Commit Graph

995 Commits

Author SHA1 Message Date
Morris Jobke 5a1a056c6d Merge pull request #8183 from owncloud/move-security-headers
Move security headers
2014-04-16 23:46:20 +02:00
Thomas Müller 8bc7174bdc Merge pull request #8104 from owncloud/lukepolo-master
Added the ability to Drag and Drop folders [chrome]
2014-04-15 21:39:32 +02:00
Lukas Reschke 8322a9e5c2 Merge pull request #8210 from owncloud/enhance-assets-management-master
adding checks and log messages regarding the assets folder
2014-04-15 20:07:07 +02:00
Lukas Reschke ffab31e3ee Merge pull request #8197 from owncloud/secure_mimetypes
White-list known secure mime types. Refs. #8184
2014-04-15 19:50:33 +02:00
Arthur Schiwon 64679b2e62 Remove limit and offset manipulation when getting users or groups, because it does not work when more than one user or group backend. Fixing it would be too costly performancewise, so we switch back to the model used in OC 5: limit and offset are effective per backend, and not a general constraint 2014-04-15 17:46:48 +02:00
Thomas Müller 02726acbc8 adding checks and log messages regarding the assets folder 2014-04-15 16:26:12 +02:00
Thomas Müller e125dc60cd introduce new function to force a language 2014-04-15 15:12:25 +02:00
Björn Schießle 2dbb2db7e0 Merge pull request #7780 from owncloud/share-file-exists
Verify that a file exists before we share it
2014-04-15 11:23:17 +02:00
Lukas Reschke 340089f270 Merge pull request #8059 from owncloud/countUsersInGroup
add optional countUsersInGroup method to group backends
2014-04-14 20:45:12 +02:00
Lukas Reschke 9046f7b2f8 Merge pull request #8178 from owncloud/fix-request-parameters
Correctly process request parameters other than GET or POST, dont use gl...
2014-04-14 20:42:26 +02:00
Thomas Tanghus 2fb68c120b Added explanation to mimetypes.list.php to avoid future confusion. 2014-04-14 18:21:19 +02:00
Thomas Tanghus 51e47319ef White-list known secure mime types. Refs. #8184 2014-04-14 17:17:50 +02:00
Thomas Müller fe364656a4 Merge pull request #8181 from owncloud/fix_wrong_webdav_warning
Fix a wrong WebDAV Warning with self-signed-certs
2014-04-14 16:53:06 +02:00
Thomas Müller 8df19c4379 Merge pull request #8019 from owncloud/thumbnail_fixes
Thumbnail fixes
2014-04-14 16:23:03 +02:00
Thomas Müller 71de321869 Merge pull request #8156 from owncloud/fix-middleware-container
fix the middleware registration process in the container
2014-04-14 14:53:58 +02:00
Lukas Reschke eecc400698 p() and print_unescaped() also take arrays as parameter
This fixes some scrutinizer issues.
2014-04-13 16:18:05 +02:00
Lukas Reschke b04d95b116 Remove uneeded usages of nosniff 2014-04-13 12:48:16 +02:00
Lukas Reschke a2a850dd91 Fix indentation 2014-04-13 11:52:31 +02:00
Lukas Reschke df67a04385 Move security headers to base.php
Some headers were currently only added to the templates but not to other components (e.g. SabreDAV / JSON / etc...)
The migration to base.php ensures that the headers are served to all requests passing base.php
2014-04-13 11:51:03 +02:00
kondou d98ae4f9b2 Fix a wrong WebDAV Warning with self-signed-certs
Occuring in the admin interface
2014-04-13 05:24:29 +02:00
Bernhard Posselt 62cce982bb default to GET request when no method is set to fix unittests, also set parsed json parameters on the post attribute 2014-04-12 16:17:49 +02:00
Bernhard Posselt e7fa2790f3 Correctly process request parameters other than GET or POST, dont use globals in the class but inject it 2014-04-12 15:02:19 +02:00
Bernhard Posselt 4af72a076d use references for middleware to fix problems on 5.3 2014-04-11 20:50:49 +02:00
Lukas Reschke 77ecfdd1a4 Only encode dangerous dangerous characters
There is no need to encode all characters into HTML entities, only potential dangerous characters as &, ", ', < and > should get encoded.

This may fix issues like https://github.com/owncloud/calendar/pull/394
2014-04-11 19:42:15 +02:00
Bernhard Posselt 763da4258e fix the middleware registration process in the container 2014-04-10 20:51:03 +02:00
Bernhard Posselt 2fc6fb36ad Merge pull request #8139 from owncloud/fix-middleware-registration
register middleware as string to not force request to be instantiated to...
2014-04-10 20:24:30 +02:00
Thomas Müller e401df26bc Merge pull request #8107 from owncloud/dav-negativetimestampfix
Fixed Sabre Node implementation to correctly return timestamps as int
2014-04-10 17:37:53 +02:00
Thomas Müller 26a89e369e Merge pull request #8137 from owncloud/routeing-requirements
add requirements to routing
2014-04-10 16:23:01 +02:00
Thomas Müller ecd74d3630 Merge pull request #8138 from owncloud/allow-app-in-routes.php
To isolate the variable scope used inside the $file it is required in it...
2014-04-10 16:09:23 +02:00
Tom Needham 654d5af394 Merge pull request #8027 from owncloud/routes-ocs
Load all routes when matching an ocs route
2014-04-10 12:22:34 +01:00
Vincent Petry 6cc578d1a7 Merge pull request #8018 from owncloud/ocs_result_success_is_100
OC_OCS_Result Class, Only accept 100 code as success
2014-04-10 13:03:10 +02:00
Vincent Petry 8d05848391 Merge pull request #7825 from owncloud/hash-stream
Use streams when generating hashes of remote files
2014-04-10 10:42:04 +02:00
Vincent Petry 9a8457aca0 Merge pull request #8053 from owncloud/preview-hook-root
Pass the correct root to the preview on post_write
2014-04-10 10:31:40 +02:00
Bernhard Posselt f06ef8aa4b register middleware as string to not force request to be instantiated too early and thus not having url parameters 2014-04-09 23:59:57 +02:00
Thomas Müller 98a5f121fd To isolate the variable scope used inside the $file it is required in it's own method 2014-04-09 22:45:34 +02:00
Thomas Müller d2961dcf11 Merge branch 'master' into lukepolo-master
Conflicts:
	apps/files/js/filelist.js
2014-04-09 22:00:25 +02:00
Bernhard Posselt 70c88027db add requirements to routing 2014-04-09 21:57:32 +02:00
Vincent Petry 4f11786a3d Fixed Sabre Node implementation to correctly return timestamps as int
Negative timestamps were returned as string and were confusing other

Sabre API like Sabre_DAV_Property_GetLastModified.

This fix makes sure the timestamp is returned as int when defined.
2014-04-09 15:46:51 +02:00
Joas Schilling 352063cf0a Fix Undefined index: storage in share.php
There parameter was removed when the code was cleaned up:
{"app":"PHP","message":"Undefined index: storage at
E:\\ownCloud\\owncloud\\lib\\private\\share\\share.php#1160",
"level":0,"time":"2014-04-09T12:56:23+00:00"}
2014-04-09 15:14:44 +02:00
Volkan Gezer a4f42676ea Make hardcoded exception messages translatable 2014-04-08 20:07:25 +02:00
Arthur Schiwon 5f8d9b3a4e ask implementsAction instead of checking method_exists for easier testing 2014-04-08 12:31:11 +02:00
Arthur Schiwon 698297feb3 add optional countUsersInGroup method to group backends 2014-04-08 12:04:38 +02:00
Thomas Müller 7dd0074655 fixing mkdir code to respect external file systems as well 2014-04-07 23:17:35 +02:00
Thomas Müller 3587c88fe9 Merge branch 'master' of https://github.com/lukepolo/core-1 into lukepolo-master
Conflicts:
	apps/files/js/file-upload.js
2014-04-07 22:28:16 +02:00
Thomas Müller c1fd300048 using array_key_exists() instead of isset() - required because in case the value is null isset is returning false 2014-04-07 21:05:48 +02:00
Thomas Müller 0fe32eee13 Merge pull request #8083 from owncloud/fix-link-to-sync
Remove wrong whitespace from URL and use HTTPS
2014-04-07 14:38:47 +02:00
Lukas Reschke 6babf90175 Switch to HTTPS 2014-04-06 22:06:38 +02:00
Lukas Reschke 5679f5c37e Remove wrong whitespace from URL and use HTTPS
The whitespace caused the generated links to begin with a whitespace (e.g. `<a href=" http://owncloud.org/sync-clients/" target="_blank">`)

Additionally I switched the link to HTTPS.
2014-04-06 22:04:14 +02:00
Lukas Reschke 1b55c312e5 Removed two unused functions
These two functions were actually not usable and only a todo since ages. I think it's better to remove it than having dead and unmaintained code.
2014-04-04 22:27:05 +02:00
icewind1991 4028301dea Merge pull request #8055 from owncloud/getfileinfo-exists
dont scan not existing files in View->getFileInfo
2014-04-04 18:07:29 +02:00