Merge branch 'main' into feature/settings-editor

TYPO3-Documentation · Sep 23, 2024 · c628eb8 · c628eb8
2 parents 9fa144c + eef6ed5
commit c628eb8
Show file tree

Hide file tree

Showing 9 changed files with 70 additions and 13 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,7 @@
 *.bak
 *.idea
 .Build/*
+config/
 *.project
 *.swp
 *NOT_VERSIONED*

diff --git a/Documentation/ApiOverview/Backend/JavaScript/HotkeyApi/Index.rst b/Documentation/ApiOverview/Backend/JavaScript/HotkeyApi/Index.rst
@@ -18,9 +18,32 @@ extensions.
 The module provides an enum with common modifier keys: :kbd:`Ctrl`, :kbd:`Meta`,
 :kbd:`Alt`, and :kbd:`Shift`), and also a public property describing the common
 hotkey modifier based on the user's operating system: :kbd:`Cmd` (Meta) on macOS,
-:kbd:`Ctrl` on anything else. Using any modifier is optional, but highly
+:kbd:`Ctrl` on anything else (this can be normalized via
+:javascript:`Hotkeys.normalizedCtrlModifierKey`. Using any modifier is optional, but highly
 recommended.
 
+..  hint::
+
+    Note that on macOS, using the :javascript:`ModifierKeys.ALT` to query a
+    pressed key needs you to listen on the key that results in using this
+    modifier. So, if you listen on:
+
+    ..  code-block:: javascript
+
+        [Hotkeys.normalizedCtrlModifierKey, ModifierKeys.ALT, 'e']
+
+    this will not work, because on macOS :kbd:`ALT+e` results in `€`,
+    and you would need to bind to:
+
+    ..  code-block:: javascript
+
+        [Hotkeys.normalizedCtrlModifierKey, ModifierKeys.ALT, '€']
+
+    instead. To make this work across different operating systems,
+    it would be recommended to listen on both variants with distinct
+    javascript callbacks executing the same action. Or, try avoiding
+    to bind to `ModifierKeys.ALT` altogether.
+
 A hotkey is registered with the :js:`register()` method. The method takes three
 arguments:
 

diff --git a/Documentation/ApiOverview/Backend/JavaScript/HotkeyApi/_example.js b/Documentation/ApiOverview/Backend/JavaScript/HotkeyApi/_example.js
@@ -1,7 +1,7 @@
 import Hotkeys, {ModifierKeys} from '@typo3/backend/hotkeys.js';
 
-Hotkeys.register([Hotkeys.normalizedCtrlModifierKey, ModifierKeys.ALT, 'e'], keyboardEvent => {
-  console.log('Triggered on Ctrl/Cmd+Alt+E');
+Hotkeys.register([Hotkeys.normalizedCtrlModifierKey, ModifierKeys.SHIFT, 'e'], keyboardEvent => {
+  console.log('Triggered on Ctrl/Cmd+Shift+E');
 }, {
   scope: 'my-extension/module',
   bindElement: document.querySelector('.some-element')

diff --git a/Documentation/ApiOverview/CommandControllers/ListCommands.rst b/Documentation/ApiOverview/CommandControllers/ListCommands.rst
@@ -7,8 +7,6 @@
 List of TYPO3 console commands
 ==============================
 
-..  todo: List all common commands once https://forge.typo3.org/issues/103858 is resolved
-
 By default TYPO3 ships the listed console commands, depending
 on which system extensions are installed.
 
@@ -28,7 +26,8 @@ on legacy installations:
 List all TYPO3 console commands
 ===============================
 
-..  console:command:: list
+..  console:command-list::
     :json: commands.json
     :script: vendor/bin/typo3
     :exclude-option: help, quiet, verbose, version, ansi, no-ansi, no-interaction
+    :exclude-namespace: clinspector, codesnippet, examples, styleguide
diff --git a/Documentation/ApiOverview/CommandControllers/commands.json b/Documentation/ApiOverview/CommandControllers/commands.json
diff --git a/Documentation/ApiOverview/ContentSecurityPolicy/Index.rst b/Documentation/ApiOverview/ContentSecurityPolicy/Index.rst
@@ -36,9 +36,15 @@ web page context.
 Content Security Policy declarations can be applied to a TYPO3 website in
 frontend and backend scope with a dedicated API.
 
-To delegate Content Security Policy handling to TYPO3 frontend, the feature flag
-:ref:`security.frontend.enforceContentSecurityPolicy <typo3ConfVars_sys_features_security.frontend.enforceContentSecurityPolicy>`
-needs to be enabled.
+To delegate Content Security Policy handling to TYPO3 frontend, at least one of
+the feature flags
+
+*   :confval:`globals-typo3-conf-vars-sys-features-security-frontend-enforceContentSecurityPolicy`
+    (for enforcing)
+*   :confval:`globals-typo3-conf-vars-sys-features-security-frontend-reportContentSecurityPolicy`
+    (for report-only mode, available since TYPO3 v12.4.20)
+
+need to be enabled.
 
 ..  versionchanged:: 13.0
 

diff --git a/Documentation/Configuration/Typo3ConfVars/SYS.rst b/Documentation/Configuration/Typo3ConfVars/SYS.rst
@@ -656,7 +656,29 @@ configurations.
         :Default: false
 
         If enabled, the :ref:`Content Security Policy <content-security-policy>`
-        is applied in frontend scope.
+        is enforced in frontend scope (HTTP header `Content-Security-Policy`).
+
+        This option can be enabled in combination with
+        :confval:`globals-typo3-conf-vars-sys-features-security-frontend-reportContentSecurityPolicy`.
+        Then both headers are set.
+
+    ..  _typo3ConfVars_sys_features_security.frontend.reportContentSecurityPolicy:
+
+    ..  confval:: security.frontend.reportContentSecurityPolicy
+        :name: globals-typo3-conf-vars-sys-features-security-frontend-reportContentSecurityPolicy
+        :Path: $GLOBALS['TYPO3_CONF_VARS']['SYS']['features']['security.frontend.reportContentSecurityPolicy']
+        :type: bool
+        :Default: false
+
+        ..  versionadded:: 12.4.20
+
+        If enabled, the :ref:`Content Security Policy <content-security-policy>`
+        is applied in frontend scope as report-only (HTTP header
+        `Content-Security-Policy-Report-Only`).
+
+        This option can be enabled in combination with
+        :confval:`globals-typo3-conf-vars-sys-features-security-frontend-enforceContentSecurityPolicy`.
+        Then both headers are set.
 
     ..  _typo3ConfVars_sys_features_security.frontend.allowInsecureFrameOptionInShowImageController:
 

diff --git a/Makefile b/Makefile
@@ -16,15 +16,20 @@ test-docs: ## Test the documentation rendering
 	docker run --rm --pull always -v "$(shell pwd)":/project -t ghcr.io/typo3-documentation/render-guides:latest --config=Documentation --no-progress --fail-on-log
 
 .PHONY: generate
-generate: codesnippets command-json ## Regenerate automatic code documentation
+generate: setup-typo3 codesnippets command-json ## Regenerate automatic code documentation
 
 .PHONY: codesnippets
 codesnippets: ## Regenerate code snippets
 	ddev exec .Build/bin/typo3 codesnippet:create Documentation/
 
+.PHONY: setup-typo3
+setup-typo3: ## Setup TYPO3 stub
+	ddev exec '.Build/bin/typo3 setup --driver=sqlite --username=db --password=db --admin-username=john-doe --admin-user-password="John-Doe-1701D." --admin-email="[email protected]" --project-name="TYPO3 Docs" --no-interaction --server-type=apache --force'
+
 .PHONY: command-json
 command-json: ## Regenerate JSON file containing all console commands
-	ddev exec .Build/bin/typo3 list --format=json > Documentation/ApiOverview/CommandControllers/commands.json
+	ddev exec .Build/bin/typo3 clinspector:gadget > Documentation/ApiOverview/CommandControllers/commands.json
+	echo "" >> Documentation/ApiOverview/CommandControllers/commands.json
 
 .PHONY: test-lint
 test-lint: ## Regenerate code snippets

diff --git a/composer.json b/composer.json
@@ -9,6 +9,7 @@
     "require-dev": {
         "ergebnis/composer-normalize": "~2.41.0",
         "friendsofphp/php-cs-fixer": "^3.46",
+        "garvinhicking/clinspector-gadget": "^0.1.1",
         "symfony/yaml": "^7.0",
         "t3docs/blog-example": "dev-main",
         "t3docs/codesnippet": "dev-main",