07c6e523b1
Merge pull request #16565 from owncloud/add-urandom-check
...
Add check for availability of /dev/urandom
2015-05-26 16:53:11 +02:00
8ec292c8b3
Merge pull request #16519 from owncloud/example-theme
...
add example theme
2015-05-26 15:33:40 +02:00
4c4cbd70f8
Merge pull request #16563 from owncloud/revert-16562-revert-15203-revert-15201-webdav-ng-bugfix
...
Revert "Revert "Revert "FIX for webdav.mediencenter.t-online.de"""
2015-05-26 14:40:16 +02:00
4513cf5967
Revert "Revert "Revert "FIX for webdav.mediencenter.t-online.de"""
2015-05-26 14:40:07 +02:00
bfdae9e2c7
Merge pull request #16562 from owncloud/revert-15203-revert-15201-webdav-ng-bugfix
...
FIX for webdav.mediencenter.t-online.de
https://webdav.mediencenter.t-online.de returns invalid response code.
e.g.
{"reqId":"f9a1c394b98108e4e5ca62bf47829c64","remoteAddr":"81.189.45.224","app":"PHP","message":"Undefined offset: 2 at \/var\/www\/owncloud\/3rdparty\/sabre\/dav\/lib\/Sabre\/DAV\/Client.php#569","level":3,"time":"2015-03-25T18:25:48+00:00","method":"GET","url":"\/index.php\/apps\/files\/ajax\/getstoragestats.php?dir=External%2FT-Cloud%2FTests"}
e.g.
{"reqId":"3407d66672b3cef206b0af883e49bff4","remoteAddr":"46.74.125.245","app":"PHP","message":"Undefined index: {DAV:}getlastmodified at \/var\/www\/owncloud\/lib\/private\/files\/storage\/dav.php#563","level":3,"time":"2015-03-25T16:33:21+00:00"}
2015-05-26 14:31:09 +02:00
bc6d17ed74
Add check for availability of /dev/urandom
...
Without /dev/urandom being available to read the medium RNG will rely only on the following components on a Linux system:
1. MicroTime: microtime() . memory_get_usage() as seed and then a garbage collected microtime for loop
2. MTRand: chr((mt_rand() ^ mt_rand()) % 256)
3. Rand: chr((rand() ^ rand()) % 256)
4. UniqId: Plain uniqid()
An adversary with the possibility to predict the seed used by the PHP process may thus be able to predict future tokens which is an unwanted behaviour.
One should note that this behaviour is documented in our documentation to ensure that users get aware of this even without reading our documentation this will add a post setup check to the administrative interface.
Thanks to David Black from d1b.org for bringing this again to our attention.
2015-05-26 14:16:07 +02:00
f8938f004d
Revert "Revert "FIX for webdav.mediencenter.t-online.de""
2015-05-26 13:36:45 +02:00
d7c18b04bd
Merge pull request #16521 from owncloud/unbold-placeholder-image
...
use normal font weight instead of bold for image placeholders
2015-05-26 12:55:05 +02:00
f70c309c2d
Merge pull request #16561 from owncloud/add-default-timeout-back
...
Add connection timeout to default POST options
2015-05-26 12:23:57 +02:00
f1fc7b155c
Merge pull request #16515 from owncloud/deprecate-useless-helper-class
...
Deprecate useless helper class
2015-05-26 12:22:05 +02:00
23bbf287ff
Merge pull request #16518 from owncloud/external-link-arrow
...
use arrow icon for external link to Apps dev docs, like in Help section
2015-05-26 12:17:50 +02:00
7b10e7b747
Merge pull request #16520 from owncloud/fix-float-spinner-position
...
fix float spinner position
2015-05-26 12:13:15 +02:00
39c6a36488
Merge pull request #16532 from owncloud/cors-no-cookie-auth
...
Disallow cookie auth for cors requests
2015-05-26 12:12:04 +02:00
ab0747113c
Merge pull request #16452 from owncloud/enc_ftp_upload
...
always write file, if fseek doesn't work we write the whole file
2015-05-26 12:02:41 +02:00
3babcd0344
Merge pull request #16339 from owncloud/master-override-channel
...
Allow change update channel via public API
2015-05-26 11:42:41 +02:00
dff361dc5c
Add connection timeout to default POST options
...
Fixes https://github.com/owncloud/core/issues/16560
2015-05-26 11:22:50 +02:00
a577e723b0
flush() comments + perf opt
2015-05-26 10:22:52 +02:00
6198fb20cb
[tx-robot] updated from transifex
2015-05-26 01:54:57 -04:00
fe610a65d3
[tx-robot] updated from transifex
2015-05-25 01:55:06 -04:00
06934e7c00
[tx-robot] updated from transifex
2015-05-24 01:55:03 -04:00
e189435499
[tx-robot] updated from transifex
2015-05-23 01:55:05 -04:00
13592921f1
Merge pull request #16536 from rullzer/unit_tests_16511
...
Unit tests for #16511
2015-05-22 19:08:17 +02:00
ce34edacfa
Merge pull request #16526 from owncloud/enc_fix_versions_webdav_upload
...
remove part file extension before we read a filekey
2015-05-22 16:42:52 +02:00
c63f2286c0
copy keys before we move a file between storages to make sure that the new target file reuses the old file key, otherwise versions will break
2015-05-22 15:41:28 +02:00
914c74ea9b
Unit tests for #16511
...
Make sure that password is updated on focusout of the password field or
on pressing enter in the password field.
2015-05-22 15:09:21 +02:00
c8e3599cad
disallow cookie auth for cors requests
...
testing ...
fixes
fix test
add php doc
fix small mistake
add another phpdoc
remove not working cors annotations from files app
2015-05-22 14:06:26 +02:00
fef75e5417
remove part file extension before we read a filekey to reuse a existing key if possible, otherwise stuff like versioning will break
2015-05-22 12:12:31 +02:00
8ce3d6ea57
End processing when file is not found
...
We have to end the processing when a file is not found or otherwise the method is proceeding and even sending invalid file paths to the sendfile methods.
Due to nginx preventing directory traversals this is luckily not immediately exploitable. We should for hardening purposes however quit the script execution just as we do for 403 cases and others as well.
2015-05-22 11:53:02 +02:00
b82d902e18
Merge pull request #16493 from owncloud/cache-movewithcorrectmimetype
...
Get correct mimetype when moving and changing extension
2015-05-22 11:37:11 +02:00
d7b2bc9e2f
Merge pull request #16516 from owncloud/fix-phpdoc-trait
...
Fix PHPDoc
2015-05-22 09:47:59 +02:00
156881efce
[tx-robot] updated from transifex
2015-05-22 01:55:04 -04:00
79c5790a72
use normal font weight instead of bold for image placeholders
2015-05-22 03:26:30 +02:00
6bba345f34
fix float spinner position
2015-05-22 02:30:55 +02:00
cd0fa062eb
add example theme
2015-05-22 02:17:46 +02:00
94e4f448ee
use arrow icon for external link to Apps dev docs, like in Help section
2015-05-22 01:17:22 +02:00
2fccfbe278
also replace logo-mail with new look
2015-05-22 00:35:12 +02:00
3d8ea96e55
Fix PHPDoc
...
Use correct parameters
2015-05-22 00:17:38 +02:00
78a0464354
replace logo-wide on share page as well with better icon + text
2015-05-22 00:04:47 +02:00
c1f8829590
Deprecate useless helper class
...
The helper class has no real reason anymore with 8.1.0 as we now have better public APIs. No need for an `IHelper` class like that from my opinion.
2015-05-21 23:35:37 +02:00
4e93d9e3a2
remove logo-wide from tests
2015-05-21 22:40:26 +02:00
bf6151e799
fix calculation of $count, $count is always 8129 so we need to check this
...
against the unencrypted file size
2015-05-21 14:15:26 +02:00
5a20edac82
test to simulate a non-seekable stream wrapper
2015-05-21 14:15:26 +02:00
fb51880a4a
encrypted filesize calculation in flush()
2015-05-21 14:15:26 +02:00
38bceb0d74
distinguish between source and target mount point to allow copy/rename between system wide mount points and user specific mountpoints
2015-05-21 14:06:45 +02:00
94077caea9
Merge pull request #16499 from owncloud/fix-phpdoc-annotations
...
Fix PHPDoc 🙈
2015-05-21 13:54:01 +02:00
694d639f94
Fix PHPDoc 🙈
...
*sigh*
2015-05-21 13:07:54 +02:00
22968e806c
Get correct mimetype when moving and changing extension
...
Fixes issue when restoring folders from trash cross-storage, as such
folders have an extension ".d12345678".
Fixes issue when moving folders between storages and at the same time
changing their extension.
2015-05-21 10:57:58 +02:00
896130b68d
Merge pull request #16473 from owncloud/occ_16221
...
occ option to update all third party apps without disable
2015-05-21 09:47:54 +02:00
42dd40ad80
[tx-robot] updated from transifex
2015-05-21 01:55:57 -04:00
48040c46cb
Skip disable3rdParty Apps
2015-05-20 17:06:00 +02:00
Thomas Müller
Jan-Christoph Borchardt
Oliver Kohl D.Sc.
Lukas Reschke
Vincent Petry
Björn Schießle
jknockaert
Jenkins for ownCloud
Bernhard Posselt
Bjoern Schiessle
Roeland Jago Douma
Bernhard Posselt
Joas Schilling
Steffen Lindner