Merge branch 'release/1.0.8'

getgrav · Jan 8, 2016 · b48449d · b48449d
2 parents 8ca14c7 + ee20bf7
commit b48449d
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 12 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,11 @@
+# v1.0.8
+## 01/08/2016
+
+1. [](#new)
+    * Added `rotate`, `flip` and `fixOrientation` image medium methods
+1. [](#bugfix)
+    * Removed IP from Nonce generation. Should be more reliably in a variety of scenarios
+
 # v1.0.7
 ## 01/07/2016
 

diff --git a/system/defines.php b/system/defines.php
@@ -2,7 +2,7 @@
 
 // Some standard defines
 define('GRAV', true);
-define('GRAV_VERSION', '1.0.7');
+define('GRAV_VERSION', '1.0.8');
 define('DS', '/');
 define('GRAV_PHP_MIN', '5.5.9');
 

diff --git a/system/src/Grav/Common/Page/Medium/ImageMedium.php b/system/src/Grav/Common/Page/Medium/ImageMedium.php
@@ -41,7 +41,8 @@ class ImageMedium extends Medium
     public static $magic_actions = [
         'resize', 'forceResize', 'cropResize', 'crop', 'zoomCrop',
         'negate', 'brightness', 'contrast', 'grayscale', 'emboss',
-        'smooth', 'sharp', 'edge', 'colorize', 'sepia', 'enableProgressive'
+        'smooth', 'sharp', 'edge', 'colorize', 'sepia', 'enableProgressive',
+        'rotate', 'flip', 'fixOrientation'
     ];
 
     /**

diff --git a/system/src/Grav/Common/Utils.php b/system/src/Grav/Common/Utils.php
@@ -446,6 +446,8 @@ public static function isPositive($value)
 
     /**
      * Generates a nonce string to be hashed. Called by self::getNonce()
+     * We removed the IP portion in this version because it causes too many inconsistencies
+     * with reverse proxy setups.
      *
      * @param string $action
      * @param bool $plusOneTick if true, generates the token for the next tick (the next 12 hours)
@@ -454,22 +456,12 @@ public static function isPositive($value)
      */
     private static function generateNonceString($action, $plusOneTick = false)
     {
-        if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
-            $ip = $_SERVER['HTTP_CLIENT_IP'];
-        } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
-            $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
-        } else {
-            $ip = $_SERVER['REMOTE_ADDR'];
-        }
-
         $username = '';
         if (isset(self::getGrav()['user'])) {
             $user = self::getGrav()['user'];
             $username = $user->username;
         }
 
-        $username .= $ip;
-
         $token = session_id();
         $i = self::nonceTick();