Commit Graph

23309 Commits

Author SHA1 Message Date
Thomas Müller 214fa44400 Merge pull request #14534 from owncloud/add-child-src
Add support for 'child-src' directive
2015-03-10 10:30:44 +01:00
Jenkins for ownCloud e069d9d3f9 [tx-robot] updated from transifex 2015-03-10 01:55:39 -04:00
Thomas Müller c8ed88f4d6 Merge pull request #14689 from owncloud/better-missing-resource-handling
Log errors and create 404 in network list when a css or js is missing
2015-03-09 23:33:25 +01:00
Thomas Müller 2f61884956 Merge pull request #14753 from owncloud/verify-csrf-token-earlier
Verify CSRF token already in update.php and not the EventSource code
2015-03-09 23:06:15 +01:00
Morris Jobke 94b7fa17c5 Merge pull request #14720 from owncloud/fix-shareetagpropagation
Fix size propagation over shared storage boundary
2015-03-09 16:24:06 +01:00
Morris Jobke d34662122d Merge pull request #14429 from owncloud/issue/14176-validate-timezone-before-using
Etc timezones don't exist for .5 and .75 offsets
2015-03-09 16:16:16 +01:00
Vincent Petry ec19d9c267 Add unit test for size propagation across share boundaries 2015-03-09 12:56:22 +01:00
Joas Schilling 01cd83a902 Merge pull request #14713 from owncloud/issue/14671-preview-delete-check-for-valid-fileid
Check whether the file id is valid, before using it to delete the previews
2015-03-09 11:56:46 +01:00
Joas Schilling a12e16e985 Check whether the file id is valid, before using it to delete the previews 2015-03-09 11:25:18 +01:00
Lukas Reschke c0a02f1615 Verify CSRF token already in update.php and not the EventSource code
Issue report:
> Hum, well I upgraded the package then visited the web interface to
trigger the update and it failed; the UI would say there was a
possible CSRF attack and after that it'd be stuck in maintenance mode.
Tried a few times (by editing maintenance to false in owncloud.conf)
and same result each time.

That smells partially like an issue caused by our EventSource implementation, due to legacy concerns the CSRF verification happens within the EventSource handling and not when the actual endpoint is called, what happens here then is:

1. User has somehow an invalid CSRF token in session (or none at all)
2. User clicks the update button
3. Invalid CSRF token is sent to update.php - no CSRF check there => Instance gets set in maintenance mode
4. Invalid CSRF token is processed by the EventSource code => Code Execution is stopped and ownCloud is stuck in maintenance mode

I have a work-around for this problem, basically it verifies the CSRF token already in step 3 and cancels execution then. The same error will be shown to the user however he can work around it by refreshing the page – as stated by the error. I think that’s an acceptable behaviour for now: INSERT LINK

To verify this test:

1. Delete your ownCloud cookies
2. Increment the version in version.php
3. Try to upgrade
=> Before the patch: Instance shows an error, is set to upgrade mode and a refresh does not help
=> After the patch: Instance shows an error, a refresh helps though.

This is not really the best fix as a better solution would be to catch such situations when bootstrapping ownCloud, however, I don’t dare to touch base.php for this sake only, you never know what breaks then…

That said: There might be other bugs as well, especially the stacktrace is somewhat confusing but then again it installing ownCloud under /usr/share/owncloud/ and I bet that is part of the whole issue ;-)
2015-03-09 10:07:30 +01:00
Thomas Müller fccede8f50 Merge pull request #14750 from owncloud/possible-fix-for-OC_Version
proper filename for "require version.php"
2015-03-09 09:55:21 +01:00
Morris Jobke 348fe105b1 Merge pull request #14706 from owncloud/ldap-reset-paged-search-on-null-limit
LDAP: set up paged search even if limit is 0
2015-03-09 08:12:25 +01:00
Morris Jobke d550143ba0 proper filename for "require version.php" 2015-03-09 08:03:28 +01:00
Morris Jobke 674654c210 Merge pull request #14743 from owncloud/autoconfig-password
Convert 'abcpassword' to 'abcpass' during setup
2015-03-09 07:54:22 +01:00
Jenkins for ownCloud 174f8cef64 [tx-robot] updated from transifex 2015-03-09 01:54:36 -04:00
Jenkins for ownCloud 377165ae51 [tx-robot] updated from transifex 2015-03-08 01:54:36 -05:00
Robin McCorkell f43b047636 Convert 'abcpassword' to 'abcpass' during setup
This allows autoconfig files to use 'dbpassword' instead of 'dbpass', which
is more consistent with config.php
2015-03-07 13:10:43 +00:00
Jenkins for ownCloud 73c2157171 [tx-robot] updated from transifex 2015-03-07 01:54:37 -05:00
Morris Jobke 81dc550af0 Merge pull request #14736 from owncloud/errors-list
adjust list of errors, more compact and readable
2015-03-06 23:13:44 +01:00
Lukas Reschke 60c507cd4e Merge pull request #14722 from owncloud/master-14711
Fix totally broken AppStore code...
2015-03-06 18:52:12 +01:00
Thomas Müller a77a6f3b48 Merge pull request #14734 from owncloud/unit-test-insertIfNotExist
[sqlite] Use an atomic implementation on sqlite for insertIfNotExist() + use it in the file cache ...
2015-03-06 18:20:22 +01:00
Thomas Müller 1b08b7c726 use insertIfNotExist() in cache put 2015-03-06 15:32:58 +01:00
Jan-Christoph Borchardt db02edd7c8 adjust list of errors, more compact and readable 2015-03-06 15:27:21 +01:00
Thomas Müller 4e37831d85 Fix PHPDoc on the way .... 2015-03-06 14:54:57 +01:00
Thomas Müller 987b683895 Use an atomic implementation on sqlite for insertIfNotExist() 2015-03-06 14:54:54 +01:00
Jenkins for ownCloud d11f040720 [tx-robot] updated from transifex 2015-03-06 01:54:52 -05:00
Lukas Reschke d5a8225c0e Fix totally broken AppStore code...
As it turned out the AppStore code was completely broken when it came from apps delivered from the appstore, this meant:

1. You could not disable and then re-enable an application that was installed from the AppStore. It simply failed hard.
2. You could not disable apps from the categories but only from the "Activated" page
3. It did not show the activation state from any category page

This code is completely static and thus testing it is impossible. We really have to stop with "let's add yet another feature in already existing static code". Such stuff has to get refactored first.

That said, this code works from what I can say when clicking around in the AppStore page GUI. However, it may easily be that it does not work with updates or whatsever as I have no chance to test that since the AppStore code is not open-source and it is impossible to write unit-tests for that.

Fixes https://github.com/owncloud/core/issues/14711
2015-03-06 00:16:17 +01:00
Vincent Petry 4322287fc3 Fix size propagation over shared storage boundary 2015-03-05 22:23:47 +01:00
Arthur Schiwon 42d3ed47e2 set up paged search when limit is 0 2015-03-05 13:15:21 +01:00
Lukas Reschke 9f5433c0c3 Merge pull request #13368 from owncloud/memcache_lowlatency
Refactor \OC\Memcache\Factory
2015-03-05 13:05:17 +01:00
Robin McCorkell 78819da3bf \OC\Memcache\Cache implements \OCP\ICache 2015-03-05 11:36:34 +00:00
Robin McCorkell 0e4933e6d2 Refactor \OC\Memcache\Factory
Caches divided up into two groups: distributed and local. 'Low latency' is an
alias for local caches, while the standard `create()` call tries to get
distributed caches first, then local caches.

Memcache backend is set in `config.php`, with the keys `memcache.local` and
`memcache.distributed`. If not set, `memcache.distributed` defaults to the value
of `memcache.local`.
2015-03-05 11:36:34 +00:00
Jenkins for ownCloud 7e0fd8fb50 [tx-robot] updated from transifex 2015-03-05 01:56:35 -05:00
Morris Jobke bb3901e87a Merge pull request #14691 from owncloud/karma-forcejasmine2
Make sure we use Jasmine 2 for running JS unit tests
2015-03-04 20:36:49 +01:00
Morris Jobke cffc256479 Merge pull request #14672 from Crote/master
Add --show-password option to ldap:show-config
2015-03-04 20:21:14 +01:00
Joas Schilling 716ba49a82 Log errors and create 404 in network list when a css or js is missing 2015-03-04 17:56:33 +01:00
Vincent Petry d772bc56e7 Merge pull request #14693 from owncloud/fix-phpdoc
Fix PHPDoc
2015-03-04 17:55:24 +01:00
Lukas Reschke cdced56f2b Fix PHPDoc
That apparently went lost when changing the signature.
2015-03-04 15:35:41 +01:00
Vincent Petry e56727e27b Merge pull request #14690 from owncloud/trash-deletelink-unittest
Add unit test for selection overlay actions in trashbin
2015-03-04 14:50:11 +01:00
Laurens Post 8149217371 Add --show-password option to ldap:show-config 2015-03-04 14:15:33 +01:00
Vincent Petry 2a5f6a6448 Make sure we use Jasmine 2 for running JS unit tests 2015-03-04 13:50:59 +01:00
Vincent Petry 3f6e7d6a43 Add unit test for selection overlay actions in trashbin 2015-03-04 13:49:19 +01:00
Morris Jobke 299bcf749a Merge pull request #14685 from owncloud/test-noop-scanner
Add a test for ObjectStore\NoopScanner
2015-03-04 13:19:41 +01:00
Thomas Müller 2831a1790c Merge pull request #14675 from owncloud/files-external-smb-windows
adding a windows smb config for testing to ci
2015-03-04 12:27:59 +01:00
Joas Schilling 294724b5da Add a test for ObjectStore\NoopScanner 2015-03-04 11:48:31 +01:00
Morris Jobke f507601e25 Merge pull request #14582 from rullzer/avatar_fixes
Avatars in share dialog fixes
2015-03-04 10:30:09 +01:00
Robin McCorkell ed4dc4db07 Fix slash normalization error in AmazonS3Migration unit test
Since aa821ecc00 leading and trailing slashes are
trimmed in the file cache paths
2015-03-04 09:22:21 +00:00
Vincent Petry aa11b83158 Merge pull request #14682 from owncloud/issue/14681-noop-scanner-outdated
Update scanFile() and scanChildren() to the new signature of the parent ...
2015-03-04 10:07:42 +01:00
Morris Jobke ac10441600 Merge pull request #14326 from owncloud/remove-unnessary-backslashes-from-translation
Remove unnecessary backslashes from translations
2015-03-04 09:58:42 +01:00
Morris Jobke f1d74e8803 Merge pull request #14651 from owncloud/add-some-headers-to-htaccess-for-my-best-friend-jenkins
Let users configure security headers in their Webserver
2015-03-04 09:36:01 +01:00