Lukas Reschke
c385423d10
Merge pull request #479 from nextcloud/add-bruteforce-throttler
...
Implement brute force protection
2016-07-21 00:31:02 +02:00
Lukas Reschke
ba4f12baa0
Implement brute force protection
...
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.
It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Lukas Reschke
020a2a6958
Merge pull request #476 from nextcloud/port-same-site-cookies
...
[master] Port Same-Site Cookies to master
2016-07-20 21:35:02 +02:00
Lukas Reschke
a299fa38a9
[master] Port Same-Site Cookies to master
...
Fixes https://github.com/nextcloud/server/issues/50
2016-07-20 18:37:57 +02:00
Morris Jobke
e9c85e02ac
Merge pull request #462 from nextcloud/master-explode
...
[master] Use explode() instead of split()
2016-07-20 18:31:11 +02:00
Klaas Freitag
99316ec02c
Show app name in error message if app could not be loaded. ( #25441 )
2016-07-20 15:16:16 +02:00
Lukas Reschke
4f90447150
[master] Use explode() instead of split()
...
Sync from https://github.com/owncloud/core/pull/25488
2016-07-20 14:36:39 +02:00
Björn Schießle
ea470f8777
Merge pull request #405 from nextcloud/theming-fixes
...
Theming fixes
2016-07-18 15:59:47 +02:00
Roeland Jago Douma
72464f1ce4
Remove asset pipelin
...
Fixes #215
The asset pipeline has shown to do more harm than good. Some apps fail
hard with it. Also it makes sure that you download a huge file on each
unvisited page.
2016-07-15 20:14:11 +02:00
Joas Schilling
2c988ecbf4
Use the themed Defaults everywhere
2016-07-15 09:17:30 +02:00
Morris Jobke
c2d88a08b7
Remove unneeded checks if it runs on a Windows machine
...
* the setup check is still there
2016-07-08 15:55:17 +02:00
Lukas Reschke
27b699bdbc
Migrate logic to dynamic controller
...
Also adds support for having custom login backgrounds
2016-06-27 10:26:23 +02:00
Bjoern Schiessle
10f6ca20bc
write theme settings to database
2016-06-27 10:26:22 +02:00
Lukas Reschke
7a9d60d87e
Merge remote-tracking branch 'upstream/master' into master-upstream-sync
2016-06-26 12:55:05 +02:00
Christoph Wurst
7f22aeb5d6
redirect to new login route ( #25099 )
...
* redirect to new login route
* encode anchor in url and restore it client-side
2016-06-21 16:14:51 +02:00
Morris Jobke
e95c15e53a
fix more strings
2016-06-20 13:14:24 +02:00
Arthur Schiwon
42c66efea5
Merge branch 'master' of https://github.com/owncloud/core into downstream-160611
2016-06-11 15:34:43 +02:00
Christoph Wurst
7b3dc806eb
Check 2FA state for raw php files too
2016-06-10 09:52:52 +02:00
Arthur Schiwon
a636e4ff28
Downstream 2016-06-09
...
Merge branch 'master' of https://github.com/owncloud/core into downstream-160609
2016-06-09 18:45:12 +02:00
blizzz
51fd2602a7
Revert "Downstream 2016-06-08"
2016-06-09 17:41:57 +02:00
Vincent Petry
6ba18934e6
Merge pull request #25000 from owncloud/fix-email-login-dav
...
Allow login by email address via webdav as well
2016-06-09 16:28:06 +02:00
Robin Appelman
bee918693a
dissalow symlinks in local storages that point outside the datadir
2016-06-09 14:00:01 +02:00
Thomas Müller
f20c617154
Allow login by email address via webdav as well - fixes #24791
2016-06-09 12:08:49 +02:00
Vincent Petry
90c1ec1c49
Merge pull request #25014 from owncloud/admin-datadircheck-fix
...
Use temporary htaccesstest.txt for data dir security check
2016-06-09 11:58:28 +02:00
Jan-Christoph Borchardt
81145ee57c
THIS IS NEXTCLOUD! adjusting the design
2016-06-08 17:02:18 +02:00
Vincent Petry
fb087a0261
Use temporary htaccesstest.txt for data dir security check
2016-06-07 18:36:13 +02:00
Robin Appelman
7b1b723e5b
dissalow symlinks in local storages that point outside the datadir
2016-06-07 14:01:53 +02:00
Lukas Reschke
deef15a3c7
Remove "Help" link from personal sidebar
...
At the moment we want to hide the help link from the personal sidebar as it contains the original ownCloud documentation.
Once we have our own documentation with our proper branding and so on we can reenable this.
2016-06-06 18:40:15 +02:00
Joas Schilling
7d31ae9909
Fix second check for quota size ( #24989 )
2016-06-06 13:47:53 +02:00
Vincent Petry
53398b5146
Merge pull request #24936 from owncloud/2fa-block-ocs
...
block OCS if 2FA challenge needs to be solved first
2016-06-02 14:55:34 +02:00
Vincent Petry
f37d519d0d
Merge pull request #24946 from owncloud/issue-24943-duplicate-downgrade-unsupported-message
...
Do not show the hint when it's the same as the message
2016-06-02 10:40:53 +02:00
Joas Schilling
1d2cdfb9fd
Fix URL for client downloads
2016-06-01 16:58:57 +02:00
Joas Schilling
13892417c4
Do not show the hint when it's the same as the message
2016-06-01 13:34:57 +02:00
Christoph Wurst
3ec6f4e165
block OCS if 2FA challenge needs to be solved first
2016-06-01 11:19:49 +02:00
Vincent Petry
7b4459d28d
Merge pull request #24912 from owncloud/session-tokens-apache-auth
...
Create session tokens for apache auth users
2016-06-01 10:56:10 +02:00
Christoph Wurst
c58d8159d7
Create session tokens for apache auth users
2016-05-31 17:07:49 +02:00
Lukas Reschke
a23df94af1
Properly check for mbstring extension
...
mb_detect_encoding is in the fallback we ship in the polyfill library, mb_strcut is not. Thus this lead to a false positive and ownCloud would just break.
2016-05-31 08:12:36 +02:00
Lukas Reschke
aba539703c
Update license headers
2016-05-26 19:57:24 +02:00
Vincent Petry
51b0036d8f
Changed labels of chunk TTL to mention chunks
2016-05-24 15:18:56 +02:00
Vincent Petry
c9b26d065b
Move cache chunk TTL value to FileChunking class
...
This makes it less generic and only used for actual file chunking
2016-05-24 14:58:27 +02:00
Vincent Petry
adcf942901
Merge pull request #24750 from owncloud/lenz1111-share_download_range_requests_support
...
Http Range requests support in downloads
2016-05-23 21:01:26 +02:00
Piotr Filiciak
6577bbe887
Code style and doc fix
2016-05-23 15:17:00 +02:00
Piotr Filiciak
9999e05660
Http Range requests support in downloads
...
Http range requests support is required for video preview
2016-05-20 18:16:44 +02:00
Vincent Petry
db4c7fe743
Add encoding wrapper as opt-in mount option
...
The encoding wrapper is now only applied when the mount option is set,
disabled by default.
2016-05-20 09:33:59 +02:00
Vincent Petry
63bbbf29f4
Add wrapper for NFD encoding workaround
2016-05-20 09:33:59 +02:00
Roeland Douma
5c9103287f
Group fixup ( #24621 )
...
* Move used OC_Group_xx to \OC\Group
* Add (deprecated) legacy wrapper in legacy, OC_Group_xx
* Replace deprecated use of OC_Group_xx with \OC\Group\xx
2016-05-17 16:06:44 +02:00
Roeland Jago Douma
eb79b83831
Move functions.php to legacy
...
This file should really be properly namespaced etc!
2016-05-13 08:54:07 +02:00
Roeland Douma
9b05f37fad
lib/private/ocs to PSR-4 ( #24558 )
...
* Move OC_OCS_XX to legacy
* Move \OC\OCS to PSR-4
* OC_OCS_xx to \OC\OCS\xx
* Moved OC_OCS_xx to proper namespace
* OC_OCS_xx is still there for legacy reasons as a wrapper
* No calls to OC_OCS_xx in \OC\OCS\
2016-05-12 09:43:53 +02:00
Thomas Müller
8729415880
Merge pull request #24531 from owncloud/psr4-loading-for-install-and-commands
...
Correctly register PSR-4 autoloading before install.php and loading commands
2016-05-11 13:53:16 +02:00
Christoph Wurst
46bdf6ea2b
fix PHPDoc and other minor issues
2016-05-11 13:36:46 +02:00