38b3ac8213
Add ContentSecurityPolicyNonceManager
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 16:35:31 +02:00
9e6634814e
Add support for CSP nonces
...
CSP nonces are a feature available with CSP v2. Basically instead of saying "JS resources from the same domain are ok to be served" we now say "Ressources from everywhere are allowed as long as they add a `nonce` attribute to the script tag with the right nonce.
At the moment the nonce is basically just a `<?php p(base64_encode($_['requesttoken'])) ?>`, we have to decode the requesttoken since `:` is not an allowed value in the nonce. So if somebody does on their own include JS files (instead of using the `addScript` public API, they now must also include that attribute.)
IE does currently not implement CSP v2, thus there is a whitelist included that delivers the new CSP v2 policy to newer browsers. Check http://caniuse.com/#feat=contentsecuritypolicy2 for the current browser support list. An alternative approach would be to just add `'unsafe-inline'` as well as `'unsafe-inline'` is ignored by CSPv2 when a nonce is set. But this would make this security feature unusable at all in IE. Not worth it at the moment IMO.
Implementing this offers the following advantages:
1. **Security:** As we host resources from the same domain by design we don't have to worry about 'self' anymore being in the whitelist
2. **Performance:** We can move oc.js again to inline JS. This makes the loading way quicker as we don't have to load on every load of a new web page a blocking dynamically non-cached JavaScript file.
If you want to toy with CSP see also https://csp-evaluator.withgoogle.com/
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 12:27:50 +02:00
71830b285c
Svgo optimization
...
Signed-off-by: John Molakvoæ <fremulon@protonmail.com>
2016-09-27 20:56:26 +02:00
aacaf7a568
Add icon for the theming app
2016-09-07 01:23:53 +02:00
67408c3f63
Add image URLs and tests
2016-09-06 08:55:22 +02:00
1d834bd49e
Add theming information to capabilities for the client
2016-09-05 14:27:19 +02:00
011364317a
Fix ThemingDefaults getMock deprecation
2016-08-31 20:33:18 +02:00
0e8b138534
Theming: Show loading spinner while uploading files
2016-08-30 06:40:41 +02:00
d43c9b9e79
Theming: fix primary button for bright colors
2016-08-29 19:07:27 +02:00
7e1a690059
Update AdminTest.php
2016-08-29 01:47:23 -07:00
e13cd289cb
Update Admin.php
2016-08-28 18:02:45 -07:00
683f0e7f77
Use temporary file as cache
2016-08-27 21:38:41 +02:00
73bc108451
Increase theming performance
...
1. Set proper caching headers (`Pragma: cache`)
2. Resize image proportionally to a max size of 1920px
3. Store images with progressive mode
This resizes a previous 2.8 MB picture to 300kb and makes it rendering going down from 11 seconds to less than 1 here. And future requests won't have to download the file newly.
2016-08-27 21:02:08 +02:00
d7f0a970ae
Theming: Preview for page title
2016-08-26 18:21:05 +02:00
53725d4d15
Merge pull request #771 from nextcloud/theming-fixes
...
Theming: Fix missing color usage
2016-08-26 15:02:21 +02:00
3d38cb9570
Theming: Hide undo button on default values
2016-08-26 12:08:12 +02:00
d95aec2ed2
Theming: Add preview for login screen
2016-08-26 12:08:12 +02:00
218e2f7850
Theming: Adjust jquery ui elements
2016-08-26 12:07:52 +02:00
2b0ed6c27a
Theming: colorize primary buttons
2016-08-26 12:07:52 +02:00
044d7c3bb7
Merge pull request #1026 from nextcloud/theming-extend-defaults
...
Theming: Add logo and background to ThemingDefaults
2016-08-26 11:53:24 +02:00
60974de97b
Require a ThemingDefaults class again
2016-08-24 13:22:44 +02:00
c7c53aefb2
Use the lazy root to make tests pass 🙈
2016-08-24 09:52:05 +02:00
80fe499707
Theming: Add logo and background to ThemingDefaults
2016-08-24 00:40:22 +02:00
a065fee3ff
fixes registering of theming settings where server return OC_Defaults instead of ThemingDefaults
2016-08-22 12:02:06 +02:00
7ffb7b0d84
Use MockBuilder instead of createMock
...
CI uses an older PHPUnit
2016-08-15 16:43:22 +02:00
8a7a0f3287
Add unit tests
2016-08-15 16:25:34 +02:00
0fdf801c25
fix theming tests
2016-08-12 16:58:59 +02:00
0c15081279
rename remaining occurences of OCA/Theming/Template
2016-08-12 16:00:39 +02:00
18fd8ff70c
rename "Tenmplate" to "ThemingDefaults" to make the auto loader happy"
2016-08-12 15:32:28 +02:00
8261ccce1b
Merge branch 'master' into implement_712
2016-08-11 19:37:17 +02:00
36c1b7eb31
adjust Theming app
2016-08-11 17:29:58 +02:00
5f4e88ef6c
Theming: Add OCA.Theming Js for app interaction
2016-08-10 13:39:21 +02:00
ef17f8b3ba
Add css classes to allow app developers using the theming colors
2016-08-09 22:54:25 +02:00
dae6432ae7
Increment the versions and adjust the capitilization
2016-08-08 16:45:40 +02:00
dbf3ca5baf
Merge pull request #682 from nextcloud/fix-theming-logo
...
fix missing semicolon to fix themed logo on log in page
2016-08-01 19:50:42 +02:00
ad5e98c81a
fix missing semicolon to fix themed logo on log in page
2016-08-01 09:57:05 +02:00
13c19e5286
Validate the input of the theming options
2016-08-01 09:37:12 +02:00
5306b4feba
Fix tests
2016-07-28 17:49:08 +02:00
2de4112176
Update routes.php
2016-07-28 17:49:08 +02:00
2f574f60ec
Remove useless check
2016-07-28 17:49:08 +02:00
ba558664cf
Use the methods on the Response object
2016-07-28 17:49:08 +02:00
eec6986d7c
Use public API preferable
2016-07-28 17:49:08 +02:00
7efadf7b6b
Move classes to PSR-4
2016-07-28 17:49:08 +02:00
14ca7c9cdc
fix background id selector for the first run wizard
2016-07-28 16:32:39 +02:00
ee1be23b37
fix unit tests
2016-07-28 13:30:55 +02:00
be365b4975
re-use background color from theme in the firstrunwizard
2016-07-28 12:16:39 +02:00
583f86d90a
apply theme to the firstrunwizard
2016-07-28 12:15:33 +02:00
217b02aaa0
Theming: Cleanup and remove opacity from checkbox/radiobutton
2016-07-27 20:21:53 +02:00
cc457cd665
Theming: Generate colorized radio buttons dynamically
2016-07-27 20:00:23 +02:00
7ff19e342e
Theming: Colorize radio buttons and append new styles on preview
2016-07-27 20:00:23 +02:00
acd1172998
Theming: Clean up css generation and fix tests
2016-07-27 19:54:54 +02:00
d07f04e4f7
Theming: Colorize checkboxes depending on luminance
2016-07-27 19:45:57 +02:00
0acfbd5b47
Theming: Preview for colorized checkboxes
2016-07-27 19:45:57 +02:00
9ebe0c8d64
Colorize checkboxes depending on theming color
2016-07-27 19:45:57 +02:00
cc5ddcf537
Merge pull request #525 from nextcloud/fix-theme-logo-position
...
Fix theme logo position and shape
2016-07-26 10:46:13 +02:00
d58ff68531
Theming: Fix preview and center alignment of logo
2016-07-25 18:54:13 +02:00
dd1a5b9ac3
Fix search box overlapping on mobile ( #450 )
...
* fix searchbox overlapping on mobile
* also adjust log in background color in theme
* Fix unit tests
2016-07-22 15:38:37 +02:00
8457c617e0
Adjust tests
2016-07-22 14:58:30 +02:00
7400ff05ac
Also increase the min version
2016-07-22 14:46:52 +02:00
6062b6365b
bumb compatible app versions for core apps
2016-07-22 13:04:23 +02:00
183d4d8e99
Update themingcontroller.php
2016-07-22 12:25:58 +02:00
03cb588ea9
Merge pull request #500 from nextcloud/bump_version
...
Bump version
2016-07-22 10:03:42 +02:00
813f0a0f40
Fix apps/
2016-07-21 18:13:57 +02:00
86129a8b88
Increase app versions
2016-07-21 15:50:30 +02:00
ea470f8777
Merge pull request #405 from nextcloud/theming-fixes
...
Theming fixes
2016-07-18 15:59:47 +02:00
48ac845266
Theming: Fix image paths for caret icon
2016-07-16 09:18:34 +02:00
3f47138d27
Theming: Fix spaces in settings-admin.js
2016-07-15 14:45:05 +02:00
639be661c4
Theming: Add tests for inverted colors
2016-07-15 14:16:41 +02:00
387550be88
Theming: Implement swapping the foreground color for bright colors
2016-07-15 14:16:41 +02:00
ec6f696978
Add unit tests
2016-07-15 11:54:47 +02:00
f35b696a2d
Also load the theming app on CLI
2016-07-15 09:17:30 +02:00
e8d6621a24
Better handling of empty slogan
2016-07-15 08:49:16 +02:00
77071d07cf
Merge pull request #371 from nextcloud/implement-get-title
...
Implement "getTitle"
2016-07-11 21:57:52 +02:00
0fd770765f
Implement "getTitle"
...
Fixes https://github.com/nextcloud/server/issues/341
2016-07-11 19:36:26 +02:00
eceb0db4d2
Fix tests
2016-07-11 14:23:43 +02:00
839ee5eac1
Make theming work with pretty URLs
...
In some envs the rewrite rules for pretty URLs apply to all CSS files, so let's not end the route name with that etension.
Fixes #315
2016-07-11 14:08:25 +02:00
cd74ad55e4
Only save when value changed or enter is pressed
2016-06-27 20:46:12 +02:00
a08c4a2b13
Add tooltip
2016-06-27 20:36:23 +02:00
f7f86d61c4
Add comment to "getMailHeaderColor"
2016-06-27 10:48:28 +02:00
51646bb3f6
Use stream instead of rename
2016-06-27 10:47:44 +02:00
0a5c5d9b03
Replace OC_Defaults with \OC::$server->getThemingDefaults()
2016-06-27 10:34:08 +02:00
261396019d
design and layout fixes for Theming app
2016-06-27 10:26:24 +02:00
24144b16d0
make sure that the preview gets updated every time a new image gets uploaded
2016-06-27 10:26:24 +02:00
79269427d7
scale preview image
2016-06-27 10:26:24 +02:00
433e8ea123
Disable drop zone
...
Otherwise dropping something somewhere can by mistake upload the file and make it available
2016-06-27 10:26:23 +02:00
a0e92b5fb0
Fix indentation
2016-06-27 10:26:23 +02:00
27b699bdbc
Migrate logic to dynamic controller
...
Also adds support for having custom login backgrounds
2016-06-27 10:26:23 +02:00
cc321bc140
add some visual feedback if the operation was succesful or not
2016-06-27 10:26:22 +02:00
10f6ca20bc
write theme settings to database
2016-06-27 10:26:22 +02:00
363b76faee
basic information architecture for the theming app
2016-06-27 10:26:22 +02:00
20d250a674
initial commit for the theming app
2016-06-27 10:26:22 +02:00
Lukas Reschke
skjnldsv
Felix Epp
Joas Schilling
Roeland Jago Douma
Julius Haertl
iamfool
Roeland Jago Douma
Arthur Schiwon
Bjoern Schiessle
Morris Jobke
Jan-Christoph Borchardt
Robin Appelman
Jos Poortvliet
oparoz
Lukas Reschke