Merge branch 'hotfix-10.25.7' into stable

Author: DominicWatson

system/handlers/admin/SiteTree.cfc

@@ -1198,8 +1198,7 @@ component extends="preside.system.base.AdminHandler" {
 		var pageId = rc.id ?: "";
 
 		if ( pageId.isEmpty() ) {
-			getController().getCachebox().clearAll();
-			announceInterception( "onClearCaches", {} );
+			siteTreeService.clearAllCaches();
 
 			event.audit(
 				  action = "clear_page_cache"

system/services/security/AntiSamyService.cfc

@@ -15,7 +15,8 @@ component {
 
 // PUBLIC API
 	public any function clean( required string input, string policy="preside" ) {
-		var antiSamyResult = _getAntiSamy().scan( arguments.input, _getPolicy( arguments.policy ) );
+		var dirtyHtml      = ReplaceNoCase( arguments.input, """, "&~~~quot;", "all" );
+		var antiSamyResult = _getAntiSamy().scan( dirtyHtml, _getPolicy( arguments.policy ) );
 		var cleanHtml      = antiSamyResult.getCleanHtml();
 
 		return _removeUnwantedCleanses( cleanHtml, arguments.policy );
@@ -72,6 +73,9 @@ component {
 			uncleaned = uncleaned.replace( cleanedAmpersand, "&", "all" );
 		}
 
+		uncleaned = ReplaceNoCase( uncleaned, """, """", "all" );
+		uncleaned = ReplaceNoCase( uncleaned, "&~~~quot;", """, "all" );
+
 		return uncleaned;
 	}
 

system/services/siteTree/SiteTreeService.cfc

@@ -17,7 +17,7 @@ component {
 	 * @websitePermissionService.inject    websitePermissionService
 	 * @rulesEngineConditionService.inject rulesEngineConditionService
 	 * @cloningService.inject              presideObjectCloningService
-	 * @pageCache.inject                   cachebox:PresidePageCache
+	 * @cachebox.inject                    cachebox
 	 */
 	public any function init(
 		  required any loginService
@@ -30,7 +30,7 @@ component {
 		, required any websitePermissionService
 		, required any rulesEngineConditionService
 		, required any cloningService
-		, required any pageCache
+		, required any cachebox
 	) {
 		_setLoginService( arguments.loginService );
 		_setPageTypesService( arguments.pageTypesService );
@@ -42,7 +42,7 @@ component {
 		_setWebsitePermissionService( arguments.websitePermissionService );
 		_setRulesEngineConditionService( arguments.rulesEngineConditionService );
 		_setCloningService( arguments.cloningService );
-		_setPageCache( arguments.pageCache );
+		_setCachebox( arguments.cachebox );
 		_setPageSlugsAreMultilingual();
 
 		if ( $isFeatureEnabled( "sitetree" ) ) {
@@ -1357,17 +1357,32 @@ component {
 		return page.id ?: "";
 	}
 
-	public void function clearPageCache( required string pageId ) {
-		var pageUrl    = ReReplace( $getRequestContext().buildLink( page=arguments.pageId ), "^https?://.*?/", "/" );
+	public void function clearAllCaches() {
+		_getCachebox().clearAll();
+		$announceInterception( "onClearCaches", {} );
+	}
+
+	public void function clearPageCache( string pageId="", string pageUrl="" ) {
+		var pageUrl    = ReReplace( Len( arguments.pageId ) ? $getRequestContext().buildLink( page=arguments.pageId ) : arguments.pageUrl, "^https?://.*?/", "/" );
 		var sectionUrl = ReReplace( pageUrl, "\.html$", "/" );
 
-		_getPageCache().clearByKeySnippet( pageUrl );
-		_getPageCache().clearByKeySnippet( sectionUrl );
+		if ( Len( pageUrl ) ) {
+			_getCachebox().getCache( "PresidePageCache" ).clearByKeySnippet( pageUrl );
+			_getCachebox().getCache( "PresidePageCache" ).clearByKeySnippet( sectionUrl );
 
-		$announceInterception( "onClearPageCaches", {
-			  pageUrl    = pageUrl
-			, sectionUrl = sectionUrl
-		} );
+			$announceInterception( "onClearPageCaches", {
+				  pageUrl    = pageUrl
+				, sectionUrl = sectionUrl
+			} );
+		}
+	}
+
+	public void function clearPageTypeCaches( required array pageTypes=[] ) {
+		var pages = _getPObj().selectData( selectFields=[ "id" ], filter={ page_type=arguments.pageTypes } );
+
+		for ( var page in pages ) {
+			clearPageCache( pageId=page.id );
+		}
 	}
 
 // PRIVATE HELPERS
@@ -1821,11 +1836,11 @@ component {
 		_cloningService = arguments.cloningService;
 	}
 
-	private any function _getPageCache() {
-		return _pageCache;
+	private any function _getCachebox() {
+		return _cachebox;
 	}
-	private void function _setPageCache( required any pageCache ) {
-		_pageCache = arguments.pageCache;
+	private void function _setCachebox( required any cachebox ) {
+		_cachebox = arguments.cachebox;
 	}
 
 	private void function _setPageSlugsAreMultilingual() {

tests/integration/api/security/AntiSamyServiceTest.cfc

@@ -42,6 +42,13 @@ component extends="testbox.system.BaseSpec" {
 				expect( antiSamy.clean( "&" ) ).toBe( "&" );
 			} );
 
+			it( "should not replace "" characters in input", function(){
+				expect( antiSamy.clean( """" ) ).toBe( """" );
+			} );
+			it( "should retain existing " in input", function(){
+				expect( antiSamy.clean( """ ) ).toBe( """ );
+			} );
+
 		} );
 
 	}