From 2896b7455eab4014dce3d2634835abbe35d9da79 Mon Sep 17 00:00:00 2001 From: Angelo Dini Date: Fri, 8 Nov 2024 09:20:53 +0100 Subject: [PATCH 1/2] fix: remove `admin:cms_page_resolve` from the whitelist --- CHANGELOG.rst | 6 ++++++ aldryn_config.py | 3 --- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 5da56a5..e9d3ce6 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -3,6 +3,12 @@ Changelog ========= +4.1.3.1 (2024-11-08) +==================== + +* remove `admin:cms_page_resolve` from the whitelist, as this view has been removed from the CMS. + + 4.1.3.0 (2024-10-29) ==================== diff --git a/aldryn_config.py b/aldryn_config.py index d0591a0..0b98873 100644 --- a/aldryn_config.py +++ b/aldryn_config.py @@ -229,9 +229,6 @@ def to_settings(self, data, settings): # stage sso enabled # add internal endpoints that do not require authentication settings['ALDRYN_SSO_LOGIN_WHITE_LIST'].append(reverse_lazy('cms-check-uninstall')) - # this is an internal django-cms url - # which gets called when a user logs out from toolbar - settings['ALDRYN_SSO_LOGIN_WHITE_LIST'].append(reverse_lazy('admin:cms_page_resolve')) # Prevent injecting random comments to counter BREACH/CRIME attacks # into the page tree snippets, as the javascript parsing the result From f08be822e02d4f32eaee3017e2df5567c7f2a251 Mon Sep 17 00:00:00 2001 From: Angelo Dini Date: Fri, 8 Nov 2024 09:21:04 +0100 Subject: [PATCH 2/2] bumped version to 4.1.3.1 --- aldryn_django_cms/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aldryn_django_cms/__init__.py b/aldryn_django_cms/__init__.py index a0a0905..ae1cc3d 100644 --- a/aldryn_django_cms/__init__.py +++ b/aldryn_django_cms/__init__.py @@ -1 +1 @@ -__version__ = '4.1.3.0' +__version__ = '4.1.3.1'