3,2.9,2.9,2.9h16.3
+    c1.6,0,2.9-1.3,2.9-2.9L664.5,147.7z"/>
+<path class="st0" d="M714.9,209.4c9.3,6.9,20.5,10.5,32,10.2c28.8,0,39.4-19.3,39.4-51.7s-10.7-51.7-39.4-51.7
+    c-9.4,0-18.5,2.7-26.4,7.7V94.2c0-1.6-1.2-2.9-2.8-3c0,0-0.1,0-0.1,0h-16.5c-1.6,0-2.9,1.3-2.9,2.9v120.3c0,1.6,1.3,2.9,2.9,2.9
+    h8.2c1,0,2-0.5,2.5-1.4L714.9,209.4z M741.7,200.9c-7.5,0-14.8-2-21.3-5.8v-54.4c6.5-3.8,13.8-5.8,21.3-5.8
+    c19.3,0,22.3,14.8,22.3,32.9S761.2,200.9,741.7,200.9L741.7,200.9z"/>
+<path class="st0" d="M868,135.7c-2.5-0.3-5.1-0.5-7.7-0.5c-8.8-0.4-17.5,1.7-25.3,5.9v73.2c0,1.6-1.3,2.9-2.9,2.9h-16.3
+    c-1.6,0-2.9-1.3-2.9-2.9v-92.7c0-1.6,1.3-2.9,2.9-2.9h8.2c1,0,2,0.5,2.5,1.4l2.9,6.5c8.9-6.8,19.9-10.4,31.2-10.2
+    c2.6,0,5.2,0.2,7.7,0.6c1.4,0,2.7,2.4,2.7,4v11.8c0,1.6-1.3,2.9-2.9,2.9h-0.2"/>
+<path class="st0" d="M924.6,171.8c-9.8,1.2-15.6,4.9-15.6,15.2c0,7.5,3.3,14.6,15.2,14.6c7.5,0.1,14.9-2.2,21.1-6.5v-25.5
+    L924.6,171.8z M950.7,209.4c-8.5,6.7-19,10.3-29.8,10.2c-25.5,0-33.9-15.8-33.9-31.6c0-21.3,13.8-30.4,36.1-32.1l22.1-1.8v-4.9
+    c0-10.1-4.7-14-19.3-14c-9.2,0-18.3,1.5-26.9,4.5c-0.3,0-0.6,0-0.9,0c-1.6,0-2.9-1.3-2.9-2.9v-13.1c0-1.2,0.7-2.4,1.9-2.8
+    c9.8-3.3,20.1-5,30.5-4.9c32.3,0,39.8,14.2,39.8,35.1v62.9c0,1.6-1.3,2.9-2.9,2.9h-8.2c-1,0-2-0.5-2.5-1.4L950.7,209.4z"/>
+<path class="st0" d="M1063,197c0.3,0,0.6,0,0.9,0c1.6,0,2.9,1.3,2.9,2.9v13.1c0,1.2-0.7,2.3-1.8,2.7c-8.1,2.9-16.7,4.3-25.4,4.1
+    c-34.9,0-45.7-20.9-45.7-51.7s10.7-51.7,45.7-51.7c8.6-0.2,17.1,1.1,25.2,4c1.1,0.4,1.9,1.5,1.8,2.7v13.1c0,1.6-1.3,2.9-2.9,2.9
+    c-0.3,0-0.6,0-0.9,0c-7.1-2.2-14.6-3.3-22-3.1c-19.1,0-24.7,13.1-24.7,32.2s5.5,32.1,24.7,32.1c7.5,0.1,14.9-1,22-3.3"/>
+</svg>
diff --git a/src/Umbraco.Web.UI.Client/src/assets/img/application/umbraco_logomark_white.svg b/src/Umbraco.Web.UI.Client/src/assets/img/application/umbraco_logomark_white.svg
new file mode 100644
index 0000000000..b27ae89e91
--- /dev/null
+++ b/src/Umbraco.Web.UI.Client/src/assets/img/application/umbraco_logomark_white.svg
@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 315.89 315.89">
+  <path fill="#ffffff" d="M0,157.74A157.95,157.95,0,1,1,158,315.89,157.95,157.95,0,0,1,0,157.74Zm154.74,54.09a155.41,155.41,0,0,1-36.5-3.29,27.92,27.92,0,0,1-19.94-16q-5.35-12.34-5.21-38.1a243,243,0,0,1,1.69-26.84q1.55-13,3.09-21.46l1.07-5.59a2,2,0,0,0,0-.49,3.2,3.2,0,0,0-2.65-3.17L75.92,93.67h-.44a3.19,3.19,0,0,0-3.11,2.48c-.35,1.31-.56,2.27-1.17,5.38-1.16,6-2.24,11.85-3.43,20.38a264.17,264.17,0,0,0-2.3,27.94,145.24,145.24,0,0,0,0,19.57q.72,25.94,8.9,41.42t27.72,22.3q19.53,6.81,54.43,6.66h2.91q34.94.15,54.41-6.66t27.71-22.3q8.17-15.53,8.91-41.42a145.24,145.24,0,0,0,0-19.57,266.84,266.84,0,0,0-2.3-27.94c-1.2-8.44-2.27-14.26-3.44-20.38-.61-3.11-.81-4.07-1.16-5.38a3.21,3.21,0,0,0-3.12-2.48h-.52l-20.38,3.18a3.2,3.2,0,0,0-2.68,3.17,4,4,0,0,0,0,.49l1.08,5.59q1.55,8.48,3.12,21.46a245.68,245.68,0,0,1,1.65,26.84q.27,25.69-5.21,38.07a27.9,27.9,0,0,1-19.76,16.07,155.19,155.19,0,0,1-36.48,3.29Z"/>
+</svg>
diff --git a/src/Umbraco.Web.UI.Client/src/common/directives/components/application/umbappheader.directive.js b/src/Umbraco.Web.UI.Client/src/common/directives/components/application/umbappheader.directive.js
index b52b0a5763..6cf6dd85f3 100644
--- a/src/Umbraco.Web.UI.Client/src/common/directives/components/application/umbappheader.directive.js
+++ b/src/Umbraco.Web.UI.Client/src/common/directives/components/application/umbappheader.directive.js
@@ -1,9 +1,9 @@
 (function () {
     "use strict";
 
-    function AppHeaderDirective(eventsService, appState, userService, focusService, backdropService, overlayService) {
+    function AppHeaderDirective(eventsService, appState, userService, focusService, overlayService, $timeout) {
 
-        function link(scope, el, attr, ctrl) {
+        function link(scope, element) {
 
             var evts = [];
 
@@ -84,6 +84,35 @@
                 overlayService.open(dialog);
             };
 
+            scope.logoModal = {
+                show: false,
+                text: "",
+                timer: null
+            };
+            scope.showLogoModal = function() {
+                $timeout.cancel(scope.logoModal.timer);
+                scope.logoModal.show = true;
+                scope.logoModal.text = "version "+Umbraco.Sys.ServerVariables.application.version;
+                $timeout(function () {
+                    const anchorLink = element[0].querySelector('.umb-app-header__logo-modal');
+                    if(anchorLink) {
+                        anchorLink.focus();
+                    }
+                });
+            };
+            scope.keepLogoModal = function() {
+                $timeout.cancel(scope.logoModal.timer);
+            };
+            scope.hideLogoModal = function() {
+                $timeout.cancel(scope.logoModal.timer);
+                scope.logoModal.timer = $timeout(function () {
+                    scope.logoModal.show = false;
+                }, 100);
+            };
+            scope.stopClickEvent = function($event) {
+                $event.stopPropagation();
+            };
+
         }
 
         var directive = {
diff --git a/src/Umbraco.Web.UI.Client/src/less/components/application/umb-app-header.less b/src/Umbraco.Web.UI.Client/src/less/components/application/umb-app-header.less
index 68a29df89e..bb346fc402 100644
--- a/src/Umbraco.Web.UI.Client/src/less/components/application/umb-app-header.less
+++ b/src/Umbraco.Web.UI.Client/src/less/components/application/umb-app-header.less
@@ -2,12 +2,65 @@
     background: @blueExtraDark;
     display: flex;
     align-items: center;
-    justify-content: space-between;
     max-width: 100%;
     height: @appHeaderHeight;
     padding: 0 20px;
 }
 
+.umb-app-header__logo {
+    margin-right: 30px;
+    button {
+        img {
+            height: 30px;
+        }
+    }
+}
+
+.umb-app-header__logo-modal {
+    position: absolute;
+    z-index: @zindexUmbOverlay;
+    top: 50px;
+    left: 17px;
+    font-size: 13px;
+
+    border-radius: 6px;
+    
+    width: 160px;
+    padding: 20px 20px;
+    background-color:@white;
+    color: @blueExtraDark;
+    box-shadow: 0 1px 2px 0 rgba(0, 0, 0, .14), 0 1px 6px 1px rgba(0, 0, 0, .14);
+    text-decoration: none;
+
+    text-align: center;
+
+    &::before {
+        content:'';
+        position: absolute;
+        transform: rotate(45deg);
+        background-color:@white;
+        top: -4px;
+        left: 14px;
+        width: 8px;
+        height: 8px;
+    }
+
+    img {
+        display: block;
+        height: auto;
+        width: 120px;
+        margin-left: auto;
+        margin-right: auto;
+        margin-bottom: 3px;
+    }
+}
+
+.umb-app-header__right {
+    display: flex;
+    align-items: center;
+    margin-left: auto;
+}
+
 .umb-app-header__actions {
     display: flex;
     list-style: none;
diff --git a/src/Umbraco.Web.UI.Client/src/less/pages/login.less b/src/Umbraco.Web.UI.Client/src/less/pages/login.less
index 2763a879ea..015c291564 100644
--- a/src/Umbraco.Web.UI.Client/src/less/pages/login.less
+++ b/src/Umbraco.Web.UI.Client/src/less/pages/login.less
@@ -28,14 +28,14 @@
 
 .login-overlay__logo {
     position: absolute;
-    top: 22px;
-    left: 25px;
+    top: 12.5px;
+    left: 20px;
+    right: 25px;
     height: 30px;
     z-index: 1;
 }
-
-.login-overlay__logo > img {
-    max-height:100%;
+.login-overlay__logo img {
+    height: 100%;
 }
 
 .login-overlay .umb-modalcolumn {
@@ -69,7 +69,8 @@
     margin-right: 25px;
     margin-top: auto;
     margin-bottom: auto;
-    border-radius: @baseBorderRadius;
+    border-radius: @doubleBorderRadius;
+    box-shadow: 0 1px 6px 1px rgba(0, 0, 0, 0.12);
 }
 
 .login-overlay .form input[type="text"],
diff --git a/src/Umbraco.Web.UI.Client/src/views/components/application/umb-app-header.html b/src/Umbraco.Web.UI.Client/src/views/components/application/umb-app-header.html
index e0fb4aeb77..98b8d88869 100644
--- a/src/Umbraco.Web.UI.Client/src/views/components/application/umb-app-header.html
+++ b/src/Umbraco.Web.UI.Client/src/views/components/application/umb-app-header.html
@@ -1,34 +1,99 @@
-
 <div>
-
     <div class="umb-app-header">
-        <umb-sections
-            ng-if="authenticated"
-            sections="sections">
-        </umb-sections>
+        <div class="umb-app-header__logo">
+            <button type="button" class="btn-reset" ng-click="showLogoModal()">
+                <img
+                    src="assets/img/application/umbraco_logomark_white.svg"
+                    alt="Umbraco"
+                />
+            </button>
+            <div
+                tabindex="0"
+                on-outside-click="hideLogoModal()"
+                ng-click="stopClickEvent($event)"
+                ng-focus="keepLogoModal()"
+                ng-blur="hideLogoModal()"
+                class="umb-app-header__logo-modal"
+                ng-if="logoModal.show"
+            >
+                <img
+                    src="assets/img/application/umbraco_logo_large_blue.svg"
+                    alt="Umbraco — The Friendly CMS"
+                />
+                <small> {{logoModal.text}} </small>
+                <br /><br />
+                <a
+                    href="https://umbraco.com"
+                    title="Umbraco website"
+                    target="_blank"
+                    rel="noopener"
+                    ng-focus="keepLogoModal()"
+                    ng-blur="hideLogoModal()"
+                    >Umbraco.com</a
+                >
+            </div>
+        </div>
 
-        <div class="flex items-center">
+        <umb-sections ng-if="authenticated" sections="sections"> </umb-sections>
+
+        <div class="umb-app-header__right">
             <ul class="umb-app-header__actions">
                 <li data-element="global-search" class="umb-app-header__action">
-                    <button type="button" class="umb-app-header__button btn-reset" hotkey="ctrl+space" ng-click="searchClick()" ng-mousedown="rememberFocus()" localize="title" title="@general_search">
+                    <button
+                        type="button"
+                        class="umb-app-header__button btn-reset"
+                        hotkey="ctrl+space"
+                        ng-click="searchClick()"
+                        ng-mousedown="rememberFocus()"
+                        localize="title"
+                        title="@general_search"
+                    >
                         <span class="sr-only">
-                            <localize key="visuallyHiddenTexts_openBackofficeSearch">Open backoffice search</localize>...
+                            <localize
+                                key="visuallyHiddenTexts_openBackofficeSearch"
+                                >Open backoffice search</localize
+                            >...
                         </span>
-                        <umb-icon icon="icon-search" class="umb-app-header__action-icon"></umb-icon>
+                        <umb-icon
+                            icon="icon-search"
+                            class="umb-app-header__action-icon"
+                        ></umb-icon>
                     </button>
                 </li>
                 <li data-element="global-help" class="umb-app-header__action">
-                    <button type="button" class="umb-app-header__button btn-reset" hotkey="ctrl+shift+h" ng-click="helpClick()" localize="title" title="@general_help">
+                    <button
+                        type="button"
+                        class="umb-app-header__button btn-reset"
+                        hotkey="ctrl+shift+h"
+                        ng-click="helpClick()"
+                        localize="title"
+                        title="@general_help"
+                    >
                         <span class="sr-only">
-                            <localize key="visuallyHiddenTexts_openCloseBackofficeHelp">Open/Close backoffice help</localize>...
+                            <localize
+                                key="visuallyHiddenTexts_openCloseBackofficeHelp"
+                                >Open/Close backoffice help</localize
+                            >...
                         </span>
-                        <umb-icon icon="icon-help-alt" class="umb-app-header__action-icon"></umb-icon>
+                        <umb-icon
+                            icon="icon-help-alt"
+                            class="umb-app-header__action-icon"
+                        ></umb-icon>
                     </button>
                 </li>
                 <li data-element="global-user" class="umb-app-header__action">
-                   <button type="button" class="umb-app-header__button btn-reset" ng-click="avatarClick()" hotkey="ctrl+shift+u" title="{{user.name}}">
+                    <button
+                        type="button"
+                        class="umb-app-header__button btn-reset"
+                        ng-click="avatarClick()"
+                        hotkey="ctrl+shift+u"
+                        title="{{user.name}}"
+                    >
                         <span class="sr-only">
-                            <localize key="visuallyHiddenTexts_openCloseBackofficeProfileOptions">Open/Close your profile options</localize>...
+                            <localize
+                                key="visuallyHiddenTexts_openCloseBackofficeProfileOptions"
+                                >Open/Close your profile options</localize
+                            >...
                         </span>
                         <umb-avatar
                             class="umb-app-header__action-icon"
@@ -36,13 +101,12 @@
                             color="secondary"
                             name="{{user.name}}"
                             img-src="{{avatar[0].value}}"
-                            img-srcset="{{avatar[1].value}} 2x, {{avatar[2].value}} 3x">
+                            img-srcset="{{avatar[1].value}} 2x, {{avatar[2].value}} 3x"
+                        >
                         </umb-avatar>
                     </button>
                 </li>
             </ul>
         </div>
-
     </div>
-
 </div>
diff --git a/src/Umbraco.Web.UI.Client/src/views/errors/BootFailed.html b/src/Umbraco.Web.UI.Client/src/views/errors/BootFailed.html
index c08627739a..7b91125e09 100644
--- a/src/Umbraco.Web.UI.Client/src/views/errors/BootFailed.html
+++ b/src/Umbraco.Web.UI.Client/src/views/errors/BootFailed.html
@@ -1,79 +1,87 @@
 <!DOCTYPE html>
 <html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Boot Failed</title>
-    <style>
-    @font-face {
-        font-family: Lato;
-        src: local("LatoLatin Regular"), local("LatoLatin-Regular"),
-            url(/umbraco/assets/fonts/lato/LatoLatin-Regular.woff2) format("woff2");
-        font-style: normal;
-        font-weight: 400;
-        font-display: swap;
-        text-rendering: optimizeLegibility;
-    }
-    @font-face {
-        font-family: Lato;
-        src: local("LatoLatin Bold"), local("LatoLatin-Bold"),
-            url(/umbraco/assets/fonts/lato/LatoLatin-Bold.woff2) format("woff2");
-        font-style: normal;
-        font-weight: 700;
-        font-display: swap;
-        text-rendering: optimizeLegibility;
-    }
-    body {
-        background-repeat: no-repeat;
-        background-size: cover;
-        background-position: 50%;
-        background-image: url(/umbraco/assets/img/login.jpg);
-        margin: 0;
-        padding: 0;
-        font-family: Lato, Helvetica Neue, Helvetica, Arial, sans-serif;
-        font-size: 15px;
-        line-height: 20px;
-        color: #000;
-        background-color: #f3f3f5;
-        -webkit-font-smoothing: antialiased;
-        font-smoothing: antialiased;
-        -moz-osx-font-smoothing: grayscale;
-    }
-    .logo {
-        position: absolute;
-        top: 22px;
-        left: 25px;
-        width: 30px;
-        height: 30px;
-        z-index: 1;
-    }
-    .error-container {
-        display: grid;
-        justify-content: center;
-        align-content: center;
-        height: 100vh;
-    }
-    .error {
-        background: #fff;
-        padding: 30px;
-        max-width: 500px;
-        margin: auto 25px;
-        border-radius: 3px;
-    }
-    .error h1 {
-        font-size: 24px;
-        font-weight: 700;
-        margin-bottom: 20px;
-    }
-    </style>
-</head>
-<body>
-<main class="error-container">
-    <img src="/umbraco/assets/img/application/umbraco_logo_white.svg" class="logo">
-    <div class="error">
-        <h1>Boot Failed</h1>
-        <p>Umbraco failed to boot, if you are the owner of the website please see the log file for more details.</p>
-    </div>
-</main>
-</body>
+    <head>
+        <meta charset="UTF-8" />
+        <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+        <title>Boot Failed</title>
+        <style>
+            @font-face {
+                font-family: Lato;
+                src: local("LatoLatin Regular"), local("LatoLatin-Regular"),
+                    url(/umbraco/assets/fonts/lato/LatoLatin-Regular.woff2)
+                        format("woff2");
+                font-style: normal;
+                font-weight: 400;
+                font-display: swap;
+                text-rendering: optimizeLegibility;
+            }
+            @font-face {
+                font-family: Lato;
+                src: local("LatoLatin Bold"), local("LatoLatin-Bold"),
+                    url(/umbraco/assets/fonts/lato/LatoLatin-Bold.woff2)
+                        format("woff2");
+                font-style: normal;
+                font-weight: 700;
+                font-display: swap;
+                text-rendering: optimizeLegibility;
+            }
+            body {
+                background-repeat: no-repeat;
+                background-size: cover;
+                background-position: 50%;
+                background-image: url(/umbraco/assets/img/login.jpg);
+                margin: 0;
+                padding: 0;
+                font-family: Lato, Helvetica Neue, Helvetica, Arial, sans-serif;
+                font-size: 15px;
+                line-height: 20px;
+                color: #000;
+                background-color: #f3f3f5;
+                -webkit-font-smoothing: antialiased;
+                font-smoothing: antialiased;
+                -moz-osx-font-smoothing: grayscale;
+            }
+            .logo {
+                position: absolute;
+                top: 22px;
+                left: 25px;
+                width: 30px;
+                height: 30px;
+                z-index: 1;
+            }
+            .error-container {
+                display: grid;
+                justify-content: center;
+                align-content: center;
+                height: 100vh;
+            }
+            .error {
+                background: #fff;
+                padding: 30px;
+                max-width: 500px;
+                margin: auto 25px;
+                border-radius: 3px;
+            }
+            .error h1 {
+                font-size: 24px;
+                font-weight: 700;
+                margin-bottom: 20px;
+            }
+        </style>
+    </head>
+    <body>
+        <main class="error-container">
+            <img
+                src="/umbraco/assets/img/application/umbraco_logomark_white.svg"
+                class="logo"
+            />
+            <div class="error">
+                <h1>Boot Failed</h1>
+                <p>
+                    Umbraco failed to boot, if you are the owner of the website
+                    please see the log file for more details.
+                </p>
+            </div>
+        </main>
+    </body>
 </html>

From 3d28552a77f110fe9e69ee85fbfa89914cb154a8 Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Wed, 9 Feb 2022 10:19:39 +0100
Subject: [PATCH 66/81] Add settings to bypass 2fa for external logins (#11959)

* Added settings for bypassing 2fa for external logins

* Fixed issue with saving roles using member ID before the member had an ID.

* Added missing extension method

* Removed test classes from git

* rollback csproj
---
 .../Configuration/Models/SecuritySettings.cs  | 14 +++++
 .../Security/MemberUserStore.cs               |  3 +
 .../Controllers/BackOfficeController.cs       | 55 ++++++++++++++++++-
 .../UmbracoBuilder.BackOfficeIdentity.cs      | 10 ++++
 src/Umbraco.Web.UI/Umbraco.Web.UI.csproj      |  1 +
 .../Controllers/UmbExternalLoginController.cs |  9 ++-
 6 files changed, 88 insertions(+), 4 deletions(-)

diff --git a/src/Umbraco.Core/Configuration/Models/SecuritySettings.cs b/src/Umbraco.Core/Configuration/Models/SecuritySettings.cs
index 7d4dd45fb8..982ba8c63e 100644
--- a/src/Umbraco.Core/Configuration/Models/SecuritySettings.cs
+++ b/src/Umbraco.Core/Configuration/Models/SecuritySettings.cs
@@ -11,6 +11,8 @@ namespace Umbraco.Cms.Core.Configuration.Models
     [UmbracoOptions(Constants.Configuration.ConfigSecurity)]
     public class SecuritySettings
     {
+        internal const bool StaticMemberBypassTwoFactorForExternalLogins = true;
+        internal const bool StaticUserBypassTwoFactorForExternalLogins = true;
         internal const bool StaticKeepUserLoggedIn = false;
         internal const bool StaticHideDisabledUsersInBackOffice = false;
         internal const bool StaticAllowPasswordReset = true;
@@ -66,5 +68,17 @@ namespace Umbraco.Cms.Core.Configuration.Models
         /// Gets or sets a value for the member password settings.
         /// </summary>
         public MemberPasswordConfigurationSettings MemberPassword { get; set; }
+
+        /// <summary>
+        /// Gets or sets a value indicating whether to bypass the two factor requirement in Umbraco when using external login for members. Thereby rely on the External login and potential 2FA at that provider.
+        /// </summary>
+        [DefaultValue(StaticMemberBypassTwoFactorForExternalLogins)]
+        public bool MemberBypassTwoFactorForExternalLogins { get; set; } = StaticMemberBypassTwoFactorForExternalLogins;
+
+        /// <summary>
+        /// Gets or sets a value indicating whether to bypass the two factor requirement in Umbraco when using external login for users. Thereby rely on the External login and potential 2FA at that provider.
+        /// </summary>
+        [DefaultValue(StaticUserBypassTwoFactorForExternalLogins)]
+        public bool UserBypassTwoFactorForExternalLogins { get; set; } = StaticUserBypassTwoFactorForExternalLogins;
     }
 }
diff --git a/src/Umbraco.Infrastructure/Security/MemberUserStore.cs b/src/Umbraco.Infrastructure/Security/MemberUserStore.cs
index 4fba880e81..420d66b0b4 100644
--- a/src/Umbraco.Infrastructure/Security/MemberUserStore.cs
+++ b/src/Umbraco.Infrastructure/Security/MemberUserStore.cs
@@ -112,6 +112,9 @@ namespace Umbraco.Cms.Core.Security
                 // create the member
                 _memberService.Save(memberEntity);
 
+                //We need to add roles now that the member has an Id. It do not work implicit in UpdateMemberProperties
+                _memberService.AssignRoles(new[] { memberEntity.Id },  user.Roles.Select(x => x.RoleId).ToArray());
+
                 if (!memberEntity.HasIdentity)
                 {
                     throw new DataException("Could not create the member, check logs for details");
diff --git a/src/Umbraco.Web.BackOffice/Controllers/BackOfficeController.cs b/src/Umbraco.Web.BackOffice/Controllers/BackOfficeController.cs
index aa5fc83e1e..e866409c17 100644
--- a/src/Umbraco.Web.BackOffice/Controllers/BackOfficeController.cs
+++ b/src/Umbraco.Web.BackOffice/Controllers/BackOfficeController.cs
@@ -10,6 +10,7 @@ using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using Umbraco.Cms.Core;
@@ -31,6 +32,7 @@ using Umbraco.Cms.Web.Common.ActionsResults;
 using Umbraco.Cms.Web.Common.Attributes;
 using Umbraco.Cms.Web.Common.Authorization;
 using Umbraco.Cms.Web.Common.Controllers;
+using Umbraco.Cms.Web.Common.DependencyInjection;
 using Umbraco.Cms.Web.Common.Filters;
 using Umbraco.Extensions;
 using Constants = Umbraco.Cms.Core.Constants;
@@ -68,7 +70,10 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
         private readonly IBackOfficeTwoFactorOptions _backOfficeTwoFactorOptions;
         private readonly IManifestParser _manifestParser;
         private readonly ServerVariablesParser _serverVariables;
+        private readonly IOptions<SecuritySettings> _securitySettings;
 
+
+        [ActivatorUtilitiesConstructor]
         public BackOfficeController(
             IBackOfficeUserManager userManager,
             IRuntimeState runtimeState,
@@ -87,7 +92,8 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
             IHttpContextAccessor httpContextAccessor,
             IBackOfficeTwoFactorOptions backOfficeTwoFactorOptions,
             IManifestParser manifestParser,
-            ServerVariablesParser serverVariables)
+            ServerVariablesParser serverVariables,
+            IOptions<SecuritySettings> securitySettings)
         {
             _userManager = userManager;
             _runtimeState = runtimeState;
@@ -107,6 +113,51 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
             _backOfficeTwoFactorOptions = backOfficeTwoFactorOptions;
             _manifestParser = manifestParser;
             _serverVariables = serverVariables;
+            _securitySettings = securitySettings;
+        }
+
+        [Obsolete("Use ctor with all params. This overload will be removed in Umbraco 10.")]
+        public BackOfficeController(
+            IBackOfficeUserManager userManager,
+            IRuntimeState runtimeState,
+            IRuntimeMinifier runtimeMinifier,
+            IOptions<GlobalSettings> globalSettings,
+            IHostingEnvironment hostingEnvironment,
+            ILocalizedTextService textService,
+            IGridConfig gridConfig,
+            BackOfficeServerVariables backOfficeServerVariables,
+            AppCaches appCaches,
+            IBackOfficeSignInManager signInManager,
+            IBackOfficeSecurityAccessor backofficeSecurityAccessor,
+            ILogger<BackOfficeController> logger,
+            IJsonSerializer jsonSerializer,
+            IBackOfficeExternalLoginProviders externalLogins,
+            IHttpContextAccessor httpContextAccessor,
+            IBackOfficeTwoFactorOptions backOfficeTwoFactorOptions,
+            IManifestParser manifestParser,
+            ServerVariablesParser serverVariables)
+        : this(userManager,
+            runtimeState,
+            runtimeMinifier,
+            globalSettings,
+            hostingEnvironment,
+            textService,
+            gridConfig,
+            backOfficeServerVariables,
+            appCaches,
+            signInManager,
+            backofficeSecurityAccessor,
+            logger,
+            jsonSerializer,
+            externalLogins,
+            httpContextAccessor,
+            backOfficeTwoFactorOptions,
+            manifestParser,
+            serverVariables,
+            StaticServiceProvider.Instance.GetRequiredService<IOptions<SecuritySettings>>()
+            )
+        {
+
         }
 
         [HttpGet]
@@ -458,7 +509,7 @@ namespace Umbraco.Cms.Web.BackOffice.Controllers
             if (response == null) throw new ArgumentNullException(nameof(response));
 
             // Sign in the user with this external login provider (which auto links, etc...)
-            SignInResult result = await _signInManager.ExternalLoginSignInAsync(loginInfo, isPersistent: false);
+            SignInResult result = await _signInManager.ExternalLoginSignInAsync(loginInfo, isPersistent: false, bypassTwoFactor: _securitySettings.Value.UserBypassTwoFactorForExternalLogins);
 
             var errors = new List<string>();
 
diff --git a/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilder.BackOfficeIdentity.cs b/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilder.BackOfficeIdentity.cs
index e9cc213598..1dc5bda7a9 100644
--- a/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilder.BackOfficeIdentity.cs
+++ b/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilder.BackOfficeIdentity.cs
@@ -11,6 +11,7 @@ using Umbraco.Cms.Core.Net;
 using Umbraco.Cms.Core.Scoping;
 using Umbraco.Cms.Core.Security;
 using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Infrastructure.Security;
 using Umbraco.Cms.Web.BackOffice.Security;
 using Umbraco.Cms.Web.Common.AspNetCore;
 using Umbraco.Cms.Web.Common.Security;
@@ -77,5 +78,14 @@ namespace Umbraco.Extensions
             return umbracoBuilder;
         }
 
+        public static BackOfficeIdentityBuilder AddTwoFactorProvider<T>(this BackOfficeIdentityBuilder identityBuilder, string providerName) where T : class, ITwoFactorProvider
+        {
+            identityBuilder.Services.AddSingleton<ITwoFactorProvider, T>();
+            identityBuilder.Services.AddSingleton<T>();
+            identityBuilder.AddTokenProvider<TwoFactorBackOfficeValidationProvider<T>>(providerName);
+
+            return identityBuilder;
+        }
+
     }
 }
diff --git a/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj b/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
index 69f812b6e6..46ff558aee 100644
--- a/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
+++ b/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
@@ -17,6 +17,7 @@
     <ProjectReference Include="../Umbraco.Web.Website/Umbraco.Web.Website.csproj" />
     <ProjectReference Include="../Umbraco.Persistence.SqlCe/Umbraco.Persistence.SqlCe.csproj" Condition="'$(OS)' == 'Windows_NT'" />
   </ItemGroup>
+  
 
   <ItemGroup>
     <Folder Include="App_Plugins" />
diff --git a/src/Umbraco.Web.Website/Controllers/UmbExternalLoginController.cs b/src/Umbraco.Web.Website/Controllers/UmbExternalLoginController.cs
index c43754e170..cb9188f5d0 100644
--- a/src/Umbraco.Web.Website/Controllers/UmbExternalLoginController.cs
+++ b/src/Umbraco.Web.Website/Controllers/UmbExternalLoginController.cs
@@ -8,7 +8,9 @@ using Microsoft.AspNetCore.Http.Extensions;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using Umbraco.Cms.Core.Cache;
+using Umbraco.Cms.Core.Configuration.Models;
 using Umbraco.Cms.Core.Logging;
 using Umbraco.Cms.Core.Models;
 using Umbraco.Cms.Core.Routing;
@@ -29,6 +31,7 @@ namespace Umbraco.Cms.Web.Website.Controllers
     {
         private readonly IMemberManager _memberManager;
         private readonly ITwoFactorLoginService _twoFactorLoginService;
+        private readonly IOptions<SecuritySettings> _securitySettings;
         private readonly ILogger<UmbExternalLoginController> _logger;
         private readonly IMemberSignInManagerExternalLogins _memberSignInManager;
 
@@ -42,7 +45,8 @@ namespace Umbraco.Cms.Web.Website.Controllers
             IPublishedUrlProvider publishedUrlProvider,
             IMemberSignInManagerExternalLogins memberSignInManager,
             IMemberManager memberManager,
-            ITwoFactorLoginService twoFactorLoginService)
+            ITwoFactorLoginService twoFactorLoginService,
+            IOptions<SecuritySettings> securitySettings)
             : base(
                 umbracoContextAccessor,
                 databaseFactory,
@@ -55,6 +59,7 @@ namespace Umbraco.Cms.Web.Website.Controllers
             _memberSignInManager = memberSignInManager;
             _memberManager = memberManager;
             _twoFactorLoginService = twoFactorLoginService;
+            _securitySettings = securitySettings;
         }
 
         /// <summary>
@@ -95,7 +100,7 @@ namespace Umbraco.Cms.Web.Website.Controllers
             }
             else
             {
-                SignInResult result = await _memberSignInManager.ExternalLoginSignInAsync(loginInfo, false);
+                SignInResult result = await _memberSignInManager.ExternalLoginSignInAsync(loginInfo, false, _securitySettings.Value.MemberBypassTwoFactorForExternalLogins);
 
                 if (result == SignInResult.Success)
                 {

From eea02137ae0b709861b45ded11882279a990c421 Mon Sep 17 00:00:00 2001
From: nikolajlauridsen <nel@umbraco.dk>
Date: Wed, 9 Feb 2022 10:26:31 +0100
Subject: [PATCH 67/81] Bump version to non-rc

---
 build/templates/UmbracoPackage/.template.config/template.json | 2 +-
 build/templates/UmbracoProject/.template.config/template.json | 2 +-
 src/Directory.Build.props                                     | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/build/templates/UmbracoPackage/.template.config/template.json b/build/templates/UmbracoPackage/.template.config/template.json
index 1a4dd16fd7..32f0c924dd 100644
--- a/build/templates/UmbracoPackage/.template.config/template.json
+++ b/build/templates/UmbracoPackage/.template.config/template.json
@@ -24,7 +24,7 @@
         "version": {
             "type": "parameter",
             "datatype": "string",
-            "defaultValue": "9.3.0-rc",
+            "defaultValue": "9.3.0",
             "description": "The version of Umbraco to load using NuGet",
             "replaces": "UMBRACO_VERSION_FROM_TEMPLATE"
         },
diff --git a/build/templates/UmbracoProject/.template.config/template.json b/build/templates/UmbracoProject/.template.config/template.json
index fd41de8d1c..b09050a2a4 100644
--- a/build/templates/UmbracoProject/.template.config/template.json
+++ b/build/templates/UmbracoProject/.template.config/template.json
@@ -57,7 +57,7 @@
         "version": {
             "type": "parameter",
             "datatype": "string",
-            "defaultValue": "9.3.0-rc",
+            "defaultValue": "9.3.0",
             "description": "The version of Umbraco to load using NuGet",
             "replaces": "UMBRACO_VERSION_FROM_TEMPLATE"
         },
diff --git a/src/Directory.Build.props b/src/Directory.Build.props
index 995c8afebd..55448806ef 100644
--- a/src/Directory.Build.props
+++ b/src/Directory.Build.props
@@ -5,7 +5,7 @@
   <PropertyGroup>
     <Version>9.3.0</Version>
     <AssemblyVersion>9.3.0</AssemblyVersion>
-    <InformationalVersion>9.3.0-rc</InformationalVersion>
+    <InformationalVersion>9.3.0</InformationalVersion>
     <FileVersion>9.3.0</FileVersion>
     <LangVersion Condition="'$(LangVersion)' == ''">9.0</LangVersion>
     <NeutralLanguage>en-US</NeutralLanguage>

From cf410ab91e7d21620a971a219280886d852d10a8 Mon Sep 17 00:00:00 2001
From: Paul Johnson <pmj@umbraco.com>
Date: Thu, 10 Feb 2022 12:03:35 +0000
Subject: [PATCH 68/81] Attempt to make app local icu setup less problematic.
 (#11961)

* Attempt to make app local icu setup less problematic.

Prevents issues for windows build agent -> linux app server.

On Windows version is split at first '.' e.g. 68.2.0.9 ->  icuuc68.dll
https://github.com/dotnet/runtime/blob/205f70e/src/libraries/System.Private.CoreLib/src/System/Globalization/GlobalizationMode.Windows.cs

On Linux we are looking for libicuuc.so.68.2.0.9
https://github.com/dotnet/runtime/blob/205f70e/src/libraries/System.Private.CoreLib/src/System/Globalization/GlobalizationMode.Unix.cs

On macos we don't have a native library in a shiny nuget package so hope
folks are building on their macs or setting the rid until we have a
better solution.

* Combine elements
---
 build/templates/UmbracoProject/UmbracoProject.csproj | 10 +++++++---
 src/Umbraco.Web.UI/Umbraco.Web.UI.csproj             | 11 ++++++++++-
 2 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/build/templates/UmbracoProject/UmbracoProject.csproj b/build/templates/UmbracoProject/UmbracoProject.csproj
index 3fa1eb2f36..6b47686415 100644
--- a/build/templates/UmbracoProject/UmbracoProject.csproj
+++ b/build/templates/UmbracoProject/UmbracoProject.csproj
@@ -12,9 +12,13 @@
     </ItemGroup>
 
     <!-- Force windows to use ICU. Otherwise Windows 10 2019H1+ will do it, but older windows 10 and most if not all winodws servers will run NLS -->
-    <ItemGroup Condition="'$(OS)' == 'Windows_NT'">
-        <PackageReference Include="Microsoft.ICU.ICU4C.Runtime" Version="68.2.0.9" />
-        <RuntimeHostConfigurationOption Include="System.Globalization.AppLocalIcu" Value="68.2" />
+    <ItemGroup>
+      <PackageReference Include="Microsoft.ICU.ICU4C.Runtime" Version="68.2.0.9" />
+
+      <RuntimeHostConfigurationOption
+        Condition="$(RuntimeIdentifier.StartsWith('linux')) Or $(RuntimeIdentifier.StartsWith('win')) Or ('$(RuntimeIdentifier)' == '' And !$([MSBuild]::IsOSPlatform('osx')))"
+        Include="System.Globalization.AppLocalIcu"
+        Value="68.2.0.9" />
     </ItemGroup>
 
     <Import Project="..\PackageTestSiteName\build\PackageTestSiteName.targets" Condition="'$(PackageTestSiteName)' != ''" />
diff --git a/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj b/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
index ec4d3c1798..b584606f4f 100644
--- a/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
+++ b/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
@@ -19,6 +19,15 @@
   </ItemGroup>
   
 
+  <ItemGroup>
+    <PackageReference Include="Microsoft.ICU.ICU4C.Runtime" Version="68.2.0.9" />
+
+    <RuntimeHostConfigurationOption
+      Condition="$(RuntimeIdentifier.StartsWith('linux')) Or $(RuntimeIdentifier.StartsWith('win')) Or ('$(RuntimeIdentifier)' == '' And !$([MSBuild]::IsOSPlatform('osx')))"
+      Include="System.Globalization.AppLocalIcu"
+      Value="68.2.0.9" />
+  </ItemGroup>
+
   <ItemGroup>
     <Folder Include="App_Plugins" />
     <Folder Include="Views" />
@@ -92,7 +101,7 @@
     <Message Text="-CheckPreconditions-" Importance="high" />
     <Message Text="JsonSchemaPath:  $(JsonSchemaPath)" Importance="high" />
     <Message Text="BellePath:       $(BellePath)" Importance="high" />
-    
+
     <!-- Build Belle, if building is Visual Studio and the build folder does not exist yet -->
     <Message Text="Skip Belle because UmbracoBuild is '$(UmbracoBuild)' (this is not Visual Studio)." Importance="High" Condition="'$(UmbracoBuild)' != ''" />
     <Message Text="Skip Belle because $(BellePath) exists." Importance="High" Condition="Exists('$(BellePath)')" />

From 91c4c776767a8851317b339ebecc1a76ffdc9827 Mon Sep 17 00:00:00 2001
From: Paul Johnson <pmj@umbraco.com>
Date: Fri, 11 Feb 2022 16:24:53 +0000
Subject: [PATCH 69/81] Switch a lot of warnings to suggestions until we are
 able to resolve. (#11974)

* Switch a lot of warnings to suggestions until we are able to resolve.

* Make stylecop respect more csharp_style rules

e.g. csharp_using_directive_placement

* Added cheatsheet

* Drop sorting requirements for using directives.
---
 .editorconfig         | 43 -----------------------
 .globalconfig         | 81 +++++++++++++++++++++++++++++++++++++++++++
 Directory.Build.props |  8 +----
 codeanalysis.ruleset  | 18 ----------
 stylecop.json         | 16 ---------
 5 files changed, 82 insertions(+), 84 deletions(-)
 create mode 100644 .globalconfig
 delete mode 100644 codeanalysis.ruleset
 delete mode 100644 stylecop.json

diff --git a/.editorconfig b/.editorconfig
index d4094b2cf3..eba04ad326 100644
--- a/.editorconfig
+++ b/.editorconfig
@@ -306,48 +306,6 @@ dotnet_naming_rule.other_public_protected_fields_disallowed_rule.symbols
 dotnet_naming_rule.other_public_protected_fields_disallowed_rule.style               = disallowed_style
 dotnet_naming_rule.other_public_protected_fields_disallowed_rule.severity            = error
 
-##########################################
-# StyleCop Field Naming Rules
-# Naming rules for fields follow the StyleCop analyzers
-# This does not override any rules using disallowed_style above
-# https://github.com/DotNetAnalyzers/StyleCopAnalyzers
-##########################################
-
-# All constant fields must be PascalCase
-# https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1303.md
-dotnet_naming_symbols.stylecop_constant_fields_group.applicable_accessibilities = public, internal, protected_internal, protected, private_protected, private
-dotnet_naming_symbols.stylecop_constant_fields_group.required_modifiers         = const
-dotnet_naming_symbols.stylecop_constant_fields_group.applicable_kinds           = field
-dotnet_naming_rule.stylecop_constant_fields_must_be_pascal_case_rule.symbols    = stylecop_constant_fields_group
-dotnet_naming_rule.stylecop_constant_fields_must_be_pascal_case_rule.style      = pascal_case_style
-dotnet_naming_rule.stylecop_constant_fields_must_be_pascal_case_rule.severity   = warning
-
-# All static readonly fields must be PascalCase
-# Ajusted to ignore private fields.
-# https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1311.md
-dotnet_naming_symbols.stylecop_static_readonly_fields_group.applicable_accessibilities = public, internal, protected_internal, protected, private_protected
-dotnet_naming_symbols.stylecop_static_readonly_fields_group.required_modifiers         = static, readonly
-dotnet_naming_symbols.stylecop_static_readonly_fields_group.applicable_kinds           = field
-dotnet_naming_rule.stylecop_static_readonly_fields_must_be_pascal_case_rule.symbols    = stylecop_static_readonly_fields_group
-dotnet_naming_rule.stylecop_static_readonly_fields_must_be_pascal_case_rule.style      = pascal_case_style
-dotnet_naming_rule.stylecop_static_readonly_fields_must_be_pascal_case_rule.severity   = warning
-
-# No non-private instance fields are allowed
-# https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1401.md
-dotnet_naming_symbols.stylecop_fields_must_be_private_group.applicable_accessibilities = public, internal, protected_internal, protected, private_protected
-dotnet_naming_symbols.stylecop_fields_must_be_private_group.applicable_kinds           = field
-dotnet_naming_rule.stylecop_instance_fields_must_be_private_rule.symbols               = stylecop_fields_must_be_private_group
-dotnet_naming_rule.stylecop_instance_fields_must_be_private_rule.style                 = disallowed_style
-dotnet_naming_rule.stylecop_instance_fields_must_be_private_rule.severity              = error
-
-# Local variables must be camelCase
-# https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1312.md
-dotnet_naming_symbols.stylecop_local_fields_group.applicable_accessibilities = local
-dotnet_naming_symbols.stylecop_local_fields_group.applicable_kinds           = local
-dotnet_naming_rule.stylecop_local_fields_must_be_camel_case_rule.symbols     = stylecop_local_fields_group
-dotnet_naming_rule.stylecop_local_fields_must_be_camel_case_rule.style       = camel_case_style
-dotnet_naming_rule.stylecop_local_fields_must_be_camel_case_rule.severity    = silent
-
 # This rule should never fire.  However, it's included for at least two purposes:
 # First, it helps to understand, reason about, and root-case certain types of issues, such as bugs in .editorconfig parsers.
 # Second, it helps to raise immediate awareness if a new field type is added (as occurred recently in C#).
@@ -357,7 +315,6 @@ dotnet_naming_rule.sanity_check_uncovered_field_case_rule.symbols  = sanity_chec
 dotnet_naming_rule.sanity_check_uncovered_field_case_rule.style    = internal_error_style
 dotnet_naming_rule.sanity_check_uncovered_field_case_rule.severity = error
 
-
 ##########################################
 # Other Naming Rules
 ##########################################
diff --git a/.globalconfig b/.globalconfig
new file mode 100644
index 0000000000..8342ab4580
--- /dev/null
+++ b/.globalconfig
@@ -0,0 +1,81 @@
+is_global = true
+
+##########################################
+# StyleCopAnalyzers Settings
+##########################################
+
+# All constant fields must be PascalCase
+# https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1303.md
+dotnet_naming_symbols.stylecop_constant_fields_group.applicable_accessibilities = public, internal, protected_internal, protected, private_protected, private
+dotnet_naming_symbols.stylecop_constant_fields_group.required_modifiers         = const
+dotnet_naming_symbols.stylecop_constant_fields_group.applicable_kinds           = field
+dotnet_naming_rule.stylecop_constant_fields_must_be_pascal_case_rule.symbols    = stylecop_constant_fields_group
+dotnet_naming_rule.stylecop_constant_fields_must_be_pascal_case_rule.style      = pascal_case_style
+
+# All static readonly fields must be PascalCase
+# Ajusted to ignore private fields.
+# https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1311.md
+dotnet_naming_symbols.stylecop_static_readonly_fields_group.applicable_accessibilities = public, internal, protected_internal, protected, private_protected
+dotnet_naming_symbols.stylecop_static_readonly_fields_group.required_modifiers         = static, readonly
+dotnet_naming_symbols.stylecop_static_readonly_fields_group.applicable_kinds           = field
+dotnet_naming_rule.stylecop_static_readonly_fields_must_be_pascal_case_rule.symbols    = stylecop_static_readonly_fields_group
+dotnet_naming_rule.stylecop_static_readonly_fields_must_be_pascal_case_rule.style      = pascal_case_style
+
+# No non-private instance fields are allowed
+# https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1401.md
+dotnet_naming_symbols.stylecop_fields_must_be_private_group.applicable_accessibilities = public, internal, protected_internal, protected, private_protected
+dotnet_naming_symbols.stylecop_fields_must_be_private_group.applicable_kinds           = field
+dotnet_naming_rule.stylecop_instance_fields_must_be_private_rule.symbols               = stylecop_fields_must_be_private_group
+dotnet_naming_rule.stylecop_instance_fields_must_be_private_rule.style                 = disallowed_style
+
+# Local variables must be camelCase
+# https://github.com/DotNetAnalyzers/StyleCopAnalyzers/blob/master/documentation/SA1312.md
+dotnet_naming_symbols.stylecop_local_fields_group.applicable_accessibilities = local
+dotnet_naming_symbols.stylecop_local_fields_group.applicable_kinds           = local
+dotnet_naming_rule.stylecop_local_fields_must_be_camel_case_rule.symbols     = stylecop_local_fields_group
+dotnet_naming_rule.stylecop_local_fields_must_be_camel_case_rule.style       = camel_case_style
+
+##########################################
+# StyleCopAnalyzers rule severity
+# https://github.com/DotNetAnalyzers/StyleCopAnalyzers
+##########################################
+
+dotnet_analyzer_diagnostic.category-StyleCop.CSharp.DocumentationRules.severity = suggestion
+dotnet_analyzer_diagnostic.category-StyleCop.CSharp.ReadabilityRules.severity = suggestion
+dotnet_analyzer_diagnostic.category-StyleCop.CSharp.NamingRules.severity = suggestion
+dotnet_analyzer_diagnostic.category-StyleCop.CSharp.SpacingRules.severity = suggestion
+dotnet_analyzer_diagnostic.category-StyleCop.CSharp.OrderingRules.severity = suggestion
+dotnet_analyzer_diagnostic.category-StyleCop.CSharp.MaintainabilityRules.severity = suggestion
+dotnet_analyzer_diagnostic.category-StyleCop.CSharp.LayoutRules.severity = suggestion
+
+dotnet_diagnostic.SA1636.severity = none # SA1636: File header copyright text should match
+
+dotnet_diagnostic.SA1503.severity = warning # BracesMustNotBeOmitted
+dotnet_diagnostic.SA1117.severity = warning # ParametersMustBeOnSameLineOrSeparateLines
+dotnet_diagnostic.SA1116.severity = warning # SplitParametersMustStartOnLineAfterDeclaration
+dotnet_diagnostic.SA1122.severity = warning # UseStringEmptyForEmptyStrings
+dotnet_diagnostic.SA1028.severity = warning # CodeMustNotContainTrailingWhitespace
+dotnet_diagnostic.SA1500.severity = warning # BracesForMultiLineStatementsMustNotShareLine
+dotnet_diagnostic.SA1401.severity = warning # FieldsMustBePrivate
+dotnet_diagnostic.SA1519.severity = warning # BracesMustNotBeOmittedFromMultiLineChildStatement
+dotnet_diagnostic.SA1111.severity = warning # ClosingParenthesisMustBeOnLineOfLastParameter
+dotnet_diagnostic.SA1520.severity = warning # UseBracesConsistently
+dotnet_diagnostic.SA1407.severity = warning # ArithmeticExpressionsMustDeclarePrecedence
+dotnet_diagnostic.SA1400.severity = warning # AccessModifierMustBeDeclared
+dotnet_diagnostic.SA1119.severity = warning # StatementMustNotUseUnnecessaryParenthesis
+dotnet_diagnostic.SA1649.severity = warning # FileNameMustMatchTypeName
+dotnet_diagnostic.SA1121.severity = warning # UseBuiltInTypeAlias
+dotnet_diagnostic.SA1132.severity = warning # DoNotCombineFields
+dotnet_diagnostic.SA1134.severity = warning # AttributesMustNotShareLine
+dotnet_diagnostic.SA1106.severity = warning # CodeMustNotContainEmptyStatements
+dotnet_diagnostic.SA1312.severity = warning # VariableNamesMustBeginWithLowerCaseLetter
+dotnet_diagnostic.SA1303.severity = warning # ConstFieldNamesMustBeginWithUpperCaseLetter
+dotnet_diagnostic.SA1310.severity = warning # FieldNamesMustNotContainUnderscore
+dotnet_diagnostic.SA1130.severity = warning # UseLambdaSyntax
+dotnet_diagnostic.SA1405.severity = warning # DebugAssertMustProvideMessageText
+dotnet_diagnostic.SA1205.severity = warning # PartialElementsMustDeclareAccess
+dotnet_diagnostic.SA1306.severity = warning # FieldNamesMustBeginWithLowerCaseLetter
+dotnet_diagnostic.SA1209.severity = warning # UsingAliasDirectivesMustBePlacedAfterOtherUsingDirectives
+dotnet_diagnostic.SA1216.severity = warning # UsingStaticDirectivesMustBePlacedAtTheCorrectLocation
+dotnet_diagnostic.SA1133.severity = warning # DoNotCombineAttributes
+dotnet_diagnostic.SA1135.severity = warning # UsingDirectivesMustBeQualified
diff --git a/Directory.Build.props b/Directory.Build.props
index 74f1ebad3d..fcf605f555 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -2,12 +2,6 @@
 <Project>
     <!-- Package references and additional files which are consumed by all projects -->
     <ItemGroup>
-        <PackageReference Include="StyleCop.Analyzers" Version="1.1.118" PrivateAssets="all" IsImplicitlyDefined="true" />
-        <AdditionalFiles Include="$(MSBuildThisFileDirectory)stylecop.json" Link="stylecop.json" />
+        <PackageReference Include="StyleCop.Analyzers" Version="1.2.0-beta.406" PrivateAssets="all" IsImplicitlyDefined="true" />
     </ItemGroup>
-
-    <!-- Specify rule set for all projects -->
-    <PropertyGroup>
-        <CodeAnalysisRuleSet>$(MSBuildThisFileDirectory)codeanalysis.ruleset</CodeAnalysisRuleSet>
-    </PropertyGroup>
 </Project>
diff --git a/codeanalysis.ruleset b/codeanalysis.ruleset
deleted file mode 100644
index ab5ad88f57..0000000000
--- a/codeanalysis.ruleset
+++ /dev/null
@@ -1,18 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<RuleSet Name="CodeAnalysis" ToolsVersion="16.0">
-  <Rules AnalyzerId="Roslynator.CSharp.Analyzers" RuleNamespace="Roslynator.CSharp">
-    <Rule Id="RCS1090" Action="None" />
-  </Rules>
-  <Rules AnalyzerId="StyleCop.Analyzers" RuleNamespace="StyleCop.Analyzers">
-    <Rule Id="SA1101" Action="None" />
-    <Rule Id="SA1200" Action="None" />
-    <Rule Id="SA1308" Action="None" />
-    <Rule Id="SA1309" Action="None" />
-    <Rule Id="SA1311" Action="None" />
-    <Rule Id="SA1402" Action="None" />
-    <Rule Id="SA1413" Action="None" />
-    <Rule Id="SA1611" Action="None" />
-    <Rule Id="SA1615" Action="None" />
-    <Rule Id="SA1629" Action="None" />
-  </Rules>
-</RuleSet>
diff --git a/stylecop.json b/stylecop.json
deleted file mode 100644
index b2f7771470..0000000000
--- a/stylecop.json
+++ /dev/null
@@ -1,16 +0,0 @@
-{
-  "$schema": "https://raw.githubusercontent.com/DotNetAnalyzers/StyleCopAnalyzers/master/StyleCop.Analyzers/StyleCop.Analyzers/Settings/stylecop.schema.json",
-  "settings": {
-    "orderingRules": {
-      "usingDirectivesPlacement": "outsideNamespace",
-      "elementOrder": [
-        "kind"
-      ]
-    },
-    "documentationRules": {
-      "xmlHeader": false,
-      "documentInternalElements": false,
-      "copyrightText": "Copyright (c) Umbraco.\nSee LICENSE for more details."
-    }
-  }
-}

From 461043bd82568aa77476691981fdf3e0a8857ad9 Mon Sep 17 00:00:00 2001
From: Paul Johnson <pmj@umbraco.com>
Date: Mon, 14 Feb 2022 14:43:33 +0000
Subject: [PATCH 70/81] Change web projects TargetFrameworkMoniker to 4.5.2 to
 stop VS 2022 err

---
 umbraco.sln | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/umbraco.sln b/umbraco.sln
index 0018c91041..49da6eb441 100644
--- a/umbraco.sln
+++ b/umbraco.sln
@@ -1,4 +1,4 @@
-
+
 Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio Version 16
 VisualStudioVersion = 16.0.29209.152
@@ -38,7 +38,7 @@ EndProject
 Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "Umbraco.Web.UI.Client", "http://localhost:3961", "{3819A550-DCEC-4153-91B4-8BA9F7F0B9B4}"
 	ProjectSection(WebsiteProperties) = preProject
 		UseIISExpress = "true"
-		TargetFrameworkMoniker = ".NETFramework,Version%3Dv4.5"
+		TargetFrameworkMoniker = ".NETFramework,Version%3Dv4.5.2"
 		Debug.AspNetCompiler.VirtualPath = "/localhost_3961"
 		Debug.AspNetCompiler.PhysicalPath = "src\Umbraco.Web.UI.Client\"
 		Debug.AspNetCompiler.TargetPath = "PrecompiledWeb\localhost_3961\"
@@ -61,7 +61,7 @@ EndProject
 Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "Umbraco.Tests.AcceptanceTest", "http://localhost:58896", "{9E4C8A12-FBE0-4673-8CE2-DF99D5D57817}"
 	ProjectSection(WebsiteProperties) = preProject
 		UseIISExpress = "true"
-		TargetFrameworkMoniker = ".NETFramework,Version%3Dv4.5"
+		TargetFrameworkMoniker = ".NETFramework,Version%3Dv4.5.2"
 		Debug.AspNetCompiler.VirtualPath = "/localhost_62926"
 		Debug.AspNetCompiler.PhysicalPath = "tests\Umbraco.Tests.AcceptanceTest\"
 		Debug.AspNetCompiler.TargetPath = "PrecompiledWeb\localhost_62926\"

From a34e278a409eeca183624627ad284b2f762e8fbe Mon Sep 17 00:00:00 2001
From: Paul Johnson <pmj@umbraco.com>
Date: Mon, 14 Feb 2022 14:46:37 +0000
Subject: [PATCH 71/81] Fix whitespace in sln

---
 umbraco.sln | 1 -
 1 file changed, 1 deletion(-)

diff --git a/umbraco.sln b/umbraco.sln
index 49da6eb441..497258c699 100644
--- a/umbraco.sln
+++ b/umbraco.sln
@@ -1,4 +1,3 @@
-
 Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio Version 16
 VisualStudioVersion = 16.0.29209.152

From de2668a62110eb432b69922755f2554c2a6fa654 Mon Sep 17 00:00:00 2001
From: Andy Butland <abutland73@gmail.com>
Date: Mon, 14 Feb 2022 17:41:12 +0100
Subject: [PATCH 72/81] Added section for promoted packages in the back-office.
 (#11947)

* Added section for promoted packages in the back-office.

* Updates from PR review.
---
 .../ourpackagerrepository.resource.js         | 16 ++++-
 .../views/packages/views/repo.controller.js   | 62 ++++++++++-------
 .../src/views/packages/views/repo.html        | 66 ++++++++++---------
 src/Umbraco.Web.UI/umbraco/config/lang/en.xml |  1 +
 .../umbraco/config/lang/en_us.xml             |  1 +
 5 files changed, 91 insertions(+), 55 deletions(-)

diff --git a/src/Umbraco.Web.UI.Client/src/common/resources/ourpackagerrepository.resource.js b/src/Umbraco.Web.UI.Client/src/common/resources/ourpackagerrepository.resource.js
index f803d7edce..be13e6d0ec 100644
--- a/src/Umbraco.Web.UI.Client/src/common/resources/ourpackagerrepository.resource.js
+++ b/src/Umbraco.Web.UI.Client/src/common/resources/ourpackagerrepository.resource.js
@@ -36,7 +36,21 @@ function ourPackageRepositoryResource($q, $http, umbDataFormatter, umbRequestHel
                $http.get(baseurl + "?pageIndex=0&pageSize=" + maxResults + "&category=" + category + "&order=Popular&version=" + Umbraco.Sys.ServerVariables.application.version),
                'Failed to query packages');
         },
-       
+
+        getPromoted: function (maxResults, category) {
+
+            if (maxResults === undefined) {
+                maxResults = 20;
+            }
+            if (category === undefined) {
+                category = "";
+            }
+
+            return umbRequestHelper.resourcePromise(
+               $http.get(baseurl + "?pageIndex=0&pageSize=" + maxResults + "&category=" + category + "&order=Popular&version=" + Umbraco.Sys.ServerVariables.application.version + "&onlyPromoted=true"),
+               'Failed to query packages');
+        },
+
         search: function (pageIndex, pageSize, orderBy, category, query, canceler) {
 
             var httpConfig = {};
diff --git a/src/Umbraco.Web.UI.Client/src/views/packages/views/repo.controller.js b/src/Umbraco.Web.UI.Client/src/views/packages/views/repo.controller.js
index 05b09e8abd..a3405bc2bf 100644
--- a/src/Umbraco.Web.UI.Client/src/views/packages/views/repo.controller.js
+++ b/src/Umbraco.Web.UI.Client/src/views/packages/views/repo.controller.js
@@ -1,7 +1,7 @@
 (function () {
     "use strict";
 
-    function PackagesRepoController($scope, $timeout, ourPackageRepositoryResource, $q, packageResource, localStorageService, localizationService) {
+    function PackagesRepoController($scope, $timeout, ourPackageRepositoryResource, $q, localizationService) {
 
         var vm = this;
 
@@ -24,6 +24,8 @@
         vm.closeLightbox = closeLightbox;
         vm.search = search;
         vm.installCompleted = false;
+        vm.highlightedPackageCollections = [];
+        vm.labels = {};
 
         var defaultSort = "Latest";
         var currSort = defaultSort;
@@ -46,28 +48,38 @@
         function init() {
 
             vm.loading = true;
+            localizationService.localizeMany(["packager_packagesPopular", "packager_packagesPromoted"])
+                .then(function (labels) {
+                    vm.labels.popularPackages = labels[0];
+                    vm.labels.promotedPackages = labels[1];
 
-            $q.all([
-                ourPackageRepositoryResource.getCategories()
-                    .then(function (cats) {
-                        vm.categories = cats.filter(function (cat) {
-                            return cat.name !== "Umbraco Pro";
+                    var popularPackages, promotedPackages;
+                    $q.all([
+                        ourPackageRepositoryResource.getCategories()
+                            .then(function (cats) {
+                                vm.categories = cats.filter(function (cat) {
+                                    return cat.name !== "Umbraco Pro";
+                                });
+                            }),
+                        ourPackageRepositoryResource.getPopular(10)
+                            .then(function (pack) {
+                                popularPackages = { title: vm.labels.popularPackages, packages: pack.packages };
+                            }),
+                        ourPackageRepositoryResource.getPromoted(20)
+                            .then(function (pack) {
+                                promotedPackages = { title: vm.labels.promotedPackages, packages: pack.packages };
+                            }),
+                        ourPackageRepositoryResource.search(vm.pagination.pageNumber - 1, vm.pagination.pageSize, currSort)
+                            .then(function (pack) {
+                                vm.packages = pack.packages;
+                                vm.pagination.totalPages = Math.ceil(pack.total / vm.pagination.pageSize);
+                            })
+                        ])
+                        .then(function () {
+                            vm.highlightedPackageCollections = [popularPackages, promotedPackages];
+                            vm.loading = false;
                         });
-                    }),
-                ourPackageRepositoryResource.getPopular(8)
-                    .then(function (pack) {
-                        vm.popular = pack.packages;
-                    }),
-                ourPackageRepositoryResource.search(vm.pagination.pageNumber - 1, vm.pagination.pageSize, currSort)
-                    .then(function (pack) {
-                        vm.packages = pack.packages;
-                        vm.pagination.totalPages = Math.ceil(pack.total / vm.pagination.pageSize);
-                    })
-            ])
-                .then(function () {
-                    vm.loading = false;
                 });
-
         }
 
         function selectCategory(selectedCategory, categories) {
@@ -96,10 +108,15 @@
 
             currSort = defaultSort;
 
+            var popularPackages, promotedPackages;
             $q.all([
-                ourPackageRepositoryResource.getPopular(8, searchCategory)
+                ourPackageRepositoryResource.getPopular(10, searchCategory)
                     .then(function (pack) {
-                        vm.popular = pack.packages;
+                        popularPackages = { title: vm.labels.popularPackages, packages: pack.packages };
+                    }),
+                ourPackageRepositoryResource.getPromoted(20, searchCategory)
+                    .then(function (pack) {
+                        promotedPackages = { title: vm.labels.promotedPackages, packages: pack.packages };
                     }),
                 ourPackageRepositoryResource.search(vm.pagination.pageNumber - 1, vm.pagination.pageSize, currSort, searchCategory, vm.searchQuery)
                     .then(function (pack) {
@@ -109,6 +126,7 @@
                     })
                 ])
                 .then(function () {
+                    vm.highlightedPackageCollections = [popularPackages, promotedPackages];
                     vm.loading = false;
                 });
         }
diff --git a/src/Umbraco.Web.UI.Client/src/views/packages/views/repo.html b/src/Umbraco.Web.UI.Client/src/views/packages/views/repo.html
index 262cf3eda6..7dc3e499fe 100644
--- a/src/Umbraco.Web.UI.Client/src/views/packages/views/repo.html
+++ b/src/Umbraco.Web.UI.Client/src/views/packages/views/repo.html
@@ -36,46 +36,48 @@
 
         <div ng-show="vm.loading === false">
 
-            <div class="umb-packages-section" ng-if="vm.searchQuery == '' && vm.popular.length > 0">
-                <h4><strong><localize key="packager_packagesPopular">Popular</localize></strong></h4>
-                <div class="umb-packages">
+            <div ng-repeat="highlightedPackageCollection in vm.highlightedPackageCollections">
+                <div class="umb-packages-section" ng-if="vm.searchQuery == '' && highlightedPackageCollection.packages.length > 0">
+                    <h4><strong>{{highlightedPackageCollection.title}}</strong></h4>
+                    <div class="umb-packages">
 
-                    <div class="umb-package" ng-repeat="package in vm.popular">
-                        <button type="button" class="umb-package-link" ng-click="vm.showPackageDetails(package)">
+                        <div class="umb-package" ng-repeat="package in highlightedPackageCollection.packages">
+                            <button type="button" class="umb-package-link" ng-click="vm.showPackageDetails(package)">
 
-                            <div class="flex flex-column">
-                                <div class="umb-package-icon">
-                                    <img ng-src="{{package.icon}}" alt="" />
-                                </div>
-
-                                <div class="umb-package-info">
-                                    <div class="umb-package-name">{{package.name}}</div>
-                                    <div class="umb-package-description">{{package.excerpt | limitTo: 40}}<span ng-if="package.excerpt > (package.excerpt | limitTo: 40)">...</span></div>
-
-                                    <div class="umb-package-numbers">
-                                        <small class="umb-package-downloads">
-                                            <umb-icon icon="icon-download-alt"></umb-icon>
-                                            <strong>{{package.downloads}}</strong>
-                                        </small>
-                                        <small class="umb-package-likes">
-                                            <umb-icon icon="icon-hearts" class="icon-hearts"></umb-icon>
-                                            <strong>{{package.likes}}</strong>
-                                        </small>
+                                <div class="flex flex-column">
+                                    <div class="umb-package-icon">
+                                        <img ng-src="{{package.icon}}" alt="" />
                                     </div>
-                                    <div class="umb-package-cloud">
-                                        <div ng-if="package.certifiedToWorkOnUmbracoCloud">
-                                            <umb-icon icon="icon-cloud" class="icon-cloud"></umb-icon>
-                                            <span><localize key="packager_verifiedToWorkOnUmbracoCloud">Verified to work on Umbraco Cloud</localize></span>
+
+                                    <div class="umb-package-info">
+                                        <div class="umb-package-name">{{package.name}}</div>
+                                        <div class="umb-package-description">{{package.excerpt | limitTo: 40}}<span ng-if="package.excerpt > (package.excerpt | limitTo: 40)">...</span></div>
+
+                                        <div class="umb-package-numbers">
+                                            <small class="umb-package-downloads">
+                                                <umb-icon icon="icon-download-alt"></umb-icon>
+                                                <strong>{{package.downloads}}</strong>
+                                            </small>
+                                            <small class="umb-package-likes">
+                                                <umb-icon icon="icon-hearts" class="icon-hearts"></umb-icon>
+                                                <strong>{{package.likes}}</strong>
+                                            </small>
                                         </div>
+                                        <div class="umb-package-cloud">
+                                            <div ng-if="package.certifiedToWorkOnUmbracoCloud">
+                                                <umb-icon icon="icon-cloud" class="icon-cloud"></umb-icon>
+                                                <span><localize key="packager_verifiedToWorkOnUmbracoCloud">Verified to work on Umbraco Cloud</localize></span>
+                                            </div>
+                                        </div>
+
                                     </div>
-
                                 </div>
-                            </div>
 
-                        </button>
-                    </div> <!-- end package -->
+                            </button>
+                        </div> <!-- end package -->
 
-                </div> <!-- end packages -->
+                    </div> <!-- end packages -->
+                </div>
             </div>
 
             <div class="umb-packages-section" ng-if="vm.packages.length > 0">
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/en.xml b/src/Umbraco.Web.UI/umbraco/config/lang/en.xml
index 4fc52fc0a7..6364d58b5d 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/en.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/en.xml
@@ -1292,6 +1292,7 @@ To manage your website, simply open the Umbraco backoffice and start adding cont
     <key alias="packageNoResultsDescription">Please try searching for another package or browse through the categories
     </key>
     <key alias="packagesPopular">Popular</key>
+    <key alias="packagesPromoted">Promoted</key>
     <key alias="packagesNew">New releases</key>
     <key alias="packageHas">has</key>
     <key alias="packageKarmaPoints">karma points</key>
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml b/src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml
index 2d575ba77f..e46e917a85 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml
@@ -1310,6 +1310,7 @@ To manage your website, simply open the Umbraco backoffice and start adding cont
     <key alias="packageNoResultsDescription">Please try searching for another package or browse through the categories
     </key>
     <key alias="packagesPopular">Popular</key>
+    <key alias="packagesPromoted">Promoted</key>
     <key alias="packagesNew">New releases</key>
     <key alias="packageHas">has</key>
     <key alias="packageKarmaPoints">karma points</key>

From 62fa1695df46c36d13fa8f172efed7dc80e10bd1 Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Tue, 15 Feb 2022 10:48:52 +0100
Subject: [PATCH 73/81] Add config to hide backoffice logo (#11999)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Added config to hide backoffice logo

* rename to hideBackofficeLogo

* hide on mobile

* add hideBackofficeLogo

* implement hideBackofficeLogo + toggle on click

* Updated c# syntax

Co-authored-by: Niels Lyngsø <niels.lyngso@gmail.com>
---
 .../UmbracoSettings/ContentElement.cs         |  4 ++++
 .../UmbracoSettings/IContentSection.cs        |  5 +++--
 .../application/umbappheader.directive.js     | 20 +++++++++++++++----
 .../application/umb-app-header.less           |  7 +++++++
 .../application/umb-app-header.html           |  8 ++++++--
 .../Editors/BackOfficeServerVariables.cs      |  3 ++-
 6 files changed, 38 insertions(+), 9 deletions(-)

diff --git a/src/Umbraco.Core/Configuration/UmbracoSettings/ContentElement.cs b/src/Umbraco.Core/Configuration/UmbracoSettings/ContentElement.cs
index fba46c077e..a12aca1db2 100644
--- a/src/Umbraco.Core/Configuration/UmbracoSettings/ContentElement.cs
+++ b/src/Umbraco.Core/Configuration/UmbracoSettings/ContentElement.cs
@@ -46,6 +46,9 @@ namespace Umbraco.Core.Configuration.UmbracoSettings
         [ConfigurationProperty("loginLogoImage")]
         internal InnerTextConfigurationElement<string> LoginLogoImage => GetOptionalTextElement("loginLogoImage", "assets/img/application/umbraco_logo_white.svg");
 
+        [ConfigurationProperty("hideBackofficeLogo")]
+        internal InnerTextConfigurationElement<bool> HideBackOfficeLogo => GetOptionalTextElement("hideBackofficeLogo", false);
+
         string IContentSection.NotificationEmailAddress => Notifications.NotificationEmailAddress;
 
         bool IContentSection.DisableHtmlEmail => Notifications.DisableHtmlEmail;
@@ -71,5 +74,6 @@ namespace Umbraco.Core.Configuration.UmbracoSettings
         string IContentSection.LoginBackgroundImage => LoginBackgroundImage;
 
         string IContentSection.LoginLogoImage => LoginLogoImage;
+        bool IContentSection.HideBackOfficeLogo => HideBackOfficeLogo;
     }
 }
diff --git a/src/Umbraco.Core/Configuration/UmbracoSettings/IContentSection.cs b/src/Umbraco.Core/Configuration/UmbracoSettings/IContentSection.cs
index d8ef2bb943..fd301ab397 100644
--- a/src/Umbraco.Core/Configuration/UmbracoSettings/IContentSection.cs
+++ b/src/Umbraco.Core/Configuration/UmbracoSettings/IContentSection.cs
@@ -12,11 +12,11 @@ namespace Umbraco.Core.Configuration.UmbracoSettings
         IEnumerable<string> ImageFileTypes { get; }
 
         IEnumerable<IImagingAutoFillUploadField> ImageAutoFillProperties { get; }
-        
+
         bool ResolveUrlsFromTextString { get; }
 
         IEnumerable<IContentErrorPage> Error404Collection { get; }
-        
+
         string PreviewBadge { get; }
 
         MacroErrorBehaviour MacroErrorBehaviour { get; }
@@ -36,5 +36,6 @@ namespace Umbraco.Core.Configuration.UmbracoSettings
         string LoginBackgroundImage { get; }
 
         string LoginLogoImage { get; }
+        bool HideBackOfficeLogo { get; }
     }
 }
diff --git a/src/Umbraco.Web.UI.Client/src/common/directives/components/application/umbappheader.directive.js b/src/Umbraco.Web.UI.Client/src/common/directives/components/application/umbappheader.directive.js
index 6cf6dd85f3..01e199c572 100644
--- a/src/Umbraco.Web.UI.Client/src/common/directives/components/application/umbappheader.directive.js
+++ b/src/Umbraco.Web.UI.Client/src/common/directives/components/application/umbappheader.directive.js
@@ -16,6 +16,7 @@
                 { value: "assets/img/application/logo@2x.png" },
                 { value: "assets/img/application/logo@3x.png" }
             ];
+            scope.hideBackofficeLogo = Umbraco.Sys.ServerVariables.umbracoSettings.hideBackofficeLogo;
 
             // when a user logs out or timesout
             evts.push(eventsService.on("app.notAuthenticated", function () {
@@ -104,15 +105,26 @@
                 $timeout.cancel(scope.logoModal.timer);
             };
             scope.hideLogoModal = function() {
-                $timeout.cancel(scope.logoModal.timer);
-                scope.logoModal.timer = $timeout(function () {
-                    scope.logoModal.show = false;
-                }, 100);
+                if(scope.logoModal.show === true) {
+                    $timeout.cancel(scope.logoModal.timer);
+                    scope.logoModal.timer = $timeout(function () {
+                        scope.logoModal.show = false;
+                    }, 100);
+                }
             };
             scope.stopClickEvent = function($event) {
                 $event.stopPropagation();
             };
 
+            scope.toggleLogoModal = function() {
+                if(scope.logoModal.show) {
+                    $timeout.cancel(scope.logoModal.timer);
+                    scope.logoModal.show = false;
+                } else {
+                    scope.showLogoModal();
+                }
+            };
+
         }
 
         var directive = {
diff --git a/src/Umbraco.Web.UI.Client/src/less/components/application/umb-app-header.less b/src/Umbraco.Web.UI.Client/src/less/components/application/umb-app-header.less
index bb346fc402..6e1fa29eab 100644
--- a/src/Umbraco.Web.UI.Client/src/less/components/application/umb-app-header.less
+++ b/src/Umbraco.Web.UI.Client/src/less/components/application/umb-app-header.less
@@ -9,11 +9,18 @@
 
 .umb-app-header__logo {
     margin-right: 30px;
+    flex-shrink: 0;
     button {
         img {
             height: 30px;
         }
     }
+    
+}
+@media (max-width: 1279px) {
+    .umb-app-header__logo {
+        display: none;
+    }
 }
 
 .umb-app-header__logo-modal {
diff --git a/src/Umbraco.Web.UI.Client/src/views/components/application/umb-app-header.html b/src/Umbraco.Web.UI.Client/src/views/components/application/umb-app-header.html
index 98b8d88869..ce3bf06853 100644
--- a/src/Umbraco.Web.UI.Client/src/views/components/application/umb-app-header.html
+++ b/src/Umbraco.Web.UI.Client/src/views/components/application/umb-app-header.html
@@ -1,7 +1,11 @@
 <div>
     <div class="umb-app-header">
-        <div class="umb-app-header__logo">
-            <button type="button" class="btn-reset" ng-click="showLogoModal()">
+        <div class="umb-app-header__logo" ng-if="hideBackofficeLogo !== true">
+            <button
+                type="button"
+                class="btn-reset"
+                ng-click="toggleLogoModal()"
+            >
                 <img
                     src="assets/img/application/umbraco_logomark_white.svg"
                     alt="Umbraco"
diff --git a/src/Umbraco.Web/Editors/BackOfficeServerVariables.cs b/src/Umbraco.Web/Editors/BackOfficeServerVariables.cs
index f855a45664..837383aa32 100644
--- a/src/Umbraco.Web/Editors/BackOfficeServerVariables.cs
+++ b/src/Umbraco.Web/Editors/BackOfficeServerVariables.cs
@@ -57,7 +57,7 @@ namespace Umbraco.Web.Editors
             var keepOnlyKeys = new Dictionary<string, string[]>
             {
                 {"umbracoUrls", new[] {"authenticationApiBaseUrl", "serverVarsJs", "externalLoginsUrl", "currentUserApiBaseUrl", "iconApiBaseUrl"}},
-                {"umbracoSettings", new[] {"allowPasswordReset", "imageFileTypes", "maxFileSize", "loginBackgroundImage", "loginLogoImage", "canSendRequiredEmail", "usernameIsEmail", "minimumPasswordLength", "minimumPasswordNonAlphaNum"}},
+                {"umbracoSettings", new[] {"allowPasswordReset", "imageFileTypes", "maxFileSize", "loginBackgroundImage", "loginLogoImage", "canSendRequiredEmail", "usernameIsEmail", "minimumPasswordLength", "minimumPasswordNonAlphaNum", "hideBackofficeLogo"}},
                 {"application", new[] {"applicationPath", "cacheBuster"}},
                 {"isDebuggingEnabled", new string[] { }},
                 {"features", new [] {"disabledFeatures"}}
@@ -356,6 +356,7 @@ namespace Umbraco.Web.Editors
                         {"allowPasswordReset", Current.Configs.Settings().Security.AllowPasswordReset},
                         {"loginBackgroundImage",  Current.Configs.Settings().Content.LoginBackgroundImage},
                         {"loginLogoImage", Current.Configs.Settings().Content.LoginLogoImage },
+                        {"hideBackofficeLogo", Current.Configs.Settings().Content.HideBackOfficeLogo },
                         {"showUserInvite", EmailSender.CanSendRequiredEmail},
                         {"canSendRequiredEmail", EmailSender.CanSendRequiredEmail},
                         {"showAllowSegmentationForDocumentTypes", false},

From f1c83fbd80fde9f6aea716c4f0fef76beed32f7a Mon Sep 17 00:00:00 2001
From: Ronald Barendse <ronald@barend.se>
Date: Tue, 15 Feb 2022 16:46:20 +0100
Subject: [PATCH 74/81] Only select ItemIdFieldName in
 PublishedContentQuery.Search to improve performance (#11950)

* Fix code styling

* Only select ItemIdFieldName and fix exception when variation context is null

* Save hashset instead of making on on each request (indirectly)

Co-authored-by: Bjarke Berg <mail@bergmania.dk>
---
 .../IPublishedContentQuery.cs                 |  21 +-
 .../PublishedContentQuery.cs                  | 241 +++++++++---------
 2 files changed, 132 insertions(+), 130 deletions(-)

diff --git a/src/Umbraco.Infrastructure/IPublishedContentQuery.cs b/src/Umbraco.Infrastructure/IPublishedContentQuery.cs
index 77ca873638..0f98fb2924 100644
--- a/src/Umbraco.Infrastructure/IPublishedContentQuery.cs
+++ b/src/Umbraco.Infrastructure/IPublishedContentQuery.cs
@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Xml.XPath;
 using Examine.Search;
@@ -8,31 +8,46 @@ using Umbraco.Cms.Core.Xml;
 namespace Umbraco.Cms.Core
 {
     /// <summary>
-    /// Query methods used for accessing strongly typed content in templates
+    /// Query methods used for accessing strongly typed content in templates.
     /// </summary>
     public interface IPublishedContentQuery
     {
         IPublishedContent Content(int id);
+
         IPublishedContent Content(Guid id);
+
         IPublishedContent Content(Udi id);
+
         IPublishedContent Content(object id);
+
         IPublishedContent ContentSingleAtXPath(string xpath, params XPathVariable[] vars);
+
         IEnumerable<IPublishedContent> Content(IEnumerable<int> ids);
+
         IEnumerable<IPublishedContent> Content(IEnumerable<Guid> ids);
 
         IEnumerable<IPublishedContent> Content(IEnumerable<object> ids);
+
         IEnumerable<IPublishedContent> ContentAtXPath(string xpath, params XPathVariable[] vars);
+
         IEnumerable<IPublishedContent> ContentAtXPath(XPathExpression xpath, params XPathVariable[] vars);
+
         IEnumerable<IPublishedContent> ContentAtRoot();
 
         IPublishedContent Media(int id);
+
         IPublishedContent Media(Guid id);
+
         IPublishedContent Media(Udi id);
 
         IPublishedContent Media(object id);
+
         IEnumerable<IPublishedContent> Media(IEnumerable<int> ids);
+
         IEnumerable<IPublishedContent> Media(IEnumerable<object> ids);
+
         IEnumerable<IPublishedContent> Media(IEnumerable<Guid> ids);
+
         IEnumerable<IPublishedContent> MediaAtRoot();
 
         /// <summary>
@@ -44,7 +59,7 @@ namespace Umbraco.Cms.Core
         /// <param name="totalRecords">The total amount of records.</param>
         /// <param name="culture">The culture (defaults to a culture insensitive search).</param>
         /// <param name="indexName">The name of the index to search (defaults to <see cref="Constants.UmbracoIndexes.ExternalIndexName" />).</param>
-        /// <param name="loadedFields">The fields to load in the results of the search (defaults to all fields loaded).</param>
+        /// <param name="loadedFields">This parameter is no longer used, because the results are loaded from the published snapshot using the single item ID field.</param>
         /// <returns>
         /// The search results.
         /// </returns>
diff --git a/src/Umbraco.Infrastructure/PublishedContentQuery.cs b/src/Umbraco.Infrastructure/PublishedContentQuery.cs
index d8119f919c..d0afe53540 100644
--- a/src/Umbraco.Infrastructure/PublishedContentQuery.cs
+++ b/src/Umbraco.Infrastructure/PublishedContentQuery.cs
@@ -17,23 +17,25 @@ using Constants = Umbraco.Cms.Core.Constants;
 namespace Umbraco.Cms.Infrastructure
 {
     /// <summary>
-    ///     A class used to query for published content, media items
+    /// A class used to query for published content, media items
     /// </summary>
+    /// <seealso cref="Umbraco.Cms.Core.IPublishedContentQuery" />
     public class PublishedContentQuery : IPublishedContentQuery
     {
         private readonly IExamineManager _examineManager;
         private readonly IPublishedSnapshot _publishedSnapshot;
         private readonly IVariationContextAccessor _variationContextAccessor;
 
+        private static readonly HashSet<string> s_itemIdFieldNameHashSet =
+            new HashSet<string>() { ExamineFieldNames.ItemIdFieldName };
+
         /// <summary>
-        ///     Initializes a new instance of the <see cref="PublishedContentQuery" /> class.
+        /// Initializes a new instance of the <see cref="PublishedContentQuery" /> class.
         /// </summary>
-        public PublishedContentQuery(IPublishedSnapshot publishedSnapshot,
-            IVariationContextAccessor variationContextAccessor, IExamineManager examineManager)
+        public PublishedContentQuery(IPublishedSnapshot publishedSnapshot, IVariationContextAccessor variationContextAccessor, IExamineManager examineManager)
         {
             _publishedSnapshot = publishedSnapshot ?? throw new ArgumentNullException(nameof(publishedSnapshot));
-            _variationContextAccessor = variationContextAccessor ??
-                                        throw new ArgumentNullException(nameof(variationContextAccessor));
+            _variationContextAccessor = variationContextAccessor ?? throw new ArgumentNullException(nameof(variationContextAccessor));
             _examineManager = examineManager ?? throw new ArgumentNullException(nameof(examineManager));
         }
 
@@ -72,6 +74,7 @@ namespace Umbraco.Cms.Infrastructure
                     return false;
             }
         }
+
         private static bool ConvertIdObjectToUdi(object id, out Udi guidId)
         {
             switch (id)
@@ -93,160 +96,148 @@ namespace Umbraco.Cms.Infrastructure
 
         #region Content
 
-        public IPublishedContent Content(int id) => ItemById(id, _publishedSnapshot.Content);
+        public IPublishedContent Content(int id)
+            => ItemById(id, _publishedSnapshot.Content);
 
-        public IPublishedContent Content(Guid id) => ItemById(id, _publishedSnapshot.Content);
+        public IPublishedContent Content(Guid id)
+            => ItemById(id, _publishedSnapshot.Content);
 
         public IPublishedContent Content(Udi id)
-        {
-            if (!(id is GuidUdi udi)) return null;
-            return ItemById(udi.Guid, _publishedSnapshot.Content);
-        }
+            => id is GuidUdi udi ? ItemById(udi.Guid, _publishedSnapshot.Content) : null;
 
         public IPublishedContent Content(object id)
         {
             if (ConvertIdObjectToInt(id, out var intId))
+            {
                 return Content(intId);
+            }
+
             if (ConvertIdObjectToGuid(id, out var guidId))
+            {
                 return Content(guidId);
+            }
+
             if (ConvertIdObjectToUdi(id, out var udiId))
+            {
                 return Content(udiId);
+            }
+
             return null;
         }
 
-        public IPublishedContent ContentSingleAtXPath(string xpath, params XPathVariable[] vars) =>
-            ItemByXPath(xpath, vars, _publishedSnapshot.Content);
+        public IPublishedContent ContentSingleAtXPath(string xpath, params XPathVariable[] vars)
+            => ItemByXPath(xpath, vars, _publishedSnapshot.Content);
 
-        public IEnumerable<IPublishedContent> Content(IEnumerable<int> ids) =>
-            ItemsByIds(_publishedSnapshot.Content, ids);
+        public IEnumerable<IPublishedContent> Content(IEnumerable<int> ids)
+            => ItemsByIds(_publishedSnapshot.Content, ids);
 
-        public IEnumerable<IPublishedContent> Content(IEnumerable<Guid> ids) =>
-            ItemsByIds(_publishedSnapshot.Content, ids);
+        public IEnumerable<IPublishedContent> Content(IEnumerable<Guid> ids)
+            => ItemsByIds(_publishedSnapshot.Content, ids);
 
         public IEnumerable<IPublishedContent> Content(IEnumerable<object> ids)
-        {
-            return ids.Select(Content).WhereNotNull();
-        }
-        public IEnumerable<IPublishedContent> ContentAtXPath(string xpath, params XPathVariable[] vars) =>
-            ItemsByXPath(xpath, vars, _publishedSnapshot.Content);
+            => ids.Select(Content).WhereNotNull();
 
-        public IEnumerable<IPublishedContent> ContentAtXPath(XPathExpression xpath, params XPathVariable[] vars) =>
-            ItemsByXPath(xpath, vars, _publishedSnapshot.Content);
+        public IEnumerable<IPublishedContent> ContentAtXPath(string xpath, params XPathVariable[] vars)
+            => ItemsByXPath(xpath, vars, _publishedSnapshot.Content);
 
-        public IEnumerable<IPublishedContent> ContentAtRoot() => ItemsAtRoot(_publishedSnapshot.Content);
+        public IEnumerable<IPublishedContent> ContentAtXPath(XPathExpression xpath, params XPathVariable[] vars)
+            => ItemsByXPath(xpath, vars, _publishedSnapshot.Content);
+
+        public IEnumerable<IPublishedContent> ContentAtRoot()
+            => ItemsAtRoot(_publishedSnapshot.Content);
 
         #endregion
 
         #region Media
 
-        public IPublishedContent Media(int id) => ItemById(id, _publishedSnapshot.Media);
+        public IPublishedContent Media(int id)
+            => ItemById(id, _publishedSnapshot.Media);
 
-        public IPublishedContent Media(Guid id) => ItemById(id, _publishedSnapshot.Media);
+        public IPublishedContent Media(Guid id)
+            => ItemById(id, _publishedSnapshot.Media);
 
         public IPublishedContent Media(Udi id)
-        {
-            if (!(id is GuidUdi udi)) return null;
-            return ItemById(udi.Guid, _publishedSnapshot.Media);
-        }
+            => id is GuidUdi udi ? ItemById(udi.Guid, _publishedSnapshot.Media) : null;
 
         public IPublishedContent Media(object id)
         {
             if (ConvertIdObjectToInt(id, out var intId))
+            {
                 return Media(intId);
+            }
+
             if (ConvertIdObjectToGuid(id, out var guidId))
+            {
                 return Media(guidId);
+            }
+
             if (ConvertIdObjectToUdi(id, out var udiId))
+            {
                 return Media(udiId);
+            }
+
             return null;
         }
 
-        public IEnumerable<IPublishedContent> Media(IEnumerable<int> ids) => ItemsByIds(_publishedSnapshot.Media, ids);
+        public IEnumerable<IPublishedContent> Media(IEnumerable<int> ids)
+            => ItemsByIds(_publishedSnapshot.Media, ids);
+
         public IEnumerable<IPublishedContent> Media(IEnumerable<object> ids)
-        {
-            return ids.Select(Media).WhereNotNull();
-        }
+            => ids.Select(Media).WhereNotNull();
 
-        public IEnumerable<IPublishedContent> Media(IEnumerable<Guid> ids) => ItemsByIds(_publishedSnapshot.Media, ids);
+        public IEnumerable<IPublishedContent> Media(IEnumerable<Guid> ids)
+            => ItemsByIds(_publishedSnapshot.Media, ids);
 
-        public IEnumerable<IPublishedContent> MediaAtRoot() => ItemsAtRoot(_publishedSnapshot.Media);
+        public IEnumerable<IPublishedContent> MediaAtRoot()
+            => ItemsAtRoot(_publishedSnapshot.Media);
 
         #endregion
 
         #region Used by Content/Media
 
         private static IPublishedContent ItemById(int id, IPublishedCache cache)
-        {
-            var doc = cache.GetById(id);
-            return doc;
-        }
+            => cache.GetById(id);
 
         private static IPublishedContent ItemById(Guid id, IPublishedCache cache)
-        {
-            var doc = cache.GetById(id);
-            return doc;
-        }
+            => cache.GetById(id);
 
         private static IPublishedContent ItemByXPath(string xpath, XPathVariable[] vars, IPublishedCache cache)
-        {
-            var doc = cache.GetSingleByXPath(xpath, vars);
-            return doc;
-        }
-
-        //NOTE: Not used?
-        //private IPublishedContent ItemByXPath(XPathExpression xpath, XPathVariable[] vars, IPublishedCache cache)
-        //{
-        //    var doc = cache.GetSingleByXPath(xpath, vars);
-        //    return doc;
-        //}
+            => cache.GetSingleByXPath(xpath, vars);
 
         private static IEnumerable<IPublishedContent> ItemsByIds(IPublishedCache cache, IEnumerable<int> ids)
-        {
-            return ids.Select(eachId => ItemById(eachId, cache)).WhereNotNull();
-        }
+            => ids.Select(eachId => ItemById(eachId, cache)).WhereNotNull();
 
         private IEnumerable<IPublishedContent> ItemsByIds(IPublishedCache cache, IEnumerable<Guid> ids)
-        {
-            return ids.Select(eachId => ItemById(eachId, cache)).WhereNotNull();
-        }
+            => ids.Select(eachId => ItemById(eachId, cache)).WhereNotNull();
 
-        private static IEnumerable<IPublishedContent> ItemsByXPath(string xpath, XPathVariable[] vars,
-            IPublishedCache cache)
-        {
-            var doc = cache.GetByXPath(xpath, vars);
-            return doc;
-        }
+        private static IEnumerable<IPublishedContent> ItemsByXPath(string xpath, XPathVariable[] vars, IPublishedCache cache)
+            => cache.GetByXPath(xpath, vars);
 
-        private static IEnumerable<IPublishedContent> ItemsByXPath(XPathExpression xpath, XPathVariable[] vars,
-            IPublishedCache cache)
-        {
-            var doc = cache.GetByXPath(xpath, vars);
-            return doc;
-        }
+        private static IEnumerable<IPublishedContent> ItemsByXPath(XPathExpression xpath, XPathVariable[] vars, IPublishedCache cache)
+            => cache.GetByXPath(xpath, vars);
 
-        private static IEnumerable<IPublishedContent> ItemsAtRoot(IPublishedCache cache) => cache.GetAtRoot();
+        private static IEnumerable<IPublishedContent> ItemsAtRoot(IPublishedCache cache)
+            => cache.GetAtRoot();
 
         #endregion
 
         #region Search
 
         /// <inheritdoc />
-        public IEnumerable<PublishedSearchResult> Search(string term, string culture = "*",
-            string indexName = Constants.UmbracoIndexes.ExternalIndexName) =>
-            Search(term, 0, 0, out _, culture, indexName);
+        public IEnumerable<PublishedSearchResult> Search(string term, string culture = "*", string indexName = Constants.UmbracoIndexes.ExternalIndexName)
+            => Search(term, 0, 0, out _, culture, indexName);
 
         /// <inheritdoc />
         public IEnumerable<PublishedSearchResult> Search(string term, int skip, int take, out long totalRecords, string culture = "*", string indexName = Constants.UmbracoIndexes.ExternalIndexName, ISet<string> loadedFields = null)
         {
             if (skip < 0)
             {
-                throw new ArgumentOutOfRangeException(nameof(skip), skip,
-                    "The value must be greater than or equal to zero.");
+                throw new ArgumentOutOfRangeException(nameof(skip), skip, "The value must be greater than or equal to zero.");
             }
 
             if (take < 0)
             {
-                throw new ArgumentOutOfRangeException(nameof(take), take,
-                    "The value must be greater than or equal to zero.");
+                throw new ArgumentOutOfRangeException(nameof(take), take, "The value must be greater than or equal to zero.");
             }
 
             if (string.IsNullOrEmpty(indexName))
@@ -254,68 +245,67 @@ namespace Umbraco.Cms.Infrastructure
                 indexName = Constants.UmbracoIndexes.ExternalIndexName;
             }
 
-            if (!_examineManager.TryGetIndex(indexName, out var index) || !(index is IUmbracoIndex umbIndex))
+            if (!_examineManager.TryGetIndex(indexName, out var index) || index is not IUmbracoIndex umbIndex)
             {
-                throw new InvalidOperationException(
-                    $"No index found by name {indexName} or is not of type {typeof(IUmbracoIndex)}");
+                throw new InvalidOperationException($"No index found by name {indexName} or is not of type {typeof(IUmbracoIndex)}");
             }
 
             var query = umbIndex.Searcher.CreateQuery(IndexTypes.Content);
 
-            IQueryExecutor queryExecutor;
+            IOrdering ordering;
             if (culture == "*")
             {
                 // Search everything
-                queryExecutor = query.ManagedQuery(term);
+                ordering = query.ManagedQuery(term);
             }
             else if (string.IsNullOrWhiteSpace(culture))
             {
                 // Only search invariant
-                queryExecutor = query
+                ordering = query
                     .Field(UmbracoExamineFieldNames.VariesByCultureFieldName, "n") // Must not vary by culture
                     .And().ManagedQuery(term);
             }
             else
             {
                 // Only search the specified culture
-                var fields =
-                    umbIndex.GetCultureAndInvariantFields(culture)
-                        .ToArray(); // Get all index fields suffixed with the culture name supplied
-                queryExecutor = query.ManagedQuery(term, fields);
-            }
-            if (loadedFields != null && queryExecutor is IBooleanOperation booleanOperation)
-            {
-                queryExecutor = booleanOperation.SelectFields(loadedFields);
+                var fields = umbIndex.GetCultureAndInvariantFields(culture).ToArray(); // Get all index fields suffixed with the culture name supplied
+                ordering = query.ManagedQuery(term, fields);
             }
 
+            // Only select item ID field, because results are loaded from the published snapshot based on this single value
+            var queryExecutor = ordering.SelectFields(s_itemIdFieldNameHashSet);
+
+
             var results = skip == 0 && take == 0
                 ? queryExecutor.Execute()
                 : queryExecutor.Execute(QueryOptions.SkipTake(skip, take));
 
             totalRecords = results.TotalItemCount;
 
-            return new CultureContextualSearchResults(
-                results.ToPublishedSearchResults(_publishedSnapshot.Content), _variationContextAccessor,
-                culture);
+            return new CultureContextualSearchResults(results.ToPublishedSearchResults(_publishedSnapshot.Content), _variationContextAccessor, culture);
         }
 
         /// <inheritdoc />
-        public IEnumerable<PublishedSearchResult> Search(IQueryExecutor query) => Search(query, 0, 0, out _);
+        public IEnumerable<PublishedSearchResult> Search(IQueryExecutor query)
+            => Search(query, 0, 0, out _);
 
         /// <inheritdoc />
-        public IEnumerable<PublishedSearchResult> Search(IQueryExecutor query, int skip, int take,
-            out long totalRecords)
+        public IEnumerable<PublishedSearchResult> Search(IQueryExecutor query, int skip, int take, out long totalRecords)
         {
             if (skip < 0)
             {
-                throw new ArgumentOutOfRangeException(nameof(skip), skip,
-                    "The value must be greater than or equal to zero.");
+                throw new ArgumentOutOfRangeException(nameof(skip), skip, "The value must be greater than or equal to zero.");
             }
 
             if (take < 0)
             {
-                throw new ArgumentOutOfRangeException(nameof(take), take,
-                    "The value must be greater than or equal to zero.");
+                throw new ArgumentOutOfRangeException(nameof(take), take, "The value must be greater than or equal to zero.");
+            }
+
+            if (query is IOrdering ordering)
+            {
+                // Only select item ID field, because results are loaded from the published snapshot based on this single value
+                query = ordering.SelectFields(s_itemIdFieldNameHashSet);
             }
 
             var results = skip == 0 && take == 0
@@ -328,8 +318,7 @@ namespace Umbraco.Cms.Infrastructure
         }
 
         /// <summary>
-        ///     This is used to contextualize the values in the search results when enumerating over them so that the correct
-        ///     culture values are used
+        /// This is used to contextualize the values in the search results when enumerating over them, so that the correct culture values are used.
         /// </summary>
         private class CultureContextualSearchResults : IEnumerable<PublishedSearchResult>
         {
@@ -337,8 +326,7 @@ namespace Umbraco.Cms.Infrastructure
             private readonly IVariationContextAccessor _variationContextAccessor;
             private readonly IEnumerable<PublishedSearchResult> _wrapped;
 
-            public CultureContextualSearchResults(IEnumerable<PublishedSearchResult> wrapped,
-                IVariationContextAccessor variationContextAccessor, string culture)
+            public CultureContextualSearchResults(IEnumerable<PublishedSearchResult> wrapped, IVariationContextAccessor variationContextAccessor, string culture)
             {
                 _wrapped = wrapped;
                 _variationContextAccessor = variationContextAccessor;
@@ -347,20 +335,21 @@ namespace Umbraco.Cms.Infrastructure
 
             public IEnumerator<PublishedSearchResult> GetEnumerator()
             {
-                //We need to change the current culture to what is requested and then change it back
+                // We need to change the current culture to what is requested and then change it back
                 var originalContext = _variationContextAccessor.VariationContext;
-                if (!_culture.IsNullOrWhiteSpace() && !_culture.InvariantEquals(originalContext.Culture))
+                if (!_culture.IsNullOrWhiteSpace() && !_culture.InvariantEquals(originalContext?.Culture))
+                {
                     _variationContextAccessor.VariationContext = new VariationContext(_culture);
+                }
 
-                //now the IPublishedContent returned will be contextualized to the culture specified and will be reset when the enumerator is disposed
-                return new CultureContextualSearchResultsEnumerator(_wrapped.GetEnumerator(), _variationContextAccessor,
-                    originalContext);
+                // Now the IPublishedContent returned will be contextualized to the culture specified and will be reset when the enumerator is disposed
+                return new CultureContextualSearchResultsEnumerator(_wrapped.GetEnumerator(), _variationContextAccessor, originalContext);
             }
 
             IEnumerator IEnumerable.GetEnumerator() => GetEnumerator();
 
             /// <summary>
-            ///     Resets the variation context when this is disposed
+            /// Resets the variation context when this is disposed.
             /// </summary>
             private class CultureContextualSearchResultsEnumerator : IEnumerator<PublishedSearchResult>
             {
@@ -368,30 +357,28 @@ namespace Umbraco.Cms.Infrastructure
                 private readonly IVariationContextAccessor _variationContextAccessor;
                 private readonly IEnumerator<PublishedSearchResult> _wrapped;
 
-                public CultureContextualSearchResultsEnumerator(IEnumerator<PublishedSearchResult> wrapped,
-                    IVariationContextAccessor variationContextAccessor, VariationContext originalContext)
+                public CultureContextualSearchResultsEnumerator(IEnumerator<PublishedSearchResult> wrapped, IVariationContextAccessor variationContextAccessor, VariationContext originalContext)
                 {
                     _wrapped = wrapped;
                     _variationContextAccessor = variationContextAccessor;
                     _originalContext = originalContext;
                 }
 
+                public PublishedSearchResult Current => _wrapped.Current;
+
+                object IEnumerator.Current => Current;
+
                 public void Dispose()
                 {
                     _wrapped.Dispose();
-                    //reset
+
+                    // Reset to original variation context
                     _variationContextAccessor.VariationContext = _originalContext;
                 }
 
                 public bool MoveNext() => _wrapped.MoveNext();
 
-                public void Reset()
-                {
-                    _wrapped.Reset();
-                }
-
-                public PublishedSearchResult Current => _wrapped.Current;
-                object IEnumerator.Current => Current;
+                public void Reset() => _wrapped.Reset();
             }
         }
 

From 76fc3f820189ce8fdddf48a4ed897025823c1438 Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Thu, 17 Feb 2022 11:59:35 +0100
Subject: [PATCH 75/81] Fix for rooted UNC paths (#11982)

---
 .../DependencyInjection/UmbracoBuilder.FileSystems.cs          | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.FileSystems.cs b/src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.FileSystems.cs
index ccb515182e..fbb32671a1 100644
--- a/src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.FileSystems.cs
+++ b/src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.FileSystems.cs
@@ -1,3 +1,4 @@
+using System.IO;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
@@ -49,7 +50,7 @@ namespace Umbraco.Cms.Infrastructure.DependencyInjection
                 ILogger<PhysicalFileSystem> logger = factory.GetRequiredService<ILogger<PhysicalFileSystem>>();
                 GlobalSettings globalSettings = factory.GetRequiredService<IOptions<GlobalSettings>>().Value;
 
-                var rootPath = hostingEnvironment.MapPathWebRoot(globalSettings.UmbracoMediaPhysicalRootPath);
+                var rootPath = Path.IsPathRooted(globalSettings.UmbracoMediaPhysicalRootPath) ? globalSettings.UmbracoMediaPhysicalRootPath : hostingEnvironment.MapPathWebRoot(globalSettings.UmbracoMediaPhysicalRootPath);
                 var rootUrl = hostingEnvironment.ToAbsolute(globalSettings.UmbracoMediaPath);
                 return new PhysicalFileSystem(ioHelper, hostingEnvironment, logger, rootPath, rootUrl);
             });

From b581a45e053a306608b9b86ac1fe86a2a9b03835 Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Thu, 17 Feb 2022 11:59:35 +0100
Subject: [PATCH 76/81] Fix for rooted UNC paths (#11982)

---
 .../DependencyInjection/UmbracoBuilder.FileSystems.cs          | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.FileSystems.cs b/src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.FileSystems.cs
index ccb515182e..fbb32671a1 100644
--- a/src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.FileSystems.cs
+++ b/src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.FileSystems.cs
@@ -1,3 +1,4 @@
+using System.IO;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
@@ -49,7 +50,7 @@ namespace Umbraco.Cms.Infrastructure.DependencyInjection
                 ILogger<PhysicalFileSystem> logger = factory.GetRequiredService<ILogger<PhysicalFileSystem>>();
                 GlobalSettings globalSettings = factory.GetRequiredService<IOptions<GlobalSettings>>().Value;
 
-                var rootPath = hostingEnvironment.MapPathWebRoot(globalSettings.UmbracoMediaPhysicalRootPath);
+                var rootPath = Path.IsPathRooted(globalSettings.UmbracoMediaPhysicalRootPath) ? globalSettings.UmbracoMediaPhysicalRootPath : hostingEnvironment.MapPathWebRoot(globalSettings.UmbracoMediaPhysicalRootPath);
                 var rootUrl = hostingEnvironment.ToAbsolute(globalSettings.UmbracoMediaPath);
                 return new PhysicalFileSystem(ioHelper, hostingEnvironment, logger, rootPath, rootUrl);
             });

From 7cc495dc6525f3a471ab3119ff8ed8190355ac81 Mon Sep 17 00:00:00 2001
From: Mole <nikolajlauridsen@protonmail.ch>
Date: Thu, 17 Feb 2022 13:20:53 +0100
Subject: [PATCH 77/81] Bump version to 9.3.1

---
 .../UmbracoPackage/.template.config/template.json         | 2 +-
 .../UmbracoProject/.template.config/template.json         | 2 +-
 src/Directory.Build.props                                 | 8 ++++----
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/build/templates/UmbracoPackage/.template.config/template.json b/build/templates/UmbracoPackage/.template.config/template.json
index 32f0c924dd..f14fd9dadc 100644
--- a/build/templates/UmbracoPackage/.template.config/template.json
+++ b/build/templates/UmbracoPackage/.template.config/template.json
@@ -24,7 +24,7 @@
         "version": {
             "type": "parameter",
             "datatype": "string",
-            "defaultValue": "9.3.0",
+            "defaultValue": "9.3.1",
             "description": "The version of Umbraco to load using NuGet",
             "replaces": "UMBRACO_VERSION_FROM_TEMPLATE"
         },
diff --git a/build/templates/UmbracoProject/.template.config/template.json b/build/templates/UmbracoProject/.template.config/template.json
index b09050a2a4..b6091fada8 100644
--- a/build/templates/UmbracoProject/.template.config/template.json
+++ b/build/templates/UmbracoProject/.template.config/template.json
@@ -57,7 +57,7 @@
         "version": {
             "type": "parameter",
             "datatype": "string",
-            "defaultValue": "9.3.0",
+            "defaultValue": "9.3.1",
             "description": "The version of Umbraco to load using NuGet",
             "replaces": "UMBRACO_VERSION_FROM_TEMPLATE"
         },
diff --git a/src/Directory.Build.props b/src/Directory.Build.props
index 55448806ef..7da936cf01 100644
--- a/src/Directory.Build.props
+++ b/src/Directory.Build.props
@@ -3,10 +3,10 @@
   <Import Project="$([MSBuild]::GetPathOfFileAbove('Directory.Build.props', '$(MSBuildThisFileDirectory)../'))" />
 
   <PropertyGroup>
-    <Version>9.3.0</Version>
-    <AssemblyVersion>9.3.0</AssemblyVersion>
-    <InformationalVersion>9.3.0</InformationalVersion>
-    <FileVersion>9.3.0</FileVersion>
+    <Version>9.3.1</Version>
+    <AssemblyVersion>9.3.1</AssemblyVersion>
+    <InformationalVersion>9.3.1</InformationalVersion>
+    <FileVersion>9.3.1</FileVersion>
     <LangVersion Condition="'$(LangVersion)' == ''">9.0</LangVersion>
     <NeutralLanguage>en-US</NeutralLanguage>
     <Company>Umbraco CMS</Company>

From 27a3431e766f4f8b4bbe1bfbc69daa85d10abc38 Mon Sep 17 00:00:00 2001
From: Ronald Barendse <ronald@barend.se>
Date: Thu, 17 Feb 2022 13:33:45 +0100
Subject: [PATCH 78/81] Fix DataValueEditor incorrectly serializing JSON value
 (#12015)

* Remove JSON serialization

* Skip JSON serialization of strings
---
 src/Umbraco.Core/PropertyEditors/DataValueEditor.cs | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/src/Umbraco.Core/PropertyEditors/DataValueEditor.cs b/src/Umbraco.Core/PropertyEditors/DataValueEditor.cs
index 6f9e1b6611..795d75c319 100644
--- a/src/Umbraco.Core/PropertyEditors/DataValueEditor.cs
+++ b/src/Umbraco.Core/PropertyEditors/DataValueEditor.cs
@@ -6,7 +6,6 @@ using System.Linq;
 using System.Runtime.Serialization;
 using System.Xml.Linq;
 using Microsoft.Extensions.Logging;
-using Umbraco.Cms.Core.Hosting;
 using Umbraco.Cms.Core.IO;
 using Umbraco.Cms.Core.Models;
 using Umbraco.Cms.Core.Models.Editors;
@@ -158,17 +157,15 @@ namespace Umbraco.Cms.Core.PropertyEditors
         /// <exception cref="System.ArgumentOutOfRangeException">ValueType was out of range.</exception>
         internal Attempt<object> TryConvertValueToCrlType(object value)
         {
-            // Ensure empty string values are converted to null
-            if (value is string s && string.IsNullOrWhiteSpace(s))
+            // Ensure empty string and JSON values are converted to null
+            if (value is string stringValue && string.IsNullOrWhiteSpace(stringValue))
             {
                 value = null;
             }
-
-            // Ensure JSON is serialized properly (without indentation or converted to null when empty)
-            if (value is not null && ValueType.InvariantEquals(ValueTypes.Json))
+            else if (value is not string && ValueType.InvariantEquals(ValueTypes.Json))
             {
+                // Only serialize value when it's not already a string
                 var jsonValue = _jsonSerializer.Serialize(value);
-
                 if (jsonValue.DetectIsEmptyJson())
                 {
                     value = null;

From 7f762df952daf22a8d84918bd15aa2a7dc6ecc04 Mon Sep 17 00:00:00 2001
From: Ronald Barendse <ronald@barend.se>
Date: Thu, 17 Feb 2022 13:33:45 +0100
Subject: [PATCH 79/81] Fix DataValueEditor incorrectly serializing JSON value
 (#12015)

* Remove JSON serialization

* Skip JSON serialization of strings
---
 src/Umbraco.Core/PropertyEditors/DataValueEditor.cs | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/src/Umbraco.Core/PropertyEditors/DataValueEditor.cs b/src/Umbraco.Core/PropertyEditors/DataValueEditor.cs
index 6f9e1b6611..795d75c319 100644
--- a/src/Umbraco.Core/PropertyEditors/DataValueEditor.cs
+++ b/src/Umbraco.Core/PropertyEditors/DataValueEditor.cs
@@ -6,7 +6,6 @@ using System.Linq;
 using System.Runtime.Serialization;
 using System.Xml.Linq;
 using Microsoft.Extensions.Logging;
-using Umbraco.Cms.Core.Hosting;
 using Umbraco.Cms.Core.IO;
 using Umbraco.Cms.Core.Models;
 using Umbraco.Cms.Core.Models.Editors;
@@ -158,17 +157,15 @@ namespace Umbraco.Cms.Core.PropertyEditors
         /// <exception cref="System.ArgumentOutOfRangeException">ValueType was out of range.</exception>
         internal Attempt<object> TryConvertValueToCrlType(object value)
         {
-            // Ensure empty string values are converted to null
-            if (value is string s && string.IsNullOrWhiteSpace(s))
+            // Ensure empty string and JSON values are converted to null
+            if (value is string stringValue && string.IsNullOrWhiteSpace(stringValue))
             {
                 value = null;
             }
-
-            // Ensure JSON is serialized properly (without indentation or converted to null when empty)
-            if (value is not null && ValueType.InvariantEquals(ValueTypes.Json))
+            else if (value is not string && ValueType.InvariantEquals(ValueTypes.Json))
             {
+                // Only serialize value when it's not already a string
                 var jsonValue = _jsonSerializer.Serialize(value);
-
                 if (jsonValue.DetectIsEmptyJson())
                 {
                     value = null;

From 3a269ed3293c8e22bd9a546f424402c0a491964f Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Thu, 17 Feb 2022 15:06:25 +0100
Subject: [PATCH 80/81] Fix issue with migration from 8 and added support for
 8.18 migration (#12020)

* Fixed issue with migration from 8, because the external login table is changed in 9.3, but added in 9.0. we need to use the legacy models when running 9.0 migrations

* Support migration from 8.18 (final state)
---
 .../Migrations/Upgrade/UmbracoPlan.cs         |  3 +
 .../V_9_0_0/ExternalLoginTableIndexes.cs      | 22 +++++---
 .../V_9_0_0/ExternalLoginTableIndexesFixup.cs | 16 +++---
 .../V_9_0_0/ExternalLoginTokenTable.cs        | 56 ++++++++++++++++++-
 4 files changed, 79 insertions(+), 18 deletions(-)

diff --git a/src/Umbraco.Infrastructure/Migrations/Upgrade/UmbracoPlan.cs b/src/Umbraco.Infrastructure/Migrations/Upgrade/UmbracoPlan.cs
index 2080034554..39d7d886b3 100644
--- a/src/Umbraco.Infrastructure/Migrations/Upgrade/UmbracoPlan.cs
+++ b/src/Umbraco.Infrastructure/Migrations/Upgrade/UmbracoPlan.cs
@@ -242,6 +242,9 @@ namespace Umbraco.Cms.Infrastructure.Migrations.Upgrade
             // to 8.17.0
             To<AddPropertyTypeGroupColumns>("{153865E9-7332-4C2A-9F9D-F20AEE078EC7}");
 
+            // Hack to support migration from 8.18
+            To<NoopMigration>("{03482BB0-CF13-475C-845E-ECB8319DBE3C}");
+
             // This should be safe to execute again. We need it with a new name to ensure updates from all the following has executed this step.
             // - 8.15.0 RC    - Current state: {4695D0C9-0729-4976-985B-048D503665D8}
             // - 8.15.0 Final - Current state: {5C424554-A32D-4852-8ED1-A13508187901}
diff --git a/src/Umbraco.Infrastructure/Migrations/Upgrade/V_9_0_0/ExternalLoginTableIndexes.cs b/src/Umbraco.Infrastructure/Migrations/Upgrade/V_9_0_0/ExternalLoginTableIndexes.cs
index f350ed633c..db7f17eee3 100644
--- a/src/Umbraco.Infrastructure/Migrations/Upgrade/V_9_0_0/ExternalLoginTableIndexes.cs
+++ b/src/Umbraco.Infrastructure/Migrations/Upgrade/V_9_0_0/ExternalLoginTableIndexes.cs
@@ -1,6 +1,10 @@
+using System;
 using System.Collections.Generic;
 using System.Linq;
+using NPoco;
 using Umbraco.Cms.Core;
+using Umbraco.Cms.Infrastructure.Persistence.DatabaseAnnotations;
+using Umbraco.Cms.Infrastructure.Persistence.DatabaseModelDefinitions;
 using Umbraco.Cms.Infrastructure.Persistence.Dtos;
 
 namespace Umbraco.Cms.Infrastructure.Migrations.Upgrade.V_9_0_0
@@ -20,14 +24,14 @@ namespace Umbraco.Cms.Infrastructure.Migrations.Upgrade.V_9_0_0
         {
             // Before adding these indexes we need to remove duplicate data.
             // Get all logins by latest
-            var logins = Database.Fetch<ExternalLoginDto>()
+            var logins = Database.Fetch<ExternalLoginTokenTable.LegacyExternalLoginDto>()
                 .OrderByDescending(x => x.CreateDate)
                 .ToList();
 
             var toDelete = new List<int>();
             // used to track duplicates so they can be removed
             var keys = new HashSet<(string, string)>();
-            foreach(ExternalLoginDto login in logins)
+            foreach(ExternalLoginTokenTable.LegacyExternalLoginDto login in logins)
             {
                 if (!keys.Add((login.ProviderKey, login.LoginProvider)))
                 {
@@ -37,16 +41,16 @@ namespace Umbraco.Cms.Infrastructure.Migrations.Upgrade.V_9_0_0
             }
             if (toDelete.Count > 0)
             {
-                Database.DeleteMany<ExternalLoginDto>().Where(x => toDelete.Contains(x.Id)).Execute();
-            }   
+                Database.DeleteMany<ExternalLoginTokenTable.LegacyExternalLoginDto>().Where(x => toDelete.Contains(x.Id)).Execute();
+            }
 
-            var indexName1 = "IX_" + ExternalLoginDto.TableName + "_LoginProvider";
+            var indexName1 = "IX_" + ExternalLoginTokenTable.LegacyExternalLoginDto.TableName + "_LoginProvider";
 
             if (!IndexExists(indexName1))
             {
                 Create
                      .Index(indexName1)
-                     .OnTable(ExternalLoginDto.TableName)
+                     .OnTable(ExternalLoginTokenTable.LegacyExternalLoginDto.TableName)
                      .OnColumn("loginProvider")
                      .Ascending()
                      .WithOptions()
@@ -56,13 +60,13 @@ namespace Umbraco.Cms.Infrastructure.Migrations.Upgrade.V_9_0_0
                      .Do();
             }
 
-            var indexName2 = "IX_" + ExternalLoginDto.TableName + "_ProviderKey";
+            var indexName2 = "IX_" + ExternalLoginTokenTable.LegacyExternalLoginDto.TableName + "_ProviderKey";
 
             if (!IndexExists(indexName2))
             {
                 Create
                      .Index(indexName2)
-                     .OnTable(ExternalLoginDto.TableName)
+                     .OnTable(ExternalLoginTokenTable.LegacyExternalLoginDto.TableName)
                      .OnColumn("loginProvider").Ascending()
                      .OnColumn("providerKey").Ascending()
                      .WithOptions()
@@ -70,5 +74,7 @@ namespace Umbraco.Cms.Infrastructure.Migrations.Upgrade.V_9_0_0
                      .Do();
             }
         }
+
+
     }
 }
diff --git a/src/Umbraco.Infrastructure/Migrations/Upgrade/V_9_0_0/ExternalLoginTableIndexesFixup.cs b/src/Umbraco.Infrastructure/Migrations/Upgrade/V_9_0_0/ExternalLoginTableIndexesFixup.cs
index 5efb914eb7..2c77b301ce 100644
--- a/src/Umbraco.Infrastructure/Migrations/Upgrade/V_9_0_0/ExternalLoginTableIndexesFixup.cs
+++ b/src/Umbraco.Infrastructure/Migrations/Upgrade/V_9_0_0/ExternalLoginTableIndexesFixup.cs
@@ -14,29 +14,29 @@ namespace Umbraco.Cms.Infrastructure.Migrations.Upgrade.V_9_0_0
 
         protected override void Migrate()
         {
-            var indexName1 = "IX_" + ExternalLoginDto.TableName + "_LoginProvider";
-            var indexName2 = "IX_" + ExternalLoginDto.TableName + "_ProviderKey";
+            var indexName1 = "IX_" + ExternalLoginTokenTable.LegacyExternalLoginDto.TableName + "_LoginProvider";
+            var indexName2 = "IX_" + ExternalLoginTokenTable.LegacyExternalLoginDto.TableName + "_ProviderKey";
 
             if (IndexExists(indexName1))
             {
                 // drop it since the previous migration index was wrong, and we
                 // need to modify a column that belons to it
-                Delete.Index(indexName1).OnTable(ExternalLoginDto.TableName).Do();
+                Delete.Index(indexName1).OnTable(ExternalLoginTokenTable.LegacyExternalLoginDto.TableName).Do();
             }
 
             if (IndexExists(indexName2))
             {
                 // drop since it's using a column we're about to modify
-                Delete.Index(indexName2).OnTable(ExternalLoginDto.TableName).Do();
+                Delete.Index(indexName2).OnTable(ExternalLoginTokenTable.LegacyExternalLoginDto.TableName).Do();
             }
 
             // then fixup the length of the loginProvider column
-            AlterColumn<ExternalLoginDto>(ExternalLoginDto.TableName, "loginProvider");
+            AlterColumn<ExternalLoginTokenTable.LegacyExternalLoginDto>(ExternalLoginTokenTable.LegacyExternalLoginDto.TableName, "loginProvider");
 
             // create it with the correct definition
             Create
                  .Index(indexName1)
-                 .OnTable(ExternalLoginDto.TableName)
+                 .OnTable(ExternalLoginTokenTable.LegacyExternalLoginDto.TableName)
                  .OnColumn("loginProvider").Ascending()
                  .OnColumn("userId").Ascending()
                  .WithOptions()
@@ -48,9 +48,9 @@ namespace Umbraco.Cms.Infrastructure.Migrations.Upgrade.V_9_0_0
             // re-create the original
             Create
                  .Index(indexName2)
-                 .OnTable(ExternalLoginDto.TableName)
+                 .OnTable(ExternalLoginTokenTable.LegacyExternalLoginDto.TableName)
                  .OnColumn("loginProvider").Ascending()
-                 .OnColumn("providerKey").Ascending()                 
+                 .OnColumn("providerKey").Ascending()
                  .WithOptions()
                  .NonClustered()
                  .Do();
diff --git a/src/Umbraco.Infrastructure/Migrations/Upgrade/V_9_0_0/ExternalLoginTokenTable.cs b/src/Umbraco.Infrastructure/Migrations/Upgrade/V_9_0_0/ExternalLoginTokenTable.cs
index 8dd43f1834..851d986c7c 100644
--- a/src/Umbraco.Infrastructure/Migrations/Upgrade/V_9_0_0/ExternalLoginTokenTable.cs
+++ b/src/Umbraco.Infrastructure/Migrations/Upgrade/V_9_0_0/ExternalLoginTokenTable.cs
@@ -1,10 +1,14 @@
+using System;
 using System.Collections.Generic;
+using NPoco;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Infrastructure.Persistence.DatabaseAnnotations;
+using Umbraco.Cms.Infrastructure.Persistence.DatabaseModelDefinitions;
 using Umbraco.Cms.Infrastructure.Persistence.Dtos;
 using Umbraco.Extensions;
 
 namespace Umbraco.Cms.Infrastructure.Migrations.Upgrade.V_9_0_0
 {
-
     public class ExternalLoginTokenTable : MigrationBase
     {
         public ExternalLoginTokenTable(IMigrationContext context)
@@ -13,7 +17,7 @@ namespace Umbraco.Cms.Infrastructure.Migrations.Upgrade.V_9_0_0
         }
 
         /// <summary>
-        /// Adds new External Login token table
+        ///     Adds new External Login token table
         /// </summary>
         protected override void Migrate()
         {
@@ -25,5 +29,53 @@ namespace Umbraco.Cms.Infrastructure.Migrations.Upgrade.V_9_0_0
 
             Create.Table<ExternalLoginTokenDto>().Do();
         }
+
+        [TableName(TableName)]
+        [ExplicitColumns]
+        [PrimaryKey("Id")]
+        internal class LegacyExternalLoginDto
+        {
+            public const string TableName = Constants.DatabaseSchema.Tables.ExternalLogin;
+
+            [Column("id")] [PrimaryKeyColumn] public int Id { get; set; }
+
+            [Obsolete(
+                "This only exists to ensure you can upgrade using external logins from umbraco version where this was used to the new where it is not used")]
+            [Column("userId")]
+            public int? UserId { get; set; }
+
+
+            /// <summary>
+            ///     Used to store the name of the provider (i.e. Facebook, Google)
+            /// </summary>
+            [Column("loginProvider")]
+            [Length(400)]
+            [NullSetting(NullSetting = NullSettings.NotNull)]
+            [Index(IndexTypes.UniqueNonClustered, ForColumns = "loginProvider,userOrMemberKey",
+                Name = "IX_" + TableName + "_LoginProvider")]
+            public string LoginProvider { get; set; }
+
+            /// <summary>
+            ///     Stores the key the provider uses to lookup the login
+            /// </summary>
+            [Column("providerKey")]
+            [Length(4000)]
+            [NullSetting(NullSetting = NullSettings.NotNull)]
+            [Index(IndexTypes.NonClustered, ForColumns = "loginProvider,providerKey",
+                Name = "IX_" + TableName + "_ProviderKey")]
+            public string ProviderKey { get; set; }
+
+            [Column("createDate")]
+            [Constraint(Default = SystemMethods.CurrentDateTime)]
+            public DateTime CreateDate { get; set; }
+
+            /// <summary>
+            ///     Used to store any arbitrary data for the user and external provider - like user tokens returned from the provider
+            /// </summary>
+            [Column("userData")]
+            [NullSetting(NullSetting = NullSettings.Null)]
+            [SpecialDbType(SpecialDbTypes.NTEXT)]
+            public string UserData { get; set; }
+        }
     }
 }

From 791e4f92a176ac23b0b69e7c74d281dcc4f3f16c Mon Sep 17 00:00:00 2001
From: Paul Johnson <pmj@umbraco.com>
Date: Fri, 18 Feb 2022 11:41:27 +0000
Subject: [PATCH 81/81] Quick fix for PrefixLocalCallsWithThis

---
 .globalconfig | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.globalconfig b/.globalconfig
index 8342ab4580..8c0929382d 100644
--- a/.globalconfig
+++ b/.globalconfig
@@ -49,6 +49,7 @@ dotnet_analyzer_diagnostic.category-StyleCop.CSharp.MaintainabilityRules.severit
 dotnet_analyzer_diagnostic.category-StyleCop.CSharp.LayoutRules.severity = suggestion
 
 dotnet_diagnostic.SA1636.severity = none # SA1636: File header copyright text should match
+dotnet_diagnostic.SA1101.severity = none # PrefixLocalCallsWithThis - stylecop appears to be ignoring dotnet_style_qualification_for_*
 
 dotnet_diagnostic.SA1503.severity = warning # BracesMustNotBeOmitted
 dotnet_diagnostic.SA1117.severity = warning # ParametersMustBeOnSameLineOrSeparateLines