Fixes#7106
- Echoing the current server time via a JS variable and storing the current time on page load in JS.
- Calculating the diff and taking it into account when deciding whether to show the password confirmation.
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
When a Snap was disabled it stopped listening to the events, but if a
drag gesture was being performed it was kept as active. Thus, when the
Snap was enabled again move events were handled as if the Snap had never
been disabled, causing the gesture handling to continue where it was
left.
When the Snap for the navigation bar is disabled by an app it could be
as a result of a different gesture being recognized by the app (for
example, a vertical swipe) once both gestures have started. In that case
when the other gesture ends and the Snap is enabled again any pointer
movement will cause the navigation bar to slide until an "up" event is
triggered again (obviously not the desired behaviour).
Due to all this now when the Snap for the navigation bar is disabled by
an app the current drag gesture for the navigation bar is ended.
Note that this was added as a parameter to "Snap.disable()" instead of
done unconditionally to keep back-compatibility with the previous
behaviour (probably not really needed as it is unlikely that any app is
using the Snap library relying on that behaviour... but just in case).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
On narrow screens a slide gesture can be used to open or close the
navigation bar. However that gesture could conflict at times with the
gestures used by certain apps (for example, if the right sidebar is open
the user may expect to close it by dragging it to the right, but that
could open the navigation bar instead depending on how the events are
handled). This commit makes possible for apps to disallow and allow
again that slide gesture.
In any case, note that applications can only disallow the gesture,
but they can not enable it. That is, they can prevent the gesture from
being used on narrow screens, but they can not make the gesture work on
wide screens; they are always limited by the base rules set by the core.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Now a file gets its directory permissions only if it contained no
permissions (they were undefined or null), but not if its permissions
were set to "NONE".
Besides that, now file actions that do not require any permission on the
file to be performed can be used on files that have no permissions.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
test files against ignore_files list on upload
fix typo and indentation
Move blacklist declaration to lib/public/Files/FileInfo.php,
Rename *ignored to *blacklisted
Mocked blacklist_files for testing
Mocked blacklist_files for testing
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Disable execution of eval in jQuery. We do require an allowed eval CSP
configuration at the moment for handlebars et al. But for jQuery there is
not much of a reason to execute JavaScript directly via eval.
This thus mitigates some unexpected XSS vectors. As example try to insert
`$('.fileinfo').html('<a href="asd"><script>alert(1)</script></a>');`
with and without this patch in your browsers JS console when the file list
is opened.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
this fixes#3634
1. fixed computerFileSize to be more picky about incorrect values
2. more tests for computerFileSize
3. use computerFileSize to validate user quota
Signed-off-by: Artur Neumann <info@individual-it.net>
Jan-Christoph Borchardt
Abijeet
splitt3r
blizzz
Bjoern Schiessle
Daniel Calviño Sánchez
John Molakvoæ (skjnldsv)
Morris Jobke
Marin Treselj
Julius Härtl
Patrik Kernstock
Roeland Jago Douma
Lukas Reschke
Christoph Wurst
Robin Appelman
Joas Schilling
Vincent Petry
Felix Heidecke
Artur Neumann
m3ntalsp00n
Marius Blüm
Patrick Paysant