Commit Graph

475 Commits

Author SHA1 Message Date
Lukas Reschke 148e7abb51
Harden JS by disabling jQuery eval
Disable execution of eval in jQuery. We do require an allowed eval CSP
configuration at the moment for handlebars et al. But for jQuery there is
not much of a reason to execute JavaScript directly via eval.

This thus mitigates some unexpected XSS vectors. As example try to insert
`$('.fileinfo').html('<a href="asd"><script>alert(1)</script></a>');`
with and without this patch in your browsers JS console when the file list
is opened.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 23:03:02 +01:00
Julius Haertl f58f8f6f47
Fix popover positioning after window resize
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:10 +01:00
Julius Haertl 61dc78e6dc
Fix menu issues
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
Julius Haertl 42feab59d5
Show app icons in the header
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
Morris Jobke 413d671d9e Merge pull request #3635 from individual-it/fix_quota_validation
better quota validation
2017-02-28 00:27:51 -06:00
Artur Neumann 9790fe7f5d make values with white spaces possible
a user might enter values with white spaces, and that should be possible
and valid

Signed-off-by: Artur Neumann <info@individual-it.net>
2017-02-28 08:25:34 +05:45
Artur Neumann f1fccaca06 better quota validation
this fixes #3634

1. fixed computerFileSize to be more picky about incorrect values
2. more tests for computerFileSize
3. use computerFileSize to validate user quota

Signed-off-by: Artur Neumann <info@individual-it.net>
2017-02-28 07:38:11 +05:45
Lukas Reschke bc2f23a0fc Merge pull request #2602 from nextcloud/resize-the-controls-after-the-sidebar-slided-in
Increase debounce time to make sure controls are resized after the sidebar disappeared
2017-02-23 15:46:06 +01:00
m3ntalsp00n 01963b4d72 Fix indentation and l10n compliance.
Signed-off-by: m3ntalsp00n <m3ntalsp00n@gmail.com>
2017-02-08 16:55:31 +10:00
m3ntalsp00n fd40613d8e showUpdate funciton allows updated messages
Signed-off-by: m3ntalsp00n <m3ntalsp00n@gmail.com>
2017-02-04 15:47:09 +10:00
Marius Blüm a460acb823
Increase debounce time to make sure controls are resized after the sidebar disappeared
Signed-off-by: Marius Blüm <marius@lineone.io>
2017-01-23 11:49:16 -06:00
Patrick Paysant d4c088cb79
Verify input, add more unit tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-19 17:29:20 +01:00
Patrick Paysant ff018d48cf
Implements all comments from @PVince81
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-19 17:29:05 +01:00
Patrick Paysant 6217393d6a
Adding computerFileSize in OC.Util
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-19 17:28:58 +01:00
Robin Appelman 8a3b660969
only reload on errors when logged in
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-12-01 23:44:50 +01:00
Joas Schilling 65c03c26ea
Make sure the controls is resized after the sidebar disappeared
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-28 11:23:05 +01:00
Jan-Christoph Borchardt e75dede590 fix some outdated naming
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2016-11-24 16:05:05 +01:00
Bjoern Schiessle adb581431f
set focus on input field
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-24 12:35:28 +01:00
Lukas Reschke b6c9029c82
Use proper return function
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-21 15:14:32 +01:00
Joas Schilling 8d33d76ce8
Use the existing prompt
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-18 12:10:51 +01:00
Roeland Jago Douma e80d3c2a10
Submit on enter
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-18 12:10:51 +01:00
Joas Schilling 05df523395
Empty the password field on submission of the form
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-18 12:10:51 +01:00
Joas Schilling cc33f8695b
Make sure it is a function
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-18 12:10:50 +01:00
Joas Schilling a0d6c6593a
Allow to check it via the API
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-18 11:57:16 +01:00
Joas Schilling d75e35b75e
Introduce the UI for password confirmation
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-18 11:57:16 +01:00
Julius Haertl d3d49c1e98
Apply firefox workaroud to svg filters
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2016-11-08 09:55:29 +01:00
Joas Schilling 6c27b74e75
Fix the push state
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-07 12:51:32 +01:00
Julius Haertl 71275ced28
Workaround for disappearing app icons for Firefox before version 51
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2016-11-04 15:39:04 +01:00
Joas Schilling 890f752a6b Merge pull request #1452 from nextcloud/appconfig-endpoint
Appconfig endpoint
2016-10-25 10:57:48 +02:00
Vincent Petry 25d9dce067
JS utility function to compare paths
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Joas Schilling 0b1fb180a5
Make AppConfig part of the public API
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-21 09:09:23 +02:00
Morris Jobke 867f72a485
Remove deprecated breadcrumbs implementation
* was replaced by the version in files/

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-20 12:18:33 +02:00
Morris Jobke 33c3293d05
Remove OC.localStorage and object method
* use the localstorage APIs of the browser instead
* use new Object() instead

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-20 12:16:44 +02:00
Christoph Wurst 5ae6d62811
do not reload the page if the server is (temporarily) unreachable 2016-10-03 10:24:47 +02:00
Simon Eisenmann c80c5ad958 Fixup getURLParameter behavior
This commit further changes the behavior of getURLParmeter to handle
encoded parameter values and returns the decoded string and improves
behavior for parameters without value and multiple equals and other
similar cases which did not work before. See the comments at
http://stackoverflow.com/questions/1403888/get-escaped-url-parameter for
a list of the issues handled by the updated implementation.

This change does not change the general behavior of the function. Empty
or non existing parameters still return an empty string ('').
2016-09-16 16:11:08 +02:00
Simon Eisenmann 1e9d523046 Return '' instead of 'null'
This commit changes the behavior of getURLParameter(name) to return an
empty string when the parameter is not set or has empty value. Before it
returned 'null' as string.
2016-09-16 16:11:01 +02:00
Joas Schilling fe9ffd29a7
Always use the js console when available 2016-09-05 11:25:47 +02:00
Joas Schilling ee1c1b39b2
Update live timestamps to give a more live feeling 2016-09-01 09:02:36 +02:00
Thomas Pulzer 58f9340d93 Fixing infinite spinner animation
setupMainMenu() & setupUserMenu():
Changed click delegate to add the spinner animation only the primary mouse button was clicked without ctrl- or meta-key modifier
Adding mouseup delegate to hide the menu if the middle mouse button was clicked.

Redone #778
2016-08-19 10:50:51 +02:00
Morris Jobke 8e08b8c04e Revert "Fixing infinite spinning animation on user menu ctrl+click" 2016-08-18 11:46:00 +02:00
Morris Jobke 3e7710c0d8 Merge pull request #778 from nextcloud/Faldon-user_menu_ui
Fixing infinite spinning animation on user menu ctrl+click
2016-08-18 08:40:13 +02:00
Faldon 14bf180837 Removed debug code. 2016-08-11 16:43:07 +02:00
Thomas Pulzer b2b7fa4854 Fixed user and main menu closing on right mouse button click.
Fixed wrong variable assignment when trying to open link in new window.
2016-08-11 07:22:13 +02:00
Thomas Pulzer c5033670d5
Changed app and user menu delegates to mousedown events.
Added proper handling of primary mouse button click with and without ctrl-/meta-key modifier.
Added handlig of middle mouse button click.
2016-08-09 11:58:32 +02:00
Thomas Pulzer 8c9961aa22
Added OS X meta key check for stopping spinning animation in app and user menu. 2016-08-09 11:58:32 +02:00
Thomas Pulzer 1ab9477ac1
Fixed user menu to not show spinner on ctrl+click.
Fixes #616
2016-08-09 11:58:32 +02:00
Julius Haertl 6b807af619
Fix closing app menu on mobile 2016-07-31 11:57:03 +02:00
Joas Schilling 45c99c226b
Fix the HTML encoding when uploading a folder in FF when using french l10n 2016-07-20 13:03:27 +02:00
Hendrik Leppelsack c47833718f remove svg classes 2016-07-01 16:36:37 +02:00
Hendrik Leppelsack bc5c89e9c0 remove javascript png fallback for svg 2016-07-01 16:36:37 +02:00