profile
viewpoint
Brian Teeman brianteeman United Kingdom https://brian.teeman.net Co-founder @Joomla

brianteeman/btvideo 3

Joomla Custom Field - The video displays just like a regular embed but approximately 224× faster

brianteeman/btvideo-module 1

Joomla Module - The video displays just like a regular embed but approximately 224× faster

brianteeman/accessibility 0

add accessibility to your website

brianteeman/acymailing6 0

A newsletter plugin for Wordpress and Joomla

brianteeman/AnimatedGridLayout 0

A responsive, magazine-like website layout with a grid item animation effect when opening the content

brianteeman/AnimatedGridLayout-1 0

Animated Grid Layout - a fork from

brianteeman/AssetFix 0

Application for fixing assets

brianteeman/ATEM_tally_light_with_ESP8266 0

Wireless tally light for use with ATEM switchers, which connects over WiFi, using a D1 mini board (ESP8266 WiFi module).

brianteeman/Awesome-Design-Tools 0

The best design tools and plugins for everything 👉

brianteeman/awesome-falsehood 0

:pill: Curated list of falsehoods programmers believe in.

pull request commentjoomla/joomla-cms

[4.0] SVG favicons

All the documentation you need is here: https://css-tricks.com/svg-favicons-and-all-the-fun-things-we-can-do-with-them/

dgrammatiko

comment created time in 4 minutes

pull request commentjoomla/joomla-cms

[4.0] SVG favicons

@dgrammatiko PLEASE write up documentation on this. You've got 4 separate files ( why not a param? ) with nothing explaining how/why 3 favicons, what the values do and their alternatives. // Browsers support SVG favicons $this->addHeadLink(HTMLHelper::('image', 'joomla-favicon.svg', '', [], true, 1), 'icon', 'rel', ['type' => 'image/svg+xml']); $this->addHeadLink(HTMLHelper::('image', 'favicon.ico', '', [], true, 1), 'alternate icon', 'rel', ['type' => 'image/vnd.microsoft.icon']); $this->addHeadLink(HTMLHelper::_('image', 'joomla-favicon-pinned.svg', '', [], true, 1), 'mask-icon', 'rel', ['color' => '#000']);

dgrammatiko

comment created time in 14 minutes

issue commentjoomla/joomla-cms

[3.9.23] SMTP mail sends PHP mail as fallback or unable to start mail function

jsst remove the password that get send to the ajax request so we need a secure way to get it back for this function

toivo

comment created time in 25 minutes

issue commentjoomla/joomla-cms

[3.9.23] SMTP mail sends PHP mail as fallback or unable to start mail function

of course ;-)

maybe @zero-24 can help with this.

I can not help with this IIRC Viktor did the initial code? As you know I'm no JS guy.

toivo

comment created time in 30 minutes

pull request commentjoomla/joomla-cms

[4.0] #29722 hidden recaptcha v2

@hans2103 You can see how it is done in PR #31098.

hans2103

comment created time in an hour

pull request commentjoomla/joomla-cms

[4.0] Incorrect language constant in installation files

I have tested this item :white_check_mark: successfully on fb32c7936889c0d8c12d164598f5b07e9100ee8c<hr /><sub>This comment was created with the <a href="https://github.com/joomla/jissues">J!Tracker Application</a> at <a href="https://issues.joomla.org/tracker/joomla-cms/31487">issues.joomla.org/tracker/joomla-cms/31487</a>.</sub>

Kostelano

comment created time in an hour

pull request commentjoomla/joomla-cms

[4.0] Refactoring some lib_joomla language strings

@HLeithner Yes it is, and an allowed one for J4.0.

Bakual

comment created time in 3 hours

pull request commentjoomla/joomla-cms

[4.0] Refactor JFTP error messages strings

The thing is, you can't really deprecated language strings. You can add a comment on the line before, but only people actually looking into the INI file will see that. It will not be visible in Crowdin nor in PhpStorm. So it's not like deprecations in code where you actually get notified about it and thus the deprecation actually makes sense.

Bakual

comment created time in 3 hours

issue commentjoomla/joomla-cms

Joomla 4 Beta 3 — Smart Search bad output

Yes, as this is the home page, it is accessible by the main menu.

vintzl

comment created time in 3 hours

issue commentjoomla/joomla-cms

[4.0] UX testing

@wilsonge do you have a plan for this? I mean ux testing for rc is a bit late?

ghost

comment created time in 3 hours

issue commentjoomla/joomla-cms

[4.0] [META] Install from Web Tasks

@C-Lodder can you help fixing the rest of the tasks?

mbabker

comment created time in 3 hours

issue commentjoomla/joomla-cms

[3][com_postinstall] warning on php 8

actually I can't replicate the issues, it would be awesome if someone who can reproduce the problem find and solve it.

alikon

comment created time in 4 hours

PR opened joomla/joomla-cms

[4.0] Incorrect language constant in installation files

Summary of Changes

When installing Joomla 4, select the PostgreSQL type and enter the database name that starts with a number.

We get an error.

Screenshot_1

The constant appears two times in the files below.

Screenshot_2

PR fixes the problem.

+2 -2

0 comment

2 changed files

pr created time in 4 hours

pull request commentjoomla/joomla-cms

[3.x] URL Invalid

RTC<hr /><sub>This comment was created with the <a href="https://github.com/joomla/jissues">J!Tracker Application</a> at <a href="https://issues.joomla.org/tracker/joomla-cms/31486">issues.joomla.org/tracker/joomla-cms/31486</a>.</sub>

brianteeman

comment created time in 4 hours

pull request commentjoomla/joomla-cms

[3.x] URL Invalid

I have tested this item :white_check_mark: successfully on 53b852080fa5939f546c15d6c4baedc134b2a75b<hr /><sub>This comment was created with the <a href="https://github.com/joomla/jissues">J!Tracker Application</a> at <a href="https://issues.joomla.org/tracker/joomla-cms/31486">issues.joomla.org/tracker/joomla-cms/31486</a>.</sub>

brianteeman

comment created time in 4 hours

pull request commentjoomla/joomla-cms

[3.x] URL Invalid

I have tested this item :white_check_mark: successfully on 53b852080fa5939f546c15d6c4baedc134b2a75b<br /><br />Tested successfully in 3.9.23<hr /><sub>This comment was created with the <a href="https://github.com/joomla/jissues">J!Tracker Application</a> at <a href="https://issues.joomla.org/tracker/joomla-cms/31486">issues.joomla.org/tracker/joomla-cms/31486</a>.</sub>

brianteeman

comment created time in 5 hours

pull request commentjoomla/joomla-cms

[3.x] URL Invalid

I have tested this item :white_check_mark: successfully on 53b852080fa5939f546c15d6c4baedc134b2a75b<br /><br />Tested successfully in 3.9.23<hr /><sub>This comment was created with the <a href="https://github.com/joomla/jissues">J!Tracker Application</a> at <a href="https://issues.joomla.org/tracker/joomla-cms/31486">issues.joomla.org/tracker/joomla-cms/31486</a>.</sub>

brianteeman

comment created time in 5 hours

issue commentjoomla/joomla-cms

[3][com_postinstall] warning on php 8

@HLeithner Thank you. "only FOF": Does it mean that there is actually no problem — that I will not get stuck when working on my local host? If so, how can I have the warnings removed without deactivating the php_xdebug extension?<hr /><sub>This comment was created with the <a href="https://github.com/joomla/jissues">J!Tracker Application</a> at <a href="https://issues.joomla.org/tracker/joomla-cms/31446">issues.joomla.org/tracker/joomla-cms/31446</a>.</sub>

alikon

comment created time in 5 hours

pull request commentjoomla/joomla-cms

[4.0][RFC] Fix CSP and apply deferred attribute to all scripts (with exceptions)

but jquery

As I said this is 100% backwards compatible (jQuery or even Mootools would be happy. I won't if I see them, but we all know I'm a special case 😃)

dgrammatiko

comment created time in 5 hours

pull request commentjoomla/joomla-cms

[4.0] Fix subform default value filtering, and warning while string foreach()

RTC<hr /><sub>This comment was created with the <a href="https://github.com/joomla/jissues">J!Tracker Application</a> at <a href="https://issues.joomla.org/tracker/joomla-cms/31400">issues.joomla.org/tracker/joomla-cms/31400</a>.</sub>

Fedik

comment created time in 6 hours

issue closedjoomla/joomla-cms

Terms surrounded by colons [Language]

Problem identified

Language values (all Joomla versions) shows some terms surrounded by colons (:) as in

JFolder: :delete: Path is not a folder. Path: %s
JLIB_FILESYSTEM_ERROR_PATH_IS_NOT_A_FOLDER
File: en-GB.lib_joomla.ini

JFolder: :files: Path is not a folder. Path: %s
JLIB_FILESYSTEM_ERROR_PATH_IS_NOT_A_FOLDER_FILES
File: en-GB.lib_joomla.ini


JFolder: :folder: Path is not a folder. Path: %s
JLIB_FILESYSTEM_ERROR_PATH_IS_NOT_A_FOLDER_FOLDER
File: lib_joomla.ini

JFolder: :files: Path is not a folder. Path: %s
JLIB_FILESYSTEM_ERROR_PATH_IS_NOT_A_FOLDER_FILES
File: en-GB.ini

Are those of to be translated? Are they placeholders? Or just technical terms (as in method names)?

Proposed solution

It should be clear for translators if they can be or not translated. If they are to be translated maybe the sentences could be in better english (not my field as I'm not a proper english speaker!)

closed time in 6 hours

horus68

issue commentjoomla/joomla-cms

Collation connection - issue

Hi richard67, Many Thanks! I'm going to investigate it and I'll report here soon...

joomleb

comment created time in 6 hours

issue closedjoomla/joomla-cms

"URL invalid" is not translatable

Steps to reproduce the issue

  • SEF enabled

  • Load a page: https://www.example.com/anytext.html

Expected result

Message according to language, for example, "404 URL inválida".

Actual result

"404 URL invalid"

System information (as much as possible)

Joomla 3.9.21

Additional comments

By searching for "URL invalid" in Joomla files, I found only one reference, line 238 of \libraries\src\Router\Router.php

`throw new RouteNotFoundException('URL invalid');`

That text is not translatable. I tried by adding the line URL invalid="URL inválida" in es-ES.ini file but no avail.

Notice that this happens only in route problem because the URL ends with html. If I write, for example, https://www.example.com/sfsfsdg the error shown is JERROR_PAGE_NOT_FOUND which is translatable.

closed time in 6 hours

jaimestuardo

PR opened joomla/joomla-cms

[4.0][RFC] Fix CSP and apply deferred attribute to all scripts (with exceptions)

Pull Request for Issue # .

Summary of Changes

  • Apply nonce to all inline scripts and styles
  • Introduce the type="module" nomodule for scripts (eg load ES2015+ for new browsers or legacy js for old browsers)
  • Defer all scripts (unless an attribute data-joomla-no-defer exists or the script has an attribute async, or an attribute type=module which is deferred by default)
  • To defer the inline scripts the contents are base64 encoded and assigned to the src attribute, keep reading...
  • This is fully backwards compatible!!!

The CSP problem

First and mostly lets thank @zero-24 for implementing the endpoint and the headers part for CSP and @wilsonge adding the nonce attribute for the inline scripts/styles. That said the CSP, as is right now` is totally broken even when someone will use the Joomla API and here's the proof:

  • add these lines into atum/cassiopeia index.php:
$this->addCustomTag('<script>
if (window.jQuery) {
	console.log(\'hello\')
}
</script>');
$this->addCustomTag('<style>
:root {
    --atum-sidebar-bg: red;
}
</style>');
  • The expectation is that since I'm using the API the style/script would have a nonce attribute but they don't and thus the CSP is BROKEN! To take this one step forward try to insert the following code into any layout (component/module/JLayout)
<style>
:root {
    --atum-sidebar-bg: red;
}
</style>
<script>
if (window.jQuery) {
	console.log(\'hello\')
}
</script>

Once again the CSP is broken as there's no nonce attribute

  • The proposed fix: regex sales/scripts in the component/modules renderers and apply the missing attribute nonce.

The script defer

Some background (very brief) information on the scripts loading (read more on https://flaviocopes.com/javascript-async-defer/ )

  • Joomla 3.x has all the scripts (appended using the API) in the head of the document resulting into blocking the parser: without-defer-async-head

  • Joomla 4.0 moved the code to the body end (breaking B/C and possibly any inline script that exists into any component/module content). Although it doesn't pause the parser it introduces another problem, scripts starts downloading late and maybe behind fetches for images and other not critical assets without-defer-async-body

  • The proposed solution: defer all scripts but keep them in the head (or wherever the dev injected them) with-defer

The last one is not the first time tried for Joomla 4.0 (eg: https://github.com/joomla/joomla-cms/pull/22460 ) but that PR had side effects, notably the inline scripts inside any content area. So the solution is a two fold here, since fixing the CSP requires adding the nonce attribute we can add also a defer attribute. Unfortunately this will not work for inline scripts since the browsers behaviour (unless type=module) is to parse and execute immediately. We will bend things a bit here by appending the content of the inline script to the src attribute and to do that we will use the very well known/supported way of encoding the data: $attribs['src'] = 'data:text/javascript;base64,' . base64_encode($content);. That's it. Scripts get to load the new ES2015+ code for newer browsers, have a fallback for IE11 or other legacy, and the inline scripts are properly deferred.

Things that need a decision

  • The name of the attribute that will bail out from this behaviour (atm data-joomla-no-defer
  • Shall the templates have the ability to skip the parsing of the components/modules for CSP/deferred scripts? atm I left a snippet there of what that could look like:
if ($template->params->getBool('joomla_skip_assets_processing_modules', true))
{
   $module->content = $this->fixAssets($content);
}

Testing Instructions

Follow the description above

Actual result BEFORE applying this Pull Request

Lighthouse really bad results

Expected result AFTER applying this Pull Request

A bit better Lighthouse results, but there's a lot more work to get to the green fields...

@zero-24 since I know that you're in charge of the Lighthouse insights integration could you please ask Paul Irish to comment on this proposal?

Documentation Changes Required

Probably

+534 -168

0 comment

25 changed files

pr created time in 6 hours

issue commentjoomla/joomla-cms

Why do we use the ID of the category for checking permissions in toolbar of an item?

Thank you @wojsmol But I can not find an entry "ACL Issues when user has edit (but not create) permission in…" in joomlacode-archive. What is my mistake?

astridx

comment created time in 6 hours

pull request commentjoomla/joomla-cms

[4.0] Remove extra session query

This might look like a duplicate query, but from an engineering perspective, the current API is correct and a system engineer from the Joomla team should reject this pull request.

The changes in this pull request introduce a hidden dependency for this metadata manager class to function properly, the assumption that the session handler has promptly written a record to the database before this metadata manager can be properly used. This is the type of assumption that leads to broken code.

For background, the database session handler in Joomla 3 and earlier have this same fundamental problem in that it assumes that it can only perform UPDATE queries, which means it relies on another part of the system to run the INSERT query and if that doesn't happen for some reason then the session handler will critically fail. Luckily, someone fixed this fatal flaw in the 4.0 API.

Denitz

comment created time in 6 hours

pull request commentjoomla/joomla-cms

[4.0] New authorization library and database normalization

Joomla continues to have a bottle neck in the permissions 2 years later.

The short answer was to enlarge the column, but this is also being pushed back as a bad choice (as a performance impact) which I understand, and agree, but what other options do we have? The greater performance impact is not being able to manage large sets of permissions, and therefore limiting Joomla.

So yes five years ago I made this choice in JCB https://github.com/vdm-io/Joomla-Component-Builder/issues/616

So for five years 5000+ extensions have changed this table, and have enjoyed larger permissions with little to no noticeable impact.

We must resolve this, or at least allow a workaround.

klas

comment created time in 7 hours

issue commentjoomla/joomla-cms

[3.x] Publising a tag in the backend overview doesn't work

can you make a screen cast like brian and maybe tell us which extensions you are using.

But basically this looks like a question for the forum because it doesn't seem to be a bug in joomla

may33

comment created time in 7 hours

issue commentjoomla/joomla-cms

[3.x] Publising a tag in the backend overview doesn't work

No solutions for that? :)

may33

comment created time in 7 hours

Pull request review commentjoomla/joomla-cms

[4.0] Prefill tags with most used items

 COM_TAGS_CONFIG_SELECTION_SETTINGS_LABEL="Item Selection" COM_TAGS_CONFIG_SHARED_SETTINGS_DESC="These settings apply to all tag layouts unless they are changed for a specific menu item." COM_TAGS_CONFIG_SHARED_SETTINGS_LABEL="Shared Layout" COM_TAGS_CONFIG_TAG_MIN_LENGTH_LABEL="Minimum Search Length"+COM_TAGS_CONFIG_TAG_PREFILL_LIMIT_LABEL="Initial number of shown tags"

I was hoping that brian makes a suggestion for the label ;-)

HLeithner

comment created time in 8 hours

more