That leads to a false positive is not setup via query() but directly warning for every app because
the check does not work anymore.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.
This also removes and empty lines from method/function bodies at the
beginning and end.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
The external shares entry showed a "button" that, when pressed, replaced
the button with the input to set the remote share address. The "button"
was actually a label for the input, so when the label was focused it
transferred the focus to the input and thus pressing enter or space did
not show the input. Moreover, inputs inside links are not valid HTML,
and once shown there was no way to hide the input again.
Due to all this, and for consistency with the direct link input, the
external share input was moved to a different menu item that is shown
and hidden when the button, which nows is also a real button, is
clicked.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
this is triggerd (and not cought by the query arm) if an item from an app is queried before the app queries it's own Application instance
Signed-off-by: Robin Appelman <robin@icewind.nl>
The reflect method is (and should) only every be called internally.
Since if you call it again it would otherwise start mixing and matching
arguments etc.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
If there is no policy set we just take the default empty ones.
That way no obscure errors get thrown if the constructor is not called.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This adds the events and the classes to modify the feature policy.
It also adds a default restricted feature policy.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
If the token doesn't match (or isn't set) during the redirect. We should
properly set it. Else we might redirect to a later auth display that set
these values.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
For #14179
By default responses should have the strictest (and simplest) CSP
possible. Only template responses should require an actual CSP.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This for now uses the jsNonce. That way we can easily backport it.
For 17 I will fix it properly.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This can be used by pages that do not have the full Nextcloud UI.
So notifications etc do not load there.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Fixes#13662
This will fire of an event after a Template Response has been returned.
There is an event for the generic loading and one when logged in. So
apps can chose to load only on loged in pages.
This is a more generic approach than the files app event. As some things
we might want to load on other pages as well besides the files app.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Roeland Jago Douma
Clement Wong
Daniel Kesselberg
Christoph Wurst
Joas Schilling
Christoph Wurst
Pavel Krasikov
TimObert
Daniel Calviño Sánchez
Roeland Jago Douma
Julius Härtl
Robin Appelman
Marius David Wieschollek