uAdmin v0.5.1 Release Notes
Release Date: 2020-08-07 // over 3 years ago-
[0.5.1] Atlas Moth - 2020-08-07
➕ Added
🔄 Changed
- dAPI function
method
can return a value if the method called has a return. Note: if you have a return, you cannot use$next
to redirect.
🗄 Deprecated
✂ Removed
🛠 Fixed
- 🛠 Fixed false possitive SQL Injection in dAPI join.
- 🛠 Fixed false detection in
customGet
for private fields of type[]struct
as an M2M field. - 💻 Typo in uadmin command line tool.
🔒 Security
- CSRF protection in dAPI in functions:
add
,edit
,delete
andmethod
. - Tamplate function
CSRF
implemented inuadmin.RenderHTML
anduadmin.RenderHTMLMulti
. It returns anti CSRF token. uadmin.IsAuthenticated
recognizesnouser
sessions. These sessions are for users who are not authenticated in the system. To set a session cookie, userSetSessionCookie
uadmin.SetSessionCookie
receives a pointer to a session and sets the session cookie in a secure way. If you pass anil
to the session, the session will be created as anouser
session which is still a session but gives the user to access as an authenticated user. These sssions can be used to protect against CSRF attacks in case you have a public API.
- dAPI function