Fixes#115005
The vertex_2d flag in active_surface_data was not being reset when surface_begin() was called, causing misleading error messages when mixing 2D and 3D vertices across different surfaces.
When opening a Godot 4.5 project in 4.6 and saving scenes with editable
children of imported scenes (e.g., .blend files), all animation data was
incorrectly being saved to the .tscn file.
This happened because the AnimationLibrary serialization format changed
between 4.5 and 4.6:
- 4.5: 'libraries' as a single Dictionary property
- 4.6: 'libraries/<name>' as separate properties per library
When the scene packer looked for 'libraries/<name>' in old imported
scenes, it didn't find them (only 'libraries' existed), causing all
animation data to appear as 'overridden' and be saved.
This fix adds backwards compatibility in SceneState::get_property_value()
to check for the old Dictionary format when looking up 'libraries/<name>'
properties. It only applies to nodes that inherit from AnimationMixer,
allowing property comparison to work correctly and preventing animation
data from being duplicated into .tscn files.
Fixes#113037
A fix for LineEdit to reacquire Text Focus
when enabled while UI-focused.
When the player has a UI-focus on a disabled LineEdit node
and that node gets enabled, caret won't appear and arrow keys
will shift UI focus to other Control nodes.
By adding an if-check to call `edit()` in `set_enabled()` function,
LineEdit will capture Text Input Focus when it gets enabled if
the player has set UI focus on it.
Fixes#114846
The behavior of 301 and 302 redirects in the HTTPRequest node are not
standards-compliant. Specifically, requests using unsafe methods were not
being changed to GET and their headers were not being modified. This
means that we were automatically redirecting POST, PUT, etc. requests
with empty bodies and the same headers. This can pose a security risk if
the server expects 301/302 responses to get changed to GET or if the
user doesn't expect unsafe methods to be automatically redirected.
Per
[RFC9110](https://www.rfc-editor.org/rfc/rfc9110#name-redirection-3xx),
the correct behavior is to change the method to GET for 301 and 302
redirections and remove any content headers as well as those related to
security contexts like "Authorization: ".
I have made these changes, so now the 301 and 302 redirects should
change any unsafe methods to GET and remove any sensitive headers.
GET, HEAD, OPTIONS, and TRACE requests that receive a 301 or 302 are
automatically forwarded unchanged since those methods are safe.
Co-authored-by: Fabio Alessandrelli <fabio.alessandrelli@gmail.com>
Thaddeus Crews
Michael Alexsander
kobewi
Silc Lizard (Tokage) Renew
Rémi Verschelde
passivestar
vaner-org
Bastiaan Olij
Rémi Verschelde
sigmund68k
dfdfg42
kleonc
Ricardo Sanchez-Saez
Joshua Bordelon
SuperTemich2005
BrotherShort
Boozee
kit
Dalton Lang