Comments (5)
sarim
commented on June 20, 2024
1
I fail to see how this would affect a symfony application. In symfony only "live" accessible file is index.php which is the front controller. No adminX.html are exposed or have any chance of being exposed from vendor directory. And symfony handles routing and security. So whatever bugs present in javascript, the php server won't give access or reply with resources that user don't have access.
from sonataadminbundle.
VincentLanglet
commented on June 20, 2024
Hi,
See #7156
Admin lte 3 use Bootstrap 4, Admin lte use Bootstrap 3.
The update for bootstrap 4 is huge like you can see a try #7740
Also, this is a hard BC break and will require to release SonataAdmin 5.x.
Can you please update admin-lte dependency ?
Feel free to try
What would be great for us is to fix the vulnerability on admin lte 2.
Maybe they can accept a PR on the 2.x branch and to release a patched version.
from sonataadminbundle.
eerison
commented on June 20, 2024
IMO it can be closed, and handled in the issue #7156
from sonataadminbundle.
VincentLanglet
commented on June 20, 2024
The #7156 is kinda an epic when this issue is about a specific problem.
And maybe some others fix exist for this issue (Like trying a PR on admin lte 2.x)
from sonataadminbundle.
VincentLanglet
commented on June 20, 2024
I agree, Closing then
from sonataadminbundle.
Related Issues (20)
- ModelList btn_delete bug when hit Enter key HOT 2
- Allow customize sonata-admin webpack build(s) HOT 1
- Rebuild template layer HOT 6
- Submitting a form with ->render instead of ->renderWithExtraParams does not work HOT 9
- Security threat within symfony/twig-bridge HOT 3
- SAML SSO and SCIM to the Admin Panel HOT 2
- Using SubClasses in admins create either not handable translation ids or urly urls HOT 2
- Overriding createQuery doesn't seem to be a thing anymore HOT 2
- symfony 7 compatibility HOT 1
- Problem 1 - symfony/security-acl[v3.1.0, ..., v3.1.2] require symfony/security-core ^3.4|^4.4|^5.0 -> found symfony/security-core[v3.4.0, ..., v3.4.49, v4.4.0, ..., v4.4.48, v5.0.0, ..., v5.4.30] but it conflicts with your root composer.json require (7.0.*). HOT 2
- Customise error message for ModelManagerException HOT 1
- CSRF token error occurs on record creation after applying symfony/security-http security patch HOT 4
- `Uncaught TypeError: __webpack_require__.O is not a function` after upgrading to a version >=4.24.0 HOT 8
- List add item using inline form HOT 1
- The name "Doctrine\ODM\MongoDB\ArrayCollectionelements" contains illegal characters. HOT 2
- Input value "filters" contains a non-scalar value. HOT 1
- Incorrect Generic Typing for ModelManagerInterface HOT 1
- Batch actions `all_elements` on `SimplePager` HOT 1
- Incoherent batch behavior when performing batch all_elements and specifying id's at the same time HOT 2
- navbar_title missing for list view HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sonataadminbundle.