Commit Graph

1926 Commits

Author SHA1 Message Date
Roeland Jago Douma efb21a948e Merge pull request #4093 from nextcloud/endorse-password-protection
Endorse password protection
2017-04-04 11:04:21 +02:00
Roeland Jago Douma 7d72ae3011
Move to autosize.min.js
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-03 13:42:33 +02:00
Timo Benk 868500eda4
let the user set an empty password for share link
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:58:19 +02:00
Timo Benk 0d7801b6ce
endorseLinkPassword changed to enableLinkPasswordByDefault
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:58:11 +02:00
Timo Benk cbfe5f3c1f
feature endorse password for share links
works like "enforce password protection", but let the
user optionally remove the password protection after the
password is set.

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:58:03 +02:00
Roeland Jago Douma 2950bcbc70
Do not show social menu when there is no link share
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-31 17:29:41 +02:00
Joas Schilling 0fb7c631ce Merge pull request #4128 from nextcloud/updateclipboard
Update clipboard.js
2017-03-30 14:37:03 +02:00
Roeland Jago Douma 0da04fd284
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-29 22:54:08 +02:00
Roeland Jago Douma 54c68519ce
Allow avatars for full numeric users
Fixes #4087

Because of fancy javascript if a full numeric uid was used javascript
would convert this to an int. Now we just convert everything to a string
first.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-29 13:39:48 +02:00
Roeland Jago Douma b052addaca
Use minified clipboard.js
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-29 00:27:50 +02:00
Robin Appelman dc5ba95469 Merge pull request #4027 from nextcloud/better-spreed-call-urls
Better spreed call urls
2017-03-27 16:21:24 +02:00
Roeland Jago Douma f4c9e44403 Merge pull request #4073 from nextcloud/secure-drop
Rename File drop to Secure drop
2017-03-27 14:39:32 +02:00
Roeland Jago Douma 16b02a0fa9 Merge pull request #4064 from nextcloud/update-moment
Update momentjs
2017-03-27 14:10:54 +02:00
Olivier Paroz 5a6c7877f6
Rename File drop to Secure drop
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-26 16:13:35 -06:00
Lukas Reschke 3c1d76c282
Cleanup code as suggested by @icewind1991
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-26 19:45:36 +02:00
Lukas Reschke fea2108710
Make async
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-26 15:26:10 +02:00
Lukas Reschke 980ef89dbf
Fix callback
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-26 14:17:01 +02:00
Lukas Reschke 12a019d328
Use eval instead of $.script
Fixes https://github.com/nextcloud/server/issues/4067

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-26 14:12:44 +02:00
Roeland Jago Douma 62827dd1da
use moments.js min in core.js
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-26 10:25:15 +02:00
Morris Jobke 2f7669179e Merge pull request #4043 from nextcloud/merge-js-for-template-prepend
Merge JS for template prepend
2017-03-24 15:42:08 -06:00
Lukas Reschke 6a4fde11e6
Merge login JS
Removes 2 requests.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-24 21:18:24 +01:00
Lukas Reschke 4f73911bab Merge pull request #4041 from nextcloud/merge-systemtags-js
Merge systemtags JS
2017-03-24 21:12:42 +01:00
Lukas Reschke 6a470e5935
Merge JS for template prepend
Shaves off 14 requests.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-24 20:37:13 +01:00
Lukas Reschke 4d68324ba6
Merge sharing backend JS
Removes 8 requests.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-24 20:17:38 +01:00
Lukas Reschke a9c3692a9a
Merge systemtags JS
Shaves off 7 requests.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-24 20:08:27 +01:00
Joas Schilling 34f0ad4ebe
Allow to push a non-query URL to the browser history
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-24 11:51:58 +01:00
Lukas Reschke f94bc6f8bb Merge pull request #4013 from nextcloud/bundle_vendor_js
Bundle vendor js
2017-03-24 10:49:57 +01:00
Roeland Jago Douma df4d1f7b78 Merge pull request #4022 from nextcloud/downstream-27105
Remove auto-focus on certain input fields
2017-03-24 10:01:06 +01:00
Vincent Petry ab37577182
Properly clear heartbeat interval
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-23 23:37:24 -06:00
Vincent Petry 46a32045d7
Update karma, use sinon from npm
Update karma library and use sinon JS library provided by
karma-jasmine-sinon instead of local file.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-23 23:35:41 -06:00
Felix Heidecke a9dc3239b3
Remove auto-focus on certain input fields
* remove autofocus on input certain input fields if browser is msie
* Update sharedialoglinkshareview.js
* Update sharedialogview.js

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-23 17:34:50 -06:00
Roeland Jago Douma eda98ed3df
Merge vendor js
There is a bunch of javascript we always load from vendors. This
combines this into 1 javascript file. Which reduces the number of
request by ~10.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-23 13:40:23 +01:00
Roeland Jago Douma 4518a28924 Revert "Bundle vendor js" 2017-03-22 17:01:54 +01:00
Roeland Jago Douma ec3f5aa6e2 Merge pull request #3795 from nextcloud/bundle_vendor_js
Bundle vendor js
2017-03-22 13:34:21 +01:00
Roeland Jago Douma 98a14909e1
Bundle more default vendor js
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-22 08:49:03 +01:00
Morris Jobke c3f08ab151
Remove tooltip of delete button for systemtags
* fixes #3967

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-21 21:49:25 -06:00
Lukas Reschke ac1aff7d92 Merge pull request #3950 from nextcloud/downstream-27149
Forbid to upload part files via web UI
2017-03-20 11:44:57 +01:00
Christoph Wurst 313173dd45 Merge pull request #3936 from nextcloud/downstream-27253
Add extensionpoint to sharedialogview
2017-03-20 08:31:01 +01:00
Felix Heidecke 11f838f9e4
Add ignore_files to config,
test files against ignore_files list on upload

fix typo and indentation

Move blacklist declaration to lib/public/Files/FileInfo.php,

Rename *ignored to *blacklisted

Mocked blacklist_files for testing

Mocked blacklist_files for testing

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-20 01:17:12 -06:00
Vincent Petry 703f2e6a61
Clear onpopstate handlers after unit tests
Fixes issue when running Karma tests in Firefox.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-19 23:15:21 -06:00
Felix Heidecke f198d77388
Add extensionpoint to sharedialogview
Write method overriding extension

Add a list of unknowns while inputting a search term

Rename OCA.Share extension point

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-19 22:40:36 -06:00
Maxence Lange 69694012ab shares-circles
Signed-off-by: Maxence Lange <maxence@nextcloud.com>
2017-03-17 18:48:33 -01:00
Joas Schilling 0c0ce25b3c Merge pull request #3881 from nextcloud/downstream-26842
Backbone Webdav Adapter MKCOL support
2017-03-17 13:53:04 +01:00
Roeland Jago Douma 7a3acff782 Merge pull request #3874 from nextcloud/harden-js-by-disabling-eval-execution
Harden JS by disabling jQuery eval
2017-03-17 08:31:12 +01:00
Vincent Petry 6488ed3cff
Backbone Webdav Adapter MKCOL support
Usually Backbone collections cannot be created and just simply exists.
But in the Webdav world they need to be creatable.

This enhancement makes it possible to use a Backbone Model to represent
such collections and when creating it, it will use MKCOL instead of PUT.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-17 00:08:48 -06:00
Lukas Reschke 39afcbd49f Merge pull request #3679 from nextcloud/socialsharing
Add social sharing
2017-03-16 23:08:47 +01:00
Lukas Reschke 148e7abb51
Harden JS by disabling jQuery eval
Disable execution of eval in jQuery. We do require an allowed eval CSP
configuration at the moment for handlebars et al. But for jQuery there is
not much of a reason to execute JavaScript directly via eval.

This thus mitigates some unexpected XSS vectors. As example try to insert
`$('.fileinfo').html('<a href="asd"><script>alert(1)</script></a>');`
with and without this patch in your browsers JS console when the file list
is opened.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 23:03:02 +01:00
Morris Jobke cd4ebe2777 Merge pull request #3008 from nextcloud/appmenu-experiment
Show apps in header
2017-03-16 13:03:41 -06:00
Lukas Reschke 6c8d48b0f6
Harden t() with DOMPurify
This mitigates issues where developers pass untrusted user-input through t() which may lead to XSS issues.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 14:17:42 +01:00
Roeland Jago Douma bb2ec51bbb
Fix unit tests of master
Follow up to #3802

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-16 12:46:02 +01:00