
About Contao 4.12
The first stable version of Contao 4.12 has been released on 15 August 2021 and is the successor of Contao 4.11. 4.12 has been updated until 14 January 2022, after which it was replaced by Contao 4.13.
Changelog Contao 4.12
Contents
Contao 4.12.7 (2022-02-18)
Changelog of the fixed issues in Contao 4.12.7:
- #4106 Fix trailing slashes in URL when requireItem is enabled (aschempp)
- #4003 Fix invalid array access if labels are not defined (m-vo)
Contao 4.12.6 (2022-02-08)
Changelog of the fixed issues in Contao 4.12.6:
- #4076 Trigger a deprecation if an old `contao.localconfig` key is used (leofeyer)
- #4043 Fix BC for `TL_LANG.LNG` and `TL_LANG.CNT` (ausi)
- #4033 Fix some more PHP8 issues (aschempp)
- #3947 Remove the routing error log in breadcrumb module (aschempp)
- #3983 Fix array to string conversion in tl_layout (fritzmg)
- #3791 Add annotations that generating page URLs can throw an exception (aschempp)
Contao 4.12.5 (2021-12-16)
Changelog of the fixed issues in Contao 4.12.5:
- #3673 Fix undefined array key "panelLayout" (markocupic)
Contao 4.12.4 (2021-12-02)
Changelog of the fixed issues in Contao 4.12.4:
- #3757 Fix two more service IDs (leofeyer)
- #3755 Adjust the service ID of the new interest cohort listener (leofeyer)
- #3754 Handle all driver exceptions in the template locator (leofeyer)
- #3626 Support arbitrary classes as Twig context (m-vo)
- #3739 Handle the routing exception in more navigation modules (aschempp)
- #3715 Delete obsolete language files (ausi)
- #3716 Fix backwards compatibility for label::LNG and CNT (ausi)
- #3682 Fix type error when trying to copy website root (fritzmg)
- #3678 Fix parameter name in tl_page::getTitleTag() (SeverinGloeckle)
- #3507 Handle pages from PageRegistry in DebugPagesCommand (SeverinGloeckle)
Contao 4.12.3 (2021-10-20)
Changelog of the fixed issues in Contao 4.12.3:
- #3560 Harden the template locator against failing DB connections (m-vo)
- #3583 Fix the regex for the static URL fields (leofeyer)
- #3576 Do not boot the Contao framework during cache warmup (m-vo)
- #3559 Do not throw an exception if a theme path contains an underscore (m-vo)
- #3577 Handle invalid accept-language headers (leofeyer)
- #3574 Correctly format the locale for legacy requests (aschempp)
- #3552 Always set the _locale attribute from the page language (aschempp)
Contao 4.12.2 (2021-10-05)
Changelog of the fixed issues in Contao 4.12.2:
- #3544 Only add regular pages to the sitemap (leofeyer)
- #3536 Fix the Figure BC layer for the link title attribute (m-vo)
- #3537 Harden more time-sensitive tests (m-vo)
- #3520 Remove incomplete translations (leofeyer)
- #3509 Unset the noComments field if the comments bundle is not installed (leofeyer)
- #3456 Set memory limit for sub-processes when running contao-setup (m-vo)
- #3478 Hide the captcha legend in the registration module (leofeyer)
- #3414 Improve the Twig theme path handling (m-vo)
- #3446 Fix user permissions for custom page controllers (aschempp)
- #3449 Handle invalid array access in tl_page (m-vo)
- #3440 Convert languages outside the sorting callback (aschempp)
- #3432 Make the "guests only" deprecation messages more clear (leofeyer)
- #3408 Handle another illegal array access on empty labels (m-vo)
- #3410 Use PHP functions to modify query strings (leofeyer)
- #3406 Remove the "generateSitemap" cronjob (fritzmg)
- #3396 Evaluate robots setting for sitemap (fritzmg)
- #3404 Fix simple token parsing in HTML (ausi)
Contao 4.12.1 (2021-08-25)
Changelog of the fixed issues in Contao 4.12.1:
- #3362 Allow extending both front end and back end templates with Twig (m-vo)
- #3380 Also convert the page title to plain text in the response context (leofeyer)
- #3378 Pass contao.web_dir to the contao:install-web-dir command (leofeyer)
- #3368 Fix another invalid array access (bytehead)
- #3365 Use 4 spaces to indent the strict mode notice (fritzmg)
- #3353 Fix dynamic debug mode for templates (ausi)
Contao 4.12.0 (2021-08-15)
Changelog of the new features in Contao 4.12.0:
- #3343 Make the ContaoFilesystemLoader compatible with Symfony 4.4 (bytehead)
- #3339 Allow Twig v3 (m-vo)
- #3337 Strip attributes in markdown element (ausi)
- #3228 Require twig/extra-bundle in the managed edition (m-vo)
- #2988 Add Twig support (m-vo)
- #3138 Use intl for languages and countries (ausi)
- #3151 Enforce the MySQL strict mode (m-vo)
- #3167 Use schema.org JSON-LD in the faq-bundle (Toflar)
- #3155 Use schema.org JSON-LD in the calendar-bundle (Toflar)
- #3156 Use schema.org JSON-LD in the breadcrumb module (Toflar)
- #2305 Use Locale IDs for tl_page.language (aschempp)
- #3103 Allow to exclude fields in the file manager (leofeyer)
- #3124 Use a security voter to check the member groups (aschempp)
- #3135 Handle protected pages in the "quicklink" module (leofeyer)
- #3119 Use schema.org JSON-LD in the news-bundle (Toflar)
- #3120 Beautify the JSON-LD by sorting by key (Toflar)
- #3110 Add the rawPlainText() and rawHtmlToPlainText() template helper methods (Toflar)
- #3100 Use HTTPS for all schema.org links (leofeyer)
- #3107 Add the default WebPage schema.org data again (Toflar)
- #2962 Centralize the JSON-LD metadata management (Toflar)
- #3102 Allow direct links to public files in the file picker (leofeyer)
- #3088 Add a guests group to the list of allowed groups (leofeyer)
- #3084 Rename the web folder to public (leofeyer)
- #3082 Remove the technical details from the default search template (leofeyer)
- #3080 Reduce memory consumption in search (ausi)
- #3066 Rework the response context (Toflar)
- #3053 Add a page controller for root pages (aschempp)
- #3076 Add a license field to the file metadata (Toflar)
- #3052 Remove the password confirmation field (leofeyer)
- #3055 Add an enhanced Markdown content element (Toflar)
- #3056 Deprecate already moved config options (ausi)
- #3057 Sort routes by region if no preferred language matches (aschempp)
- #3014 Ensure clean response context and unify meta handling (Toflar)
- #3051 Remove the "addWizardClass" workaround (leofeyer)
- #3019 Dispatch an event to define metadata inside the FigureBuilder (m-vo)
- #3017 Handle UUIDs in the file metadata class (m-vo)
- #2975 Add the response context (Toflar)
- #2804 Drop the LegacyFigureBuilderTrait (m-vo)
- #2917 Remove the search results cache (leofeyer)
- #2801 Add JSON+LD metadata to the search index (Toflar)
- #2724 Support extracting the canonical URI from a document (Toflar)
- #2733 Make the FigureBuilder more fail tolerant (m-vo)
- #2734 Enable accessing Figure in all templates (m-vo)
Changelog of the fixed issues in Contao 4.12.0:
- #3295 Fix the "iflng" and "ifnlng" insert tags (ausi)
- #3276 Check catalogue for country or locale translations (ausi)
- #3268 Fix a type error in the event list module (leofeyer)
- #3270 Always refresh the template hierarchy in the debug:contao-twig command (m-vo)
- #3269 Show native language suffix only in user profile (ausi)
- #3258 Deprecated the return of null response in fragments (aschempp)
- #3146 Deprecate the insert tag flag "|absolute" (ausi)
- #3250 Add missing SchemaOrgRuntime service declaration (m-vo)
- #3219 Track theme templates in the template hierarchy (m-vo)
- #3213 Support dynamic Twig includes/extends (m-vo)
- #3247 Unify the "numberOfItems" translations (leofeyer)
- #3243 Fix a func_get_arg() value error (ausi)
- #3233 Fix session service check in AddSessionBagsPass (fritzmg)
- #3215 Make Contao compatible with Symfony 5.3 (ausi)
- #3201 Only create proxy templates for '@Contao' namespaced templates (m-vo)
- #3204 Implement a contao_ variant of the html_attr escaper (m-vo)
- #3203 Fix extending multiple levels of Contao templates (ausi)
- #3202 Sanity check template names in FigureRenderer (m-vo)
- #3196 Support multiple JSON+LD objects in the search document (qzminski)
- #3195 Do not prefix our JSON-LD context (ausi)
- #3182 Simplify Controller::addImageToTemplate tests (m-vo)
- #3170 Add JSON-LD support for Twig (m-vo)
- #3175 Only warn if the DB server is not running in strict mode (leofeyer)
- #3164 Deprecate the getSearchablePages() method (aschempp)
- #3166 Revert 'Lazy-load the rootFallbackLanguage property' (leofeyer)
- #3163 Remove left-over itemprop usages (leofeyer)
- #3150 Always use the security voter to check member groups (aschempp)
- #3161 Unify the schema.org helper methods (leofeyer)
- #3165 Prevent an "undefined property" error in the Model class (leofeyer)
- #3162 Remove two left-over itemprop attributes (Toflar)
- #3154 Do not override the global language in some front end modules (leofeyer)
- #3148 Filter "guests only" pages to restore backwards compatibility (leofeyer)
- #3147 Add back the "guests" checkbox (leofeyer)
- #3141 Deprecate using tabindex values greater than 0 (leofeyer)
- #3136 Make sure that deserialized groups are always an array (leofeyer)
- #3075 Harden FigureBuilder::from() against invalid types (m-vo)
- #3073 Allow null in FigureBuilder#from() (m-vo)
- #3010 Remove a left-over call to the LegacyFigureBuilderTrait (m-vo)
- #2713 Mention removal of MediaElement.js in the UPGRADE.md file (fritzmg)
Security vulnerabilities closed in Contao 4.12.0:
- Privilege escalation with the form generator (CVE-2021-37627)
- PHP file inclusion via insert tags (CVE-2021-37626)
- Cross site scripting via HTML attributes in the back end (CVE-2021-35955)
- Cross site scripting in the system log (CVE-2021-35210)
- Insert tag injection in forms (CVE-2020-25768)