Thomas Müller
84eb00e428
Merge pull request #14342 from owncloud/disallow-path-traversals-in-file-view
...
Disallow path traversals in file view
2015-02-19 10:27:04 +01:00
Lukas Reschke
4decbc2efa
Add `Satisfy All`
...
Fixes https://github.com/owncloud/core/issues/14356
2015-02-19 02:16:44 +01:00
Thomas Müller
b32d31a2f1
Merge pull request #13836 from owncloud/part-no-cache-update
...
Dont update the cache when working with part files
2015-02-19 00:08:10 +01:00
Lukas Reschke
46ca0fa481
Add some basic PHPDoc to functions
2015-02-18 18:17:33 +01:00
Lukas Reschke
41e5850450
Prevent directory traversals in ctr of \OC\Files\View
...
This prevents a misusage of \OC\Files\View by calling it with user-supplied input. In such cases an exception is now thrown.
2015-02-18 18:17:33 +01:00
Clark Tomlinson
8d09cc3b91
Merge pull request #13989 from owncloud/enhancment/security/11857
...
Allow AppFramework applications to specify a custom CSP header
2015-02-18 10:27:29 -05:00
AW-UC
097d455213
provide case-insensitive natural sorting
...
This makes OC's naturalsort_defaultcollator case-insensitive
2015-02-18 15:49:03 +01:00
Lukas Reschke
e4bf3fcb53
Merge pull request #14330 from owncloud/revert-13879-add_debug_log_for_memcache_instantiation
...
Revert "add debug log for memcache instantiation"
2015-02-18 15:45:38 +01:00
Robin Appelman
5542fafd36
allow overwriting the appmanager in oc_util by subclassing
2015-02-18 14:24:50 +01:00
Lukas Reschke
cd4c064ebf
Revert "add debug log for memcache instantiation"
2015-02-18 14:16:14 +01:00
Lukas Reschke
a666f804c7
Use the untrusted domain in the installer
2015-02-18 13:59:37 +01:00
Thomas Müller
2b1f39cd6b
Merge pull request #14308 from owncloud/fix-14247
...
Add mapping for a broken varchar type.
2015-02-18 10:05:33 +01:00
Lukas Reschke
ceaa193df2
Merge pull request #14273 from owncloud/require-at-least-apcu-4-0-6
...
Use APCu only if available in version 4.0.6 and higher
2015-02-18 01:07:54 +01:00
Morris Jobke
5d7d2adcbf
Merge pull request #14207 from owncloud/propfind-optimize
...
Optimize quota calculation for propfind
2015-02-18 00:18:47 +01:00
Victor Dubiniuk
090db867d5
Add mapping for a broken varchar type. Fixes #14247
2015-02-17 23:22:57 +03:00
Robin Appelman
e672f8cc8f
Use appmanager in OC_App::enable/disable
2015-02-17 15:05:29 +01:00
Robin Appelman
04628cf368
better name for getAppsEnabledForUser
2015-02-17 15:05:29 +01:00
Robin Appelman
434835b326
also set user in UserSession when doing OC_User::setUserId
2015-02-17 15:05:29 +01:00
Robin Appelman
409453bc60
better user group caching
2015-02-17 15:05:29 +01:00
Robin Appelman
5c68c81d00
Update cache when enabling/disabling apps
2015-02-17 15:05:25 +01:00
Lukas Reschke
b701bbd8c5
Use APCu only if available in version 4.0.6 and higher
...
APCu before 4.0.6 is unbelievable buggy and tend to segfault the PHP process (i.e. the whole webserver)
This potentially fixes https://github.com/owncloud/core/issues/14175
Requires a backport to stable8
2015-02-17 13:28:02 +01:00
Christian Seiler
535757bc42
DAV authentication: also use Owncloud's internal user for short-circuit
...
It still works otherwise, but without this, the performance optimization
of #13416 is defeated in these situations.
2015-02-16 23:47:39 +01:00
Christian Seiler
1377ebc7e9
DAV authentication: use Owncloud's internal user instead of HTTP-supplied one
...
Fixes : #14048 , #14104 , calendar#712
2015-02-16 23:34:49 +01:00
Lukas Reschke
cebf9f6a5a
Incorporate review changes
2015-02-16 22:13:03 +01:00
Lukas Reschke
992164446c
Add blackmagic due to cyclic dependency 🙈
2015-02-16 22:13:01 +01:00
Lukas Reschke
9f91d64918
Make scrutinizer happy
2015-02-16 22:13:00 +01:00
Lukas Reschke
886bda5f81
Refactor OC_Request into TrustedDomainHelper and IRequest
...
This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed.
This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions.
Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though.
Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969
2015-02-16 22:13:00 +01:00
Victor Dubiniuk
bdfc9b57bd
Skip primary index if the table has one
2015-02-16 20:30:28 +01:00
Jörn Friedrich Dreyer
87db136508
add debug log for memcache instantiation
2015-02-16 18:05:43 +01:00
Morris Jobke
5a5d6bf4db
Merge pull request #14128 from owncloud/drop-unused-methods
...
Remove unused function and correct PHPDoc
2015-02-16 17:37:36 +01:00
Thomas Müller
9271059195
Merge pull request #13750 from owncloud/enhanced-code-checker
...
Implement php code checker to detect usage of not allowed private ...
2015-02-16 16:55:57 +01:00
Joas Schilling
8eb804b1f6
Merge pull request #13269 from owncloud/issue/13211-cache-array-implementation
...
Add an array implementation of cache and use it if we are not debugging
2015-02-16 15:35:20 +01:00
Robin Appelman
23ab25e93a
Use the app manager from oc_app
2015-02-16 15:16:13 +01:00
Robin Appelman
2b58e8489f
Add getInstalledApps and getAppsForUser to the app manager
2015-02-16 15:15:35 +01:00
Thomas Müller
9c47ab91f2
Merge pull request #14194 from owncloud/url-encode-logout-attribute
...
URLEncode logout attribute
2015-02-16 15:04:20 +01:00
Joas Schilling
8848b5f067
Add an array implementation of cache and use it if we are not debugging
2015-02-16 14:55:50 +01:00
Lukas Reschke
c6705ab574
Merge pull request #13890 from owncloud/add-no-referrer
...
Add `rel="noreferrer"` where possible and switch to HTTPS
2015-02-16 14:36:44 +01:00
Lukas Reschke
7e45f5d27b
Remove unused function and correct PHPDoc
2015-02-16 13:46:45 +01:00
Lukas Reschke
8791f1992e
Add noreferrer to footer URI
2015-02-16 13:37:54 +01:00
Thomas Müller
78febb2ee5
Merge pull request #14201 from owncloud/propagator-dont-decrease-mtime
...
Dont lower the mtime of a folder when propagating changes
2015-02-16 11:32:17 +01:00
Lukas Reschke
b20174bdad
Allow AppFramework applications to specify a custom CSP header
...
This change allows AppFramework applications to specify a custom CSP header for example when the default policy is too strict. Furthermore this allows us to partially migrate away from CSS and allowed eval() in our JavaScript components.
Legacy ownCloud components will still use the previous policy. Application developers can use this as following in their controllers:
```php
$response = new TemplateResponse('activity', 'list', []);
$cspHelper = new ContentSecurityPolicyHelper();
$cspHelper->addAllowedScriptDomain('www.owncloud.org');
$response->addHeader('Content-Security-Policy', $cspHelper->getPolicy());
return $response;
```
Fixes https://github.com/owncloud/core/issues/11857 which is a pre-requisite for https://github.com/owncloud/core/issues/13458 and https://github.com/owncloud/core/issues/11925
2015-02-16 11:00:41 +01:00
Thomas Müller
d5ca5c7bcc
Merge pull request #14138 from owncloud/fix-image-flip-php53
...
Don't flip image in PHP 5.4
2015-02-16 10:26:56 +01:00
Robin Appelman
9abaa0cc61
pass fileinfo to getStorageInfo
2015-02-13 17:59:58 +01:00
Robin Appelman
fb2a3284df
Cache quota info for directories
2015-02-13 17:50:53 +01:00
Robin Appelman
134243d3e5
Dont lower the mtime of a folder when propagating changes
2015-02-13 14:30:05 +01:00
Lukas Reschke
276bfe5f33
Merge pull request #14197 from owncloud/ensure-that-passed-file-path-is-always-a-string
...
Ensure that passed argument is always a string
2015-02-13 13:30:54 +01:00
Lukas Reschke
95860d8113
Merge pull request #14086 from hlop/master
...
App install behind a Proxy
2015-02-13 12:56:01 +01:00
Lukas Reschke
9904b30070
Ensure that passed argument is always a string
...
Some code paths called the `normalizePath` functionality with types other than a string which resulted in unexpected behaviour.
Thus the function is now manually casting the type to a string and I corrected the usage in list.php as well.
2015-02-13 12:49:34 +01:00
Lukas Reschke
025110821f
URLEncode logout attribute
...
Otherwise logout can fail if the requesttoken contains a +
2015-02-13 12:08:23 +01:00
Joas Schilling
6c349c00bb
Order methods to by grouped by their task
2015-02-13 11:55:06 +01:00
Joas Schilling
be63e18b0a
Check whether filter is valid, before doing stuff for it
2015-02-13 11:50:55 +01:00
Joas Schilling
c02de748e5
Cache some values from the extensions
2015-02-13 11:36:34 +01:00
Lukas Reschke
8e8acad550
Merge pull request #14145 from owncloud/no-whitespace-from-themes-master
...
catch any whitespaces which might get written to the output buffer while...
2015-02-12 17:23:28 +01:00
Thomas Müller
fc7f279d90
catch any whitespaces which might get written to the output buffer while loading a theme
2015-02-12 16:42:17 +01:00
Lukas Reschke
2f80be45b0
Remove internal annotation
...
PHPStorm complained about those functions being declared as Internal. I doubt that this is actually the case since they are even in the public API.
2015-02-12 16:35:47 +01:00
Björn Schießle
780024e252
Merge pull request #14071 from owncloud/add_timeout_for_post_requests
...
add timeout to curl request
2015-02-12 11:38:35 +01:00
Morris Jobke
f4182d2dc9
Merge pull request #10993 from owncloud/scanner-reuse-fileid
...
Reuse known fileids and cache data in the scanner
2015-02-12 10:53:00 +01:00
Bjoern Schiessle
4155252379
add timeout to curl request
2015-02-12 10:51:39 +01:00
Morris Jobke
a496c34aea
Check if imageflip is available
...
* imageflip() isn't available in PHP < 5.5
* fixes #14130
2015-02-12 10:21:20 +01:00
Lukas Reschke
86139fcce8
Deprecate `OC_JSON` and `OCP\JSON`
...
This deprecates – but not removes – those two classes and all functions in it. There is no reason that new developments should use those methods as with the AppFramework there is a replacement that allows testable code.
With the `@deprecated` annotation IDEs like PHPStorm will point out to the developer that a functionality is deprecated and that there is a better suited replacement.
2015-02-12 00:56:13 +01:00
Thomas Müller
9ecb36e81f
integrate code checker in the installer
2015-02-11 23:37:51 +01:00
Thomas Müller
99a97649f2
Merge pull request #14097 from yanntech/fix/utf8-check
...
in some case charset can be in lower case.
2015-02-11 18:04:54 +01:00
Vincent Petry
fbbb9fe0fd
Merge pull request #13979 from owncloud/group-share-collition-wrong-type-in-post-hook
...
Do not overwrite the shareType so the post hook is still correct
2015-02-11 15:23:13 +01:00
Robin Appelman
9df18ffe75
only read permissions once
2015-02-11 13:11:31 +01:00
Robin Appelman
9bbfeada6b
Only try to scan the children of directories
2015-02-11 13:11:31 +01:00
Robin Appelman
dc6468c2aa
Cast mtimes and size to int
2015-02-11 13:11:28 +01:00
Robin Appelman
4242dd0d9d
Reuse cache data of existing files during scan
2015-02-11 13:08:28 +01:00
Yann VERRY
1fcea6f1bd
in some case charset can be in lower case.
...
Add strtoupper() in UTF-8 check to avoid error message
2015-02-11 11:59:33 +01:00
Witali Rott
531c89a610
App install behind a Proxy
2015-02-11 07:47:50 +01:00
Thomas Müller
45dcca2fcb
Merge pull request #13861 from owncloud/remove-disabled-files-repair-step
...
Revert "enabled disabled files app in repair step"
2015-02-10 22:46:53 +01:00
Morris Jobke
11283c57d9
Merge pull request #11056 from AdamWill/9885-opcode
...
add function to invalidate one opcache file, use it if possible #9885
2015-02-10 17:21:15 +01:00
Thomas Müller
d74662df7d
implement php code checker to detect usage of not allowed private APIs - including console command to check local code to be used by developers
2015-02-10 11:51:24 +01:00
Morris Jobke
1bb6de7c1b
Merge pull request #13425 from owncloud/phpdoc_cleanup
...
Cleanup of PHPDoc return types
2015-02-10 01:14:00 +01:00
Morris Jobke
068f6107c6
Merge pull request #13842 from owncloud/is_file_2_is_readable
...
check if cache files are readable
2015-02-09 23:45:32 +01:00
Lukas Reschke
74de345c7f
Merge pull request #13511 from owncloud/naturalsort_speeeeeed
...
NaturalSort performance improvements
2015-02-09 18:39:52 +01:00
Vincent Petry
c4d9ae8af4
Merge pull request #13928 from owncloud/prevent_ghost_files_master
...
prevent creation of ghost directories
2015-02-09 18:15:45 +01:00
Vincent Petry
5296767393
Merge pull request #13921 from owncloud/ocs-af
...
Add a controller and reponse for ocs
2015-02-09 18:11:47 +01:00
Vincent Petry
605e2357a1
Merge pull request #13852 from owncloud/cache-app-versions
...
Cache app versions
2015-02-09 18:03:19 +01:00
Vincent Petry
c7fcd42edb
Merge pull request #13870 from owncloud/drop-oc-preferences-2
...
drop OC\Preferences
2015-02-09 17:49:05 +01:00
Vincent Petry
b7b8c0c2e5
Merge pull request #13869 from owncloud/drop-oc-preferences
...
drop OC_Preferences
2015-02-09 17:48:36 +01:00
Lukas Reschke
47c7eb4e70
Merge pull request #13973 from owncloud/enhancement/security/13366
...
Respect `mod_unique_id` and refactor `OC_Request::getRequestId`
2015-02-09 17:35:19 +01:00
Robin McCorkell
a79757bc37
Store FileInfo::getType() result for future use
2015-02-09 16:34:11 +00:00
Robin McCorkell
44c330aa5d
Performance improvements for NaturalSort
...
A combination of using isset() instead of count() or strlen(), caching the
chunkify function, and replacing is_numeric() with some comparisons
2015-02-09 16:32:43 +00:00
Vincent Petry
5d8f1a1de3
Merge pull request #13854 from owncloud/avatar-exists
...
Add a better way to check if an avatar exists for the user
2015-02-09 17:06:24 +01:00
Joas Schilling
31b93ac19a
Do not overwrite the shareType so the post hook is still correct
2015-02-09 12:59:29 +01:00
Robin Appelman
45e3cbefc9
Check directory handle before we use it
2015-02-09 12:36:18 +01:00
Lukas Reschke
770fa761b8
Respect `mod_unique_id` and refactor `OC_Request::getRequestId`
...
When `mod_unique_id` is enabled the ID generated by it will be used for logging. This allows for correlation of the Apache logs and the ownCloud logs.
Testplan:
- [ ] When `mod_unique_id` is enabled the request ID equals the one generated by `mod_unique_id`.
- [ ] When `mod_unique_id` is not available the request ID is a 20 character long random string
- [ ] The generated Id is stable over the lifespan of one request
Changeset looks a little bit larger since I had to adjust every unit test using the HTTP\Request class for proper DI.
Fixes https://github.com/owncloud/core/issues/13366
2015-02-09 11:53:11 +01:00
Lukas Reschke
0e604aa875
Merge pull request #13948 from owncloud/cache-move-transaction
...
Use transactions when renaming directory contents
2015-02-08 19:08:52 +01:00
Morris Jobke
90556cb70b
Merge pull request #12283 from oparoz/sfnt-fonts
...
Updated the media type of some font types
2015-02-07 13:33:49 +01:00
Morris Jobke
11ded92a73
Merge pull request #13830 from owncloud/fix-redirect-404
...
Don't encode url unecessary twice
2015-02-07 13:24:47 +01:00
Robin Appelman
6c00521e8b
Use transactions when renaming directory contents
2015-02-06 15:20:53 +01:00
Thomas Müller
bc56fef619
Merge pull request #13932 from owncloud/revert-sabredav-etag-master
...
Revert "adding OC-ETag header"
2015-02-06 12:05:32 +01:00
Lukas Reschke
4d91fa4c93
Normalize before processing
2015-02-06 15:03:29 +01:00
Vincent Petry
8210200770
Revert "adding OC-ETag header"
...
This reverts commit 96a931929e
.
2015-02-05 20:43:37 +01:00
Bjoern Schiessle
1448f281b7
for password protected link shares the password is stored in shareWith, so we need to set this manually to null for the hooks
2015-02-05 17:23:59 +01:00
Bernhard Posselt
fdc64e370c
add a controller and reponse for ocs
2015-02-05 14:02:17 +01:00
Robin Appelman
adf9a4e4eb
Dont bother updating the cache when working with part files
2015-02-05 13:59:50 +01:00
Robin Appelman
842d0e227c
Dont update the cache after fopen
2015-02-05 13:47:32 +01:00
Björn Schießle
486f49ed72
Merge pull request #13881 from owncloud/upload_to_root_of_mountpoint
...
detect root of mountpoint also if the trailing slash is missed
2015-02-04 14:44:02 +01:00
Bjoern Schiessle
21c45925fe
detect root of mountpoint also if the trailing slash is missed
2015-02-04 12:47:04 +01:00