Recently, there has been an increase in reports of unwanted spam via form submissions. Contao responds quickly and so this release brings improvements to the included captcha solution. In addition, improvements have been made to the sitemap and schema.org data. Various performance improvements complete this release.
Changelog of the fixed issues in Contao 4.13.37:
- #6870 Improve the CAPTCHA ( ausi )
- #6868 Do not add duplicate paths in our own Twig filesystem loader ( m-vo )
- #6832 Do not load the sitemap from cache for authenticated users ( fritzmg )
-
#6849
Add the missing use statement for
FormHidden( fritzmg ) -
#6848
Improve the
ConfigureFilesystemPassperformance ( fritzmg ) - #6826 Randomize CSRF tokens once per request ( ausi )
- #6825 Add a foreign key declaration for form and module fields ( rorych )
- #6798 Correctly show past events if "hide running events" is active ( janborg )
- #6801 Handle empty sessions in the CSRF cookie subscriber ( Toflar )
-
#6808
Support HTML5 entities with
double_encode: false( ausi ) -
#6777
Ensure absolute paths in the
ImageObjectschema.org data ( leofeyer ) - #6778 Correctly check the "show" permission in the site structure ( leofeyer )
- #6764 Prevent argument errors on malicious login attempts ( fritzmg )
- #6762 Fix mov mime type ( ausi )
-
#6717
Allow prefixing simple tokens with
#( Toflar ) -
#6724
Redirect in the
BackendConfirmcontroller if there is noINVALID_TOKEN_URLin the session ( leofeyer )
About Contao 4.13 LTS
The first stable version of Contao 4.13 has been released on February 17, 2022, replacing Contao 4.9 as the long term support version. As an LTS version, 4.13 has been provided with bug fixes until February 14, 2025 and security-related updates until February 14, 2026. Contao 5.3 has been the next LTS version of Contao and has been released in February 2024, ensuring a stress-free transition.
Add a comment