This release brings further improvements related to CSRF protection and caching. In addition, contao:migrate
now skips the creation of a database backup if only DELETE
queries are left and these have been excluded from execution, which should speed up deployments. Moreover, .ics
files are now allowed by default for uploads and downloads and duplicate confirmation links for the double opt-in process no longer lead to an error but are simply ignored. Last but not least, the 404 handling for URLs for which no root page exists has been improved and the performance of news and event detail pages has been sped up.
Changelog of the fixed issues in Contao 4.13.46:
- #7365 Use the user data instead of magic methods (aschempp)
- #7379 Fix a PHP8 error if a user has no groups (aschempp)
- #7350 Ignore deleted cookies in the `CsrfTokenCookieSubscriber` (fritzmg)
- #7371 Add the `playerColor` migration (fritzmg)
- #7359 Fix a PHP8 error when sending newsletters (aschempp)
- #7357 Skip database backups if the remaining migrations will not be executed (fritzmg)
- #7356 Allow .ics file uploads and downloads (aschempp)
- #7340 Ignore duplicate opt-in submissions (aschempp)
- #7316 Introduce a `Template::once()` method (Toflar)
- #7332 Handle routing errors when trying to render the error screen (aschempp)
- #7323 Fix the login state for two-factor authentication (fritzmg)
About Contao 4.13 LTS
The first stable version of Contao 4.13 has been released on February 17, 2022, replacing Contao 4.9 as the long term support version. As an LTS version, 4.13 will be provided with bug fixes until February 14, 2025 and security-related updates until February 14, 2026. Contao 5.3 will be the next LTS version of Contao and has been released in February 2024, ensuring a stress-free transition.