* Validate that imageUrl param is a relative path
To prevent open redirects, the imagePath should point to a relative path (i.e. not point to a different domain).
* LocalRedirectResult instead of RedirectResult
Uri.Relative does not prevent paths like //google.com/test.jpg
Checking for both relative and local seems to cover all the cases.
* Fixes issue with OrderByDescending generating invalid SQL
* Update OrderByDexcending with single field for consistecy
Co-authored-by: Michael <michael@crossingpaths.be>
GetRouteById and RedirectUrlService expects the culture to be null if it's invariant, however, Cultures in IPublished content uses empty string for invariant culture
* Add SiteIdentifierService
* Use SiteIdentifierService in TelemetryService
* Use SiteIdentifierService when installing
* Remove timeout
* Use TryGetOrCreateSiteIdentifier in TelemetryService
* Add site identifier to dashboard url
* Fix and add tests
* Don't accept empty guid as valid site identifier
* Fix dashboard controller
* Fix site id query parameter
* Use Optionsmonitor onchange
Co-authored-by: nikolajlauridsen <nel@umbraco.dk>
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
* Uninstall Serilog.Filters.Expressions as it is deprecated by the Serilog team
NOTE: This package brought in a dependenacy on a package called SuperPower from Datalust
* Install replacement package Serilog.Expressions
* Update implementation of Serilog.Expressions
* Add new test cases to verify expressions still working
Currently Serilog.Expressions only supports short names such as @x @l @m and @mt as opposed @Exception @Level @Message and @MessageTemplate
* Use Serilog.Expressions NamedFilters extension point, to plug the missing Has() function in expressions that was not ported across by the library
* Update to dev build of Serilog.Expressions to verify new method we can override works
* Update to release build of Serilog.Expressions 3.3.0 now its been pushed to Nuget
* Filesystem based MainDomLock & extract interface for MainDomKey generation (#12037)
* Extract MainDomKey generation to its own class to ease customization.
Also add discriminator config value to GlobalSettings for advanced users.
Prevents a mandatory custom implementation, should be good enough for
the vast majority of use cases.
* Prevent duplicate runs of ScheduledPublishing during slot swap.
* Add filesystem based MainDomLock
(cherry picked from commit 860c8e8ae2)
# Conflicts:
# src/Umbraco.Infrastructure/Runtime/SqlMainDomLock.cs
* Remove obsolete constructors from ScheduledPublishing & SqlMainDomLock
* FileSystemMainDomLock promoted to default fallback for all platforms.
* Various fixes & improvements
* Resolve various points related to deficiencies in FileSystemMainDomLock
See GH #12049
* Increasing backoff time for retry when deleting lock release signal file
However reducing max tries, really hoping this never actually happens
and if it does, failing to boot ASAP seems reasonable.
