This makes it possible to retrieve the icon for mimetypes in javascript.
It makes no additional queries to the server to retrieve the mimetype.
* config/mimetypealiases.json added
* mimetype.js: this is where the logic resides to convert from mimetype
to icon url
* mimetypelist.js: generated file with a list of mimetype mapping (aliases)
and the list of icon files
* ./occ maintenance:mimetypesjs : new command for occ to gernerate
mimetypes.js
* unit tests updated and still work
* javascript tests added
* theming support
* folder of the theme is now present in javascript (OC.theme.folder)
This aligns the recommended setting with the max-age of `15768000` as described in our documentation. Furthermore it fixes some logical problems with the code, unit tests has been added as well.
Fixes https://github.com/owncloud/core/issues/16673
* A list of recipients can now be properly formatted with remote shares.
Before the shares where simply shown in full in the "Shared with others"
section.
* Unit tests updated and added
Without /dev/urandom being available to read the medium RNG will rely only on the following components on a Linux system:
1. MicroTime: microtime() . memory_get_usage() as seed and then a garbage collected microtime for loop
2. MTRand: chr((mt_rand() ^ mt_rand()) % 256)
3. Rand: chr((rand() ^ rand()) % 256)
4. UniqId: Plain uniqid()
An adversary with the possibility to predict the seed used by the PHP process may thus be able to predict future tokens which is an unwanted behaviour.
One should note that this behaviour is documented in our documentation to ensure that users get aware of this even without reading our documentation this will add a post setup check to the administrative interface.
Thanks to David Black from d1b.org for bringing this again to our attention.
This did not happen correctly when the password was enforced since a
different code path was taken.
* moved generation of the default date string to separate function
* added unit test
Calculating the URL is error-prone as it doesn't work when for example `public.php` is requested and might even be harmful as it could leak sensitive information.
Since `oc.js` is even available when maintenance mode is available it is better to use the global `OC.webroot` that is not controlled by any user.
* instead of a static rendering inside PHP use the
JS OC.Notification.showTemporary to hide the
notification after 7 seconds automatically
* fixes#14811
Vincent Petry
Roeland Jago Douma
Lukas Reschke
Morris Jobke
Hendrik Leppelsack
Thomas Müller
Olivier Paroz
Jan-Christoph Borchardt
Craig Morrissey
Joas Schilling
Joas Schilling