refactor/vanilla js migration#64
Open
ralflang wants to merge 32 commits intoFRAMEWORK_6_0from
Open
Conversation
Member
ralflang
commented
Apr 12, 2026
ralflang
commented
- refactor: Try to use less prototypejs idioms
- refactor: More vanilla javascript (activesyncadmin, categoryprefs, login)
User reported session screen was crashing when using modern per-user peppered&salted keys Root Cause: Session encrypted attributes cannot be decrypted without the session key which lives at the client side. Legacy Horde_Session handler's api was not able to list session attribute names without reading them. Solution: Leverage modern session handler
Release version 6.0.0-beta14 style: php-cs-fixer fix: Session screen will not crash on listing encrypted keys docs: Advise external consumers to use the new horde/core equivalents instead fix: Be more robust about absolute urls in an app's weburi feat: Add fallback to HTTP_HOST if SERVER_NAME is undefined. docs: Clarify where to put local overrides Update groups.php fix: Update groups.php
…oauth-like service providers.
Release version 6.0.0-beta15 test: Cover OAuth related services feat: Collapsed OIDC/OAuth 2.0 based login and service feature feat: Add oauth/federated auth management related routes test: Cover Token Service and Repository feat: Admin controller for registering / maintaining OAuth, OIDC and oauth-like service providers. feat: Horde Base's first DB Schema - oauth token table and provider table feat: Add OAuth Token Service, SQL implementation, factory etc feat: Add CSS for Forms V3 fix: Protect against null bytes from tainted IP records
When a Horde app needs a scope the user hasn't granted yet, it must trigger a re-authorization. For incremental consent it needs to accept additional scopes and merge them. See also #70 Model A
- base/src/Auth/ResponsiveLoginController - base/src/Portal/ResponsivePortalController - base/login.php BREAKING CHANGE: ResponsiveAssets now requires RegistryState instead of Horde_Registry
Both new and old style APIs
Release version 6.0.0-beta16 feat: API overview in admin screen feat: Draft an admin screen listing legacy and modern APIs refactor(registry): Evolve to a format more independent of legacy stack fix: Workaround for fully qualified URLs feat: Support .local.php files for oauth_presets feat: base#71 — Incremental consent in OAuthAccountController feat: #73 Add requesting_app to SqlOAuthFlowStore feat: Support SQL-based storage for pending oauth flows feat: Support linking and unlinking third party identities with your primary account
…jax Controller two-form and three-form routes #79
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.