Joas Schilling
5a8129f8ef
Merge pull request #3886 from nextcloud/downstream-26995
...
Chunking NG: Assemble in natural sort order of files
2017-03-17 10:05:25 +01:00
Joas Schilling
d504408efd
Merge pull request #3894 from nextcloud/downstream-27008
...
Integration test check download without saving file locally
2017-03-17 09:17:36 +01:00
Roeland Jago Douma
51846c95d9
Merge pull request #3856 from nextcloud/escape-likes-in-database-user-backend
...
Escape like parameters in database user backend
2017-03-17 08:53:10 +01:00
Roeland Jago Douma
9915aa6d9c
Merge pull request #3870 from nextcloud/add-base-uri-to-csp-policy
...
Add base-uri to CSP policy
2017-03-17 08:39:02 +01:00
Roeland Jago Douma
7a3acff782
Merge pull request #3874 from nextcloud/harden-js-by-disabling-eval-execution
...
Harden JS by disabling jQuery eval
2017-03-17 08:31:12 +01:00
Roeland Jago Douma
88e68b5058
Merge pull request #3875 from nextcloud/use-new-short-urls
...
Use cleaner social media URLs
2017-03-17 08:30:07 +01:00
Markus Goetz
075a606514
Chunking NG: Assemble in natural sort order of files
...
For https://github.com/owncloud/client/pull/5476
Before this, the assembly could be bogusly in the order 0,1,10,11,2,3 etc.
As per the spec "The name of every chunk should be its chunk number."
https://github.com/cernbox/smashbox/blob/master/protocol/chunking.md
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-17 00:06:31 -06:00
Vincent Petry
3740f9bc26
Integration test check download without saving file locally
...
Use Guzzle stream mode to download the contents instead of using a
temporary local file.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-16 23:57:16 -06:00
Morris Jobke
cc077e67d7
Merge pull request #2824 from nextcloud/ext-storage-expireversions
...
Properly expire ext storage versions (#26601 )
2017-03-16 23:00:55 -06:00
Morris Jobke
ead9a10cc5
Merge pull request #3619 from nextcloud/fix-scss-for-apps
...
Fix SCSS usage in apps
2017-03-16 22:51:31 -06:00
Nextcloud bot
5683365a2c
[tx-robot] updated from transifex
2017-03-17 01:07:41 +00:00
Lukas Reschke
86cba3ee45
Use cleaner social media URLs
...
We now have nice cleaner URLs since a longer time, let's use them.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 23:45:49 +01:00
Lukas Reschke
39afcbd49f
Merge pull request #3679 from nextcloud/socialsharing
...
Add social sharing
2017-03-16 23:08:47 +01:00
Lukas Reschke
148e7abb51
Harden JS by disabling jQuery eval
...
Disable execution of eval in jQuery. We do require an allowed eval CSP
configuration at the moment for handlebars et al. But for jQuery there is
not much of a reason to execute JavaScript directly via eval.
This thus mitigates some unexpected XSS vectors. As example try to insert
`$('.fileinfo').html('<a href="asd"><script>alert(1)</script></a>');`
with and without this patch in your browsers JS console when the file list
is opened.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 23:03:02 +01:00
Lukas Reschke
c4fe36cc02
Merge pull request #3862 from nextcloud/dont-set-the-status-twice
...
Don't set the HTTP status twice
2017-03-16 22:05:47 +01:00
Lukas Reschke
d134dea508
Don't call function in constructor
...
The constructor is iniitiated already very early in base.php, thus requiring this here will break the setup and some more. For now we probably have to live with a static function call here thus.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 21:59:47 +01:00
Lukas Reschke
9e957d0ac9
Adjust integration test
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 20:51:40 +01:00
Morris Jobke
cd4ebe2777
Merge pull request #3008 from nextcloud/appmenu-experiment
...
Show apps in header
2017-03-16 13:03:41 -06:00
Lukas Reschke
5f8f29508f
Adjust tests to include base-uri
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 18:12:10 +01:00
Roeland Jago Douma
2a9d1a7147
Merge pull request #3863 from nextcloud/additional-hardening-of-t
...
Harden t() with DOMPurify
2017-03-16 15:54:04 +01:00
Lukas Reschke
adfd1e63f6
Add base-uri to CSP policy
...
As per https://twitter.com/we1x/status/842032709543333890 a nice security hardening
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 15:16:20 +01:00
Lukas Reschke
6c8d48b0f6
Harden t() with DOMPurify
...
This mitigates issues where developers pass untrusted user-input through t() which may lead to XSS issues.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 14:17:42 +01:00
Lukas Reschke
793d7d1bd7
Merge pull request #3860 from nextcloud/fix_master_after_3802
...
Fix unit tests of master
2017-03-16 14:08:32 +01:00
Joas Schilling
3a53784f80
Don't set the HTTP status twice
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-16 13:35:41 +01:00
Roeland Jago Douma
bb2ec51bbb
Fix unit tests of master
...
Follow up to #3802
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-16 12:46:02 +01:00
Roeland Jago Douma
57c1be8633
Merge pull request #3802 from Ko-/master
...
Check that set_time_limit is not disabled before calling it
2017-03-16 12:27:26 +01:00
Joas Schilling
7ca2f5f137
Merge pull request #3857 from nextcloud/issue-3901-legacy-caldav-endpoint-email-invitations
...
Fix scheduling plugin on legacy caldav endpoint
2017-03-16 12:14:32 +01:00
Julius Haertl
b8ef616455
Fix html formating issues
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:10 +01:00
Julius Haertl
780400302c
Rebuild menu to keep order of icons correct
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:10 +01:00
Julius Haertl
25e18b840b
Reduce device width and hide app name when menu is open
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:10 +01:00
Julius Haertl
1d6fba03f4
Make enabling/disabling apps work with the new menu
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:10 +01:00
Julius Haertl
efc681dcfe
Fix positioning of popovermenu
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:10 +01:00
Julius Haertl
f58f8f6f47
Fix popover positioning after window resize
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:10 +01:00
Julius Haertl
267b89f5c7
Cleanup SCSS for app menu and fix mobile view
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:10 +01:00
Julius Haertl
7eae6690ad
Make app management icon act like a normal app icon
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
Julius Haertl
61dc78e6dc
Fix menu issues
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
Julius Haertl
a630e4629f
Generate seperate menu list for header bar
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
Julius Haertl
e3e4cb3e67
Move active app to the first slot
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
Julius Haertl
42feab59d5
Show app icons in the header
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
Ko-
786ee72146
Add warning on admin screen when set_time_limit is unavailable
2017-03-16 11:48:28 +01:00
Joas Schilling
652ee8a605
Fix scheduling plugin on legacy caldav endpoint
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-16 09:55:15 +01:00
Roeland Jago Douma
4d207680f2
Merge pull request #3624 from marncz/master
...
Update.js: countdown feedback before redirect
2017-03-16 07:56:51 +01:00
Nextcloud bot
2fafdb39ac
[tx-robot] updated from transifex
2017-03-16 01:07:36 +00:00
Lukas Reschke
085891a15d
Escape like parameters in database user backend
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-15 22:46:40 +01:00
Roeland Jago Douma
93c9a06761
Merge pull request #3788 from nextcloud/fed-share-modify
...
Add api to change the remote of an incoming federated share
2017-03-15 17:32:35 +01:00
Joas Schilling
f2d3704e97
Merge pull request #3843 from nextcloud/encryption-fix-mail-share
...
take share by mail into consideration if we calculate the access list
2017-03-15 15:23:17 +01:00
Roeland Jago Douma
5ed45fc8e6
Merge pull request #3848 from nextcloud/remove-single-quotes-around-search-query
...
Remove single quotes around search query like in user search
2017-03-15 15:05:15 +01:00
Joas Schilling
0fe45966a0
Remove single quotes around search query like in user search
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-15 12:53:44 +01:00
Björn Schießle
5a998da206
Merge pull request #3841 from nextcloud/encyryption-trash-bin
...
Delete files on encryption error
2017-03-15 09:07:07 +01:00
Marcin Czarnecki
1a3617cdd6
Spacing
...
Signed-off-by: marncz <M.Czarnecki1@uni.brighton.ac.uk>
2017-03-15 06:35:40 +00:00