�� Rector and PHPCS fixes

editor a11y: remove tabindex

these do more harm then good

add alt texts for size ctl images

Update session validation checks in auth.php

Refactor session validation to check for user and pass existence.

Translation update (es)

make JWT available in session

When a token authentication was successful, the token is now added to
the user session. This allows other plugins (like twofactor) make use of
it.

TreeBuilder: skip invalid pages and namespaces

This will hide namespace templates or weird folders from listings.
Can be disabled with a flag if needed.

reuse bcrypt default difficulty #2093

Instead of hardcoding our own default, we can use PHP's constant

set explicit referrer-policy

This emits a referrer policy header. It will instruct browsers to send
an abbreviated (host name only) referrer header on cross-origin
requests.

This fixes issues with

set explicit referrer-policy

This emits a referrer policy header. It will instruct browsers to send
an abbreviated (host name only) referrer header on cross-origin
requests.

This fixes issues with YouTube embeds reported at
splitbrain/dokuwiki-plugin-vshare#154

This setting is the default in many browsers, so it doesn't change
behavior for most people.

More info at:

* https://github.com/splitbrain/dokuwiki-plugin-vshare/issues/154
* https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Referrer-Policy

show more ...

�� Rector and PHPCS fixes

minor typo in install.html

Minor typo in install.html, changed "info available on it's own page" to "info available on its own page".

Translation update (ca)

Give explanation if no $conf could be loaded

Give explanation if no $conf could be loaded (i. e. DOKU_CONF pointing elsewhere)

eliminate warnings in OR search

correctly check for session auth data. fixes #4547

refactor preference cookie handling. fixes #4544

This refactors the DOKU_PREF cookie handling on the PHP side into a
class. It makes encoding/decoding more explicit and easier to
understand.

The ne

refactor preference cookie handling. fixes #4544

This refactors the DOKU_PREF cookie handling on the PHP side into a
class. It makes encoding/decoding more explicit and easier to
understand.

The new class is used in set_doku_pref() and get_doku_pref() which have
not been deprecated for now.

show more ...

Login accessibility improvements

- addes aria and role attributes to the login form for better autocompletion

Translation update (it)

translation update

translation update

translation update

translation update

translation update

Remove HTML from strings based on title and tagline

SECURITY: fix XSS vulnerability. fixes #4512

The namespace selector in the advanced search tools did not correctly
escape the user provided namespace.

This issue was reported by Mario Tesoro.