Adding a check to see if keyFileContents is empty:
* this fixes a download error and an exception if the data content
for encryption is empty
* #3958: for recovering encrypted files with a damaged signature
this is necessary in addition to turning the signature check off
Signed-off-by: Stefan Weiberg <sweiberg@suse.com>
In 2f87fb6b45 this header was introduced. The referenced documentation says:
> When delivered with a response from https://example.com/clear, the following header will cause cookies associated with the origin https://example.com to be cleared, as well as cookies on any origin in the same registered domain (e.g. https://www.example.com/ and https://more.subdomains.example.com/).
This also applies if `https://nextcloud.example.com/` sends the `Clear-Site-Data: "cookies"` header.
This is not the behavior we want at this point!
So I removed the deletion of cookies from the header. This has no effect on the logout process as this header is supported only recently and the logout works in old browsers as well.
Signed-off-by: Patrick Conrad <conrad@iza.org>
(cherry picked from commit 1806baaeaf)
The custom handler for "URL changed" events were added to reload the
file list whenever the sections for favorites and shares were opened;
this was used to fix the problem of not reloading the file lists when
opening them for a second time. However, besides that the handlers were
not really necessary, and as the root of the bug was fixed in the
previous commit those handlers are now removed.
The file list for tags uses the handler for a different purpose, though,
so that one was kept.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
When a section is open in the Files app a "show" event is triggered.
File list objects handle that event by reloading themselves, but only
if the file list was shown at least once. However, the file list objects
of plugins are created when the "show" event is triggered for the first
time for their section; as the file list objects register their handler
for the "show" event when they are created they never handle the first
triggered "show" event, as the handler is set while that event is being
already handled. Therefore, from the point of view of the handler, the
second time that a "show" event was triggered it was seen as if the file
list was shown for the first time, and thus it was not reloaded. Now the
"shown" property is explicitly set for those file lists that are created
while handling a "show" event, which causes them to be reloaded as
expected when opening their section again.
Note that it is not possible to just reload the file list whenever it is
shown; the file list is reloaded also when the directory changes, and
this can happen when the web page is initially loaded and the URL is
parsed. In that case, if file lists were reloaded when shown for the
first time then it could be reloaded twice, one with the default
parameters due to the "show" event and another one with the proper
parameters once the URL was parsed, and the files that appeard in the
list would depend on which response from the server was received the
last.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Before it quit right after finding the theme version of the l10n file which results in a not translated part of the UI.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
The old code would emit the hooks twice. Thus having the version written
twice. Which is not very performant as it is first read twice as well.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Fixes#10852
A quick hack. Still ensures some type safety however now also accepts
null. Else we'd need to add a whole new layer of middlewares.
This can only happen when a guest user wants to access a controller that
requries the user_id.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This was the error message that we have seen:
```
Argument 1 passed to OC\\Share20\\Share::setSendPasswordByTalk() must be of the type boolean, null given, called in apps/sharebymail/lib/ShareByMailProvider.php on line 981
```
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Fixes#11637
If we do not normalize the unjailed path we might end up with a path
like files/user/folder/. which can break on objectstores
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
When "session_lifetime" can not be converted to a number the interval
becomes a NaN due to dividing it by 2. This NaN was "dragged" over all
the other mathematical operations and caused the csrftoken to be got
again and again due to an infinite loop with no pauses in "setInterval".
Now, the interval is set to the default value instead if the
"session_lifetime" can not be converted to a number.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>