Commit Graph

68 Commits

Author SHA1 Message Date
Thomas Müller 9f25745649 Fix single file download - fixes #19614 2015-10-07 13:15:58 +02:00
Thomas Müller 319e61f0ea Merge pull request #19407 from owncloud/lock-zip-content
Lock zip content
2015-10-06 11:47:43 +02:00
Morris Jobke b945d71384 update licence headers via script 2015-10-05 21:15:52 +02:00
Thomas Müller be46cd6737 Refactor single file download into it's own method 2015-10-05 17:47:15 +02:00
Thomas Müller 57f841da2c Recursively lock folder contents 2015-10-05 17:31:37 +02:00
Thomas Müller 3bf818450a release locks in case of exception 2015-10-05 16:53:57 +02:00
Thomas Müller def8e0c12a log the exception during zip creation 2015-10-05 16:53:57 +02:00
Thomas Müller b5dce05cb6 Lock files which are zipped 2015-10-05 16:53:57 +02:00
Victor Dubiniuk 027fb4e3fe More corrections 2015-09-28 11:46:54 +02:00
Victor Dubiniuk 28df7be319 Add namespace. Fix broken zip 2015-09-28 11:46:54 +02:00
Victor Dubiniuk e3b95e8473 Introduce streamer 2015-09-28 11:46:53 +02:00
Nicolai Ehemann 6c6be72e6b use zipstreamer via composer 2015-09-14 15:33:28 +02:00
Nicolai Ehemann be2023dae3 lib/private/files.php: adapted to minimally changed ZipStreamer API 2015-09-14 12:57:50 +02:00
Lukas Reschke 84797023ed Remove XSendFile support
Required to ensure proper locking
2015-09-07 16:52:50 +02:00
Robin McCorkell aac84f732d Unit test OC_Files::setUploadLimit()
There was also a bug with checking the upper limit on the passed upload
size. PHP does funny things with integer vs float comparisons, so our
check didn't work. Now the check is much simpler, and ensures the value
is sane.
2015-07-20 15:03:09 +01:00
Robin McCorkell d3bcafe618 Update .user.ini when setting upload size limit 2015-07-20 12:52:43 +01:00
Thomas Müller d3ac73c0c9 Remove OC_Log 2015-07-03 18:00:16 +02:00
Lukas Reschke d1f0ff372e Merge pull request #17163 from owncloud/update-licenses
Update license headers
2015-06-27 20:22:23 +02:00
Morris Jobke f63915d0c8 update license headers and authors 2015-06-25 14:13:49 +02:00
Thomas Müller c74c8eff3a Enable x-sendfile only if we do not lock the file system 2015-06-22 12:07:53 +02:00
Vincent Petry a9bca9e3aa Lock file before download
This will throw a LockedException if a concurrent request is currently
touching that file.
2015-06-18 12:05:26 +02:00
Lukas Reschke 8ce3d6ea57 End processing when file is not found
We have to end the processing when a file is not found or otherwise the method is proceeding and even sending invalid file paths to the sendfile methods.

Due to nginx preventing directory traversals this is luckily not immediately exploitable. We should for hardening purposes however quit the script execution just as we do for 403 cases and others as well.
2015-05-22 11:53:02 +02:00
Bjoern Schiessle 887be709f5 a new approach to display the error message 2015-05-18 10:15:17 +02:00
Thomas Müller 00338f9dca Removing files_encryption left overs 2015-04-07 13:30:28 +02:00
Thomas Müller 3bf269e565 Merge pull request #15229 from owncloud/response-setContentLengthHeader
Add OC_Response::setContentLengthHeader() for Apache PHP SAPI workaround...
2015-04-03 22:51:36 +02:00
Robin McCorkell ab991458ad Require minimum 1 MiB upload limit 2015-03-27 23:43:35 +00:00
Thomas Müller a8b756154a Merge pull request #14495 from owncloud/update-mailmap-01
Updating .mailmap
2015-03-26 17:17:18 +01:00
Andreas Fischer 0f58315543 Add OC_Response::setContentLengthHeader() for Apache PHP SAPI workaround.
Do not send Content-Length headers with a value larger than PHP_INT_MAX
(2147483647) on Apache PHP SAPI 32-bit. PHP will eat them and send 2147483647
instead.

When X-Sendfile is enabled, Apache will send a correct Content-Length header,
even for files larger than 2147483647 bytes. When X-Sendfile is not enabled,
ownCloud will not send a Content-Length header. This prevents progress bars
from working, but allows the actual transfer to work properly.
2015-03-26 16:37:38 +01:00
Jenkins for ownCloud b585d87d9d Update license headers 2015-03-26 11:44:36 +01:00
dratini0 d4e5ef4f38 Removed simplified X-accel-redirect even further 2015-03-23 17:51:12 +01:00
dratini0 c432b52c74 Changed the disputed while loop to a single if. 2015-03-23 16:12:03 +01:00
Morris Jobke 06aef4e8b1 Revert "Updating license headers"
This reverts commit 6a1a4880f0.
2015-02-26 11:37:37 +01:00
Jenkins for ownCloud 6a1a4880f0 Updating license headers 2015-02-23 12:13:59 +01:00
dratini0 10e13b172a Extending the X-accel redirect functionality with a more scalable approach. 2015-02-11 22:19:22 +01:00
dratini0 b1594ad1df Revert "Fix: X-Accel-Redirect did not support custom data dir and local mounts"
This reverts commit f2075f803f.
2015-02-11 22:19:22 +01:00
dratini0 80032ec301 Revert "removed a little duplication"
This reverts commit 31970ee740.
2015-02-11 22:19:22 +01:00
dratini0 31970ee740 removed a little duplication 2014-12-30 22:36:13 +01:00
dratini0 f2075f803f Fix: X-Accel-Redirect did not support custom data dir and local mounts 2014-12-30 22:07:04 +01:00
Joas Schilling 8e28bf012c Move constants from GET_TYPE to OC\Files so they can be autoloaded 2014-11-26 12:56:54 +01:00
Lukas Reschke b3a04840b5 Add type hinting to functions
It's only reasonable to have proper type hinting here which might even help us to catch bugs.
2014-10-24 14:13:40 +02:00
Lukas Reschke 8fc1a9f5a9 Make 404 page easier to understand
Fixes https://github.com/owncloud/core/issues/11133
2014-09-17 22:57:32 +02:00
Lukas Reschke 312ed18d15 Use secure mimetype for content delivery
Adds some hardening against potential CSP bypassed.
2014-09-08 15:57:39 +02:00
Morris Jobke 57ef089aac drop allowZIPdownload and maxZIPSize as options 2014-06-02 16:29:03 +02:00
Robin McCorkell a7ae2e874a Squash 'a | b' into 'a|b', in /lib 2014-05-13 19:08:14 +01:00
Vincent Petry d16bb09aed Merge pull request #8045 from josh4trunks/nginx_x-accel_send_uri
Send URI instead of filepath to NGINX for X-Accel
2014-05-06 18:41:06 +02:00
Morris Jobke 623161b9a9 Merge pull request #8023 from flyser/master
Fix setting the max-upload-size for really large values.
2014-05-03 11:49:38 +02:00
Lukas Reschke 81c23b02da Link to previous directory 2014-04-16 21:10:14 +02:00
Lukas Reschke 2bda3f9ae0 Use direct link instead of JS
Due to our CSP policy this link won’t work as it it considered as
inline Javascript.

This commit replaces the link with a static link to the files app.

Reimplementation of #8067 - fixes #7742
2014-04-14 20:16:52 +02:00
josh4trunks 9b4643f386 Send URI instead of filepath to NGINX for X-Accel 2014-04-03 20:46:54 -07:00
Fabian Henze 7cdb16979a Fix setting the max-upload-size for really large values.
php can only parse filesize units up to gigabytes, not terabytes or petabytes.
2014-04-03 01:17:28 +02:00