Bjoern Schiessle
5549641f1f
improve error messages displayed to the user
2015-05-27 21:00:02 +02:00
Thomas Müller
07c6e523b1
Merge pull request #16565 from owncloud/add-urandom-check
...
Add check for availability of /dev/urandom
2015-05-26 16:53:11 +02:00
Lukas Reschke
bc6d17ed74
Add check for availability of /dev/urandom
...
Without /dev/urandom being available to read the medium RNG will rely only on the following components on a Linux system:
1. MicroTime: microtime() . memory_get_usage() as seed and then a garbage collected microtime for loop
2. MTRand: chr((mt_rand() ^ mt_rand()) % 256)
3. Rand: chr((rand() ^ rand()) % 256)
4. UniqId: Plain uniqid()
An adversary with the possibility to predict the seed used by the PHP process may thus be able to predict future tokens which is an unwanted behaviour.
One should note that this behaviour is documented in our documentation to ensure that users get aware of this even without reading our documentation this will add a post setup check to the administrative interface.
Thanks to David Black from d1b.org for bringing this again to our attention.
2015-05-26 14:16:07 +02:00
Björn Schießle
f70c309c2d
Merge pull request #16561 from owncloud/add-default-timeout-back
...
Add connection timeout to default POST options
2015-05-26 12:23:57 +02:00
Vincent Petry
39c6a36488
Merge pull request #16532 from owncloud/cors-no-cookie-auth
...
Disallow cookie auth for cors requests
2015-05-26 12:12:04 +02:00
Björn Schießle
ab0747113c
Merge pull request #16452 from owncloud/enc_ftp_upload
...
always write file, if fseek doesn't work we write the whole file
2015-05-26 12:02:41 +02:00
Thomas Müller
3babcd0344
Merge pull request #16339 from owncloud/master-override-channel
...
Allow change update channel via public API
2015-05-26 11:42:41 +02:00
Lukas Reschke
dff361dc5c
Add connection timeout to default POST options
...
Fixes https://github.com/owncloud/core/issues/16560
2015-05-26 11:22:50 +02:00
Vincent Petry
ce34edacfa
Merge pull request #16526 from owncloud/enc_fix_versions_webdav_upload
...
remove part file extension before we read a filekey
2015-05-22 16:42:52 +02:00
Bernhard Posselt
c8e3599cad
disallow cookie auth for cors requests
...
testing ...
fixes
fix test
add php doc
fix small mistake
add another phpdoc
remove not working cors annotations from files app
2015-05-22 14:06:26 +02:00
Bjoern Schiessle
fef75e5417
remove part file extension before we read a filekey to reuse a existing key if possible, otherwise stuff like versioning will break
2015-05-22 12:12:31 +02:00
Bjoern Schiessle
5a20edac82
test to simulate a non-seekable stream wrapper
2015-05-21 14:15:26 +02:00
Vincent Petry
22968e806c
Get correct mimetype when moving and changing extension
...
Fixes issue when restoring folders from trash cross-storage, as such
folders have an extension ".d12345678".
Fixes issue when moving folders between storages and at the same time
changing their extension.
2015-05-21 10:57:58 +02:00
Morris Jobke
39d1e99228
Merge pull request #16322 from owncloud/trash-view
...
dont go trough the view when moving to trash
2015-05-20 14:44:01 +02:00
Vincent Petry
7386257676
Merge pull request #16075 from owncloud/skeleton-copy-delay
...
wait with copying the skeleton untill login and setupfs are done
2015-05-20 13:52:08 +02:00
Lukas Reschke
a62190a72d
Add support for disallowing domains to the ContentSecurityPolicy
...
For enhanced security it is important that there is also a way to disallow domains, including the default ones.
With this commit every method gets added a new "disallow" function.
2015-05-20 11:44:37 +02:00
Lukas Reschke
9be6d8cd39
Merge pull request #16446 from owncloud/fix-url-generation
...
Fix URL generation
2015-05-20 08:20:38 +02:00
Vincent Petry
f7a2b5e7a9
Added unit tests for download URL in public sharing page
2015-05-19 17:41:06 +02:00
Robin Appelman
2213d6597c
add tests for copyFromStorage with same storage
2015-05-19 17:30:32 +02:00
Scrutinizer Auto-Fixer
fdbc21fc6c
Scrutinizer Auto-Fixes
...
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
2015-05-19 11:23:06 +00:00
Morris Jobke
5f4e0863f5
Merge pull request #16420 from owncloud/update-useconfigtableprefix
...
Add unit test for migrator with different prefix
2015-05-19 12:19:46 +02:00
Thomas Müller
a52afb040a
Merge pull request #15965 from owncloud/conditional-logging
...
Conditional logging
2015-05-19 12:00:19 +02:00
Vincent Petry
fabdc4ba9d
Add unit test for migrator with different prefix
2015-05-19 10:43:14 +02:00
Björn Schießle
1c411baf17
Merge pull request #16412 from owncloud/jknockaert-patch-1
...
fix #16356
2015-05-18 19:26:40 +02:00
Clark Tomlinson
f9b6ee86cd
Merge pull request #16399 from owncloud/enc_rmdir_fix
...
[encryption] only try to delete file keys if it is a valid path
2015-05-18 11:09:36 -04:00
Bjoern Schiessle
1c500487ba
add a unit test to make sure that we don't try to read a file during a write operation
2015-05-18 17:00:54 +02:00
Björn Schießle
a1e60e7882
Merge pull request #15980 from owncloud/jknockaert-patch-1
...
fix bug #15973
2015-05-18 15:01:16 +02:00
Robin Appelman
724f88d9ff
fix tests
2015-05-18 12:11:32 +02:00
Robin Appelman
a5d652a6b8
fix tests
2015-05-18 12:11:31 +02:00
Robin Appelman
415f16eb24
fix tests
2015-05-18 12:11:31 +02:00
jknockaert
62e6c46216
correct testSeek
2015-05-18 11:55:48 +02:00
Bjoern Schiessle
efa674f10d
only try to delete file keys if it is a valid path
2015-05-18 11:54:51 +02:00
Vincent Petry
7e271012b2
Merge pull request #16243 from owncloud/error_if_download_failed
...
redirect to error page if download failed
2015-05-18 11:42:55 +02:00
jknockaert
9a71eddaf9
work on tests
...
Tests reorganised and extended
2015-05-18 11:32:29 +02:00
Morris Jobke
7ee3f99a4a
Merge pull request #16364 from owncloud/add-warning-webdav
...
Add notice that WebDAV interface is not intended for browsers
2015-05-18 11:28:47 +02:00
Bjoern Schiessle
887be709f5
a new approach to display the error message
2015-05-18 10:15:17 +02:00
Thomas Müller
257ee205bb
Merge pull request #15978 from owncloud/feature/fix-encryption-tooltips
...
[enc2]fixing recovery tooltip
2015-05-15 22:39:17 +02:00
Victor Dubiniuk
4c9734f630
Test overriding channel
2015-05-15 22:37:14 +03:00
Vincent Petry
246000f799
Merge pull request #16176 from owncloud/fix-provisioning-api-set-quota
...
Validate the quota value to be a correct value
2015-05-15 18:07:13 +02:00
Thomas Müller
8e61ad0872
Merge pull request #15811 from owncloud/exception-on-lost-ldap-connection
...
throw exception when LDAP Connection was lost
2015-05-15 17:32:07 +02:00
Thomas Müller
18661ceb63
do not execute integration tests when executing autotest.sh
2015-05-15 16:38:21 +02:00
Joas Schilling
0991c0cc02
Merge pull request #16292 from owncloud/webdav-storage-fireprehooks
...
Fire prehooks when uploading directly to storage
2015-05-15 15:08:27 +02:00
Vincent Petry
eab55aa959
Properly log out test users in unit tests
2015-05-15 12:33:17 +02:00
Lukas Reschke
54ef098867
Add unit tests for \OC\Connector\Sabre\DummyGetResponsePlugin
2015-05-15 09:08:10 +02:00
Vincent Petry
3cae0135ad
Fire prehooks when uploading directly to storage
2015-05-13 17:47:04 +02:00
Robin Appelman
4789e87a53
Merge pull request #16276 from owncloud/dav-quota-root
...
fix webdav quota check for the root of the dav endpoint
2015-05-13 14:43:02 +02:00
Vincent Petry
1f7df3eba8
Added unit test to quota plugin for free_space argument
2015-05-13 13:58:01 +02:00
Björn Schießle
fbe4b77c49
Merge pull request #16228 from owncloud/enc_fix_restore
...
use hooks to update encryption keys
2015-05-12 13:10:16 +02:00
Morris Jobke
b11c0c533e
Merge pull request #16233 from owncloud/enc_fix_check_if_file_is_excluded
...
fix check if a file is excluded from encryption
2015-05-12 09:12:38 +02:00
Clark Tomlinson
9727386d8b
fixing test
2015-05-11 09:38:23 -04:00