Commit Graph

839 Commits

Author SHA1 Message Date
Vincent Petry 9fc23e1967 Merge pull request #10934 from owncloud/datadir-write-setup
Don't complain about non-writable datadirs before we're installed
2014-09-25 14:32:32 +02:00
Lukas Reschke 75e45ac786 Merge pull request #11019 from owncloud/do-not-show-exception-to-enduser
Do not show exception to the end-user - use a proper error page instead
2014-09-23 18:36:40 +02:00
Thomas Müller c587a4aaa2 Merge pull request #11222 from owncloud/store-users-timezone-master
send browsers timezone back tp the server on login
2014-09-23 13:45:21 +02:00
Lukas Reschke 6eeb905871 Do only follow HTTP and HTTPS redirects
We do not want to follow redirects to other protocols since they might allow an adversary to bypass network restrictions. (i.e. a redirect to ftp:// might be used to access files of a FTP server which might be in a secure zone and not be reachable from the net but from the ownCloud server)

Get final redirect manually using get_headers()

Migrate to HTTPHelper class and add unit tests
2014-09-22 20:02:32 +02:00
Thomas Müller 814114ab8e enhance formatDate function to accept an optional argument containing the time zone 2014-09-22 15:03:28 +02:00
Robin Appelman 6fa3280c2a Inject config into checkserver and cleanup tests 2014-09-18 13:33:13 +02:00
Lukas Reschke d07d5915c9 Remove unused and overflowing function
Resolves https://github.com/owncloud/core/issues/10991 failure 4
2014-09-18 10:21:28 +02:00
Lukas Reschke 6d3757f864 Do not show exception to the end-user
Log the error instead of potentially leaking sensitive information
2014-09-17 13:17:52 +02:00
Morris Jobke b644e8a5e7 Merge pull request #10932 from owncloud/issue/10926
Add a method to get the absolute url for a route
2014-09-17 13:05:26 +02:00
Lukas Reschke d2743e6ad6 Merge pull request #7254 from owncloud/core-sortalgo
Fixed JS sort comparator to be consistent between JS and PHP
2014-09-16 17:29:03 +02:00
Lukas Reschke 70abce0482 Merge pull request #10739 from owncloud/eventsource-public
Add EventSource to the public API
2014-09-08 18:46:27 +02:00
Joas Schilling c5b5378558 Add a method to get the absolute url for a route
Fix #10926
2014-09-08 14:43:14 +02:00
Robin Appelman fa3393674c Better phpdoc and method naming 2014-09-04 13:26:51 +02:00
Lukas Reschke 373d1c5e9f Merge pull request #10642 from owncloud/securityutils
Add some security utilities
2014-09-03 15:28:42 +02:00
Lukas Reschke dcea6de26a Fix quoting 2014-09-03 14:16:55 +02:00
Lukas Reschke a54af89d8a Add test for the second argument 2014-09-03 14:13:12 +02:00
Robin Appelman dad53180bc Add event source to the public api 2014-09-03 13:36:15 +02:00
Lukas Reschke 20a7fb0334 Fix CHAR_SYMBOLS 2014-09-03 12:22:21 +02:00
Lukas Reschke 77c0adb520 Merge branch 'securityutils' of https://github.com/owncloud/core into securityutils 2014-09-03 11:04:49 +02:00
Lukas Reschke 50b430ee7c Add char consts, hash the specified password for the HMAC 2014-09-03 11:03:27 +02:00
Morris Jobke 4024960a0e Merge pull request #10780 from owncloud/config-public
Extend public config interface
2014-08-31 15:54:35 +02:00
Lukas Reschke 8009df0b60 Merge pull request #10420 from owncloud/external-share-self-signed
Make external shares work with imported self signed certificates
2014-08-31 15:50:30 +02:00
Robin Appelman 0a1e5aebf1 Extend public config interface 2014-08-31 15:27:36 +02:00
Lukas Reschke ae3425d2da Merge branch 'master' into securityutils
Conflicts:
	lib/private/util.php
2014-08-31 15:21:09 +02:00
Morris Jobke 73685892ed Merge pull request #10770 from owncloud/getUserFolder
update public interface for getUserFolder
2014-08-31 13:26:32 +02:00
Morris Jobke ac6324a5d0 update public interface for getUserFolder 2014-08-31 11:16:40 +02:00
Robin Appelman c158db7200 Add certificate class 2014-08-31 10:47:50 +02:00
Robin Appelman c1b11571ea Move certificate management interface from files_external to core 2014-08-31 10:47:50 +02:00
Robin Appelman ecdbf00628 Move certificate management code to core 2014-08-31 10:45:10 +02:00
Robin Appelman a58e670ae5 Also extend public server interface 2014-08-31 10:20:00 +02:00
Robin Appelman d0266c0bf8 Use public api for getting l10n 2014-08-31 10:08:22 +02:00
Clark Tomlinson cb0da1178b Merge pull request #10653 from owncloud/x-forwarded-for
Add support for getting the real client IP behind proxies
2014-08-27 10:32:34 -04:00
Björn Schießle c35d60f6d8 Merge pull request #9915 from suraia/unsharefromself-source
Allow specifying the item source in unshareFromSelf().
2014-08-27 10:31:35 +02:00
Lukas Reschke d26a9c3c58 Add some security utilities
This adds some security utilities to core including:
- A library for basic crypto operations (e.g. to encrypt passwords)
- A better library for cryptographic actions which allows you to specify the charset
- A library for secure string comparisions

Remove .htaccess

Remove .htaccess

Fix typo

Add public API

Use timing constant comparision

Remove CBC constant

Adjust code

Remove confusing $this
2014-08-27 00:18:04 +02:00
Lukas Reschke 7acdd018a1 Add support for getting the real client IP behind proxies
Fixes https://github.com/owncloud/core/issues/10624

Fix copy paste fail

Add unittest for comma separated headers

Revert 3rdparty
2014-08-27 00:05:04 +02:00
Lukas Reschke 88c3a4a31a Expose setSystemValue 2014-08-22 15:53:23 +02:00
Morris Jobke ab6ee6a600 Add doc for \OCP\Files\FileInfo space constants 2014-08-19 16:49:51 +02:00
Morris Jobke b3b3354809 move to public namespace 2014-08-19 14:05:08 +02:00
Thomas Müller c08a1e6455 according to PHPDoc this function shall return the entity 2014-08-17 22:27:55 +02:00
Thomas Müller c1102b1671 Merge pull request #10417 from owncloud/update_deprecation_doc
update deprecation docs
2014-08-14 17:54:23 +02:00
Jörn Friedrich Dreyer fd798fd982 update deprecation docs 2014-08-14 12:22:34 +02:00
Bjoern Schiessle d9f35d8c15 we need the recipient as a additional parameter to know for which share the notification was send 2014-08-13 17:02:51 +02:00
Vincent Petry 173059f6d0 Fixed file list sorting
Now using a natural sort algorithm that is more consistent between JS
and PHP (although not perfect in some corner cases)

- added OC.Util.naturalSortComparator that uses the same algo that was
  used for the user list
- changed user list and files list to use OC.Util.naturalSortComparator
- removed toLowerCase() and changed the comparator to use
  String.localeCompare()
- added unit tests
- added OC_NaturalSort that is used by OCP\Util::naturalSortCompare()
2014-08-11 13:28:53 +02:00
Björn Schießle d35bfc9a4c Merge pull request #9520 from owncloud/theme_urls
Add ability to theme iOS and Android client URLs just like desktop URLs.
2014-08-05 17:53:18 +02:00
scolebrook 2e127d2c5e Add ability to theme iOS and Android client URLs just like desktop URLs. 2014-08-05 13:16:51 +02:00
Bjoern Schiessle 41cca70a63 don't display share permission if resharing was disabled by the admin 2014-08-05 10:57:51 +02:00
Thomas Müller 4eb2b4e1b0 Merge pull request #10051 from owncloud/preview-empty-text
Use svg mimeicons for empty text files
2014-07-31 11:38:29 +02:00
Robin Appelman 4a9b0d5465 Use svg mimeicons for empty text files 2014-07-30 16:31:37 +02:00
Morris Jobke 889088f72d Fix template rendering for 'blank' templates 2014-07-29 16:49:50 +02:00
Björn Schießle c53b56e313 Merge pull request #9798 from owncloud/ocs_share_api_add_expire_date
[share api] add OCS api call to set expire date for link shares
2014-07-28 17:28:32 +02:00