This commit further changes the behavior of getURLParmeter to handle
encoded parameter values and returns the decoded string and improves
behavior for parameters without value and multiple equals and other
similar cases which did not work before. See the comments at
http://stackoverflow.com/questions/1403888/get-escaped-url-parameter for
a list of the issues handled by the updated implementation.
This change does not change the general behavior of the function. Empty
or non existing parameters still return an empty string ('').
This commit changes the behavior of getURLParameter(name) to return an
empty string when the parameter is not set or has empty value. Before it
returned 'null' as string.
setupMainMenu() & setupUserMenu():
Changed click delegate to add the spinner animation only the primary mouse button was clicked without ctrl- or meta-key modifier
Adding mouseup delegate to hide the menu if the middle mouse button was clicked.
Redone #778
Whenever a user navigates away, all ajax calls will fail with the same
result like a cross-domain redirect (SSO). To distinguish these cases,
we need to detect whether the error is a result of the user navigating
away. For this, we introduce a new flag that will be set in
"beforeunload".
Additional handling was required for false positives in case "beforeunload" is
used (ex: cancelled upload) and the user cancelled the navigation.
host can contain the port (host of http://example.com:1234 is
example.com:1234) while hostname never contains a port. They can however
be similar. If you navigate to http://example.com then both host and
hostname will be example.com.
* Fixed docs
* added getHostName function
This changeset allows ownCloud to run with pretty URLs, they will be used if mod_rewrite and mod_env are available. This means basically that the `index.php` in the URL is not shown to the user anymore.
Also the not deprecated functions to generate URLs have been modified to support this behaviour, old functions such as `filePath` will still behave as before for compatibility reasons.
Examples:
http://localhost/owncloud/index.php/s/AIDyKbxiRZWAAjP => http://localhost/owncloud/s/AIDyKbxiRZWAAjPhttp://localhost/owncloud/index.php/apps/files/ => http://localhost/owncloud/apps/files/
Due to the way our CSS and JS is structured the .htaccess uses some hacks for the final result but could be worse... And I was just annoyed by all that users crying for the removal of `index.php` ;-)
All IE versions are not able to properly upscale SVG icons unless the
said SVG files contain a "viewBox" attribute, which is not always the
case. Also we cannot guarantee that all third party apps will have this
attribute in their icons.
So for now, app icons will not be displayed in IE instead of broken
ones.
- calculate multiselect header width to exclude scrollbar
- call FileList._onResize() when sidebar is toggled ("appresized"), this
also updates the breadcrumb width
- moved global getScrollBarWidth() to OC.Util namespace
Added hack that uses a "filter" CSS with explicit URL to fix the "New"
menu by scaling down icons and also fix the folder/filetype icon in the sidebar
by scaling it up.
If a response to a $.ajax() request returns a content type of "application/javascript"
JQuery would previously execute the response body. This is a pretty unexpected
behaviour and can result in a bypass of our Content-Security-Policy as well as
multiple unexpected XSS vectors.
Controls bar calculation needs to take the sidebar visibility into
account.
Recalculation is now triggered when sidebar is toggled, using a new
app-content event "appresized".
Tipsy also supported the `fallback` element which will now not work anymore. To enhance compatibility we shall also implement it in the shim.
Fixes https://github.com/owncloud/core/issues/17870
These should be used in the future instead of location.*.
It will make it possible to stub these methods for writing unit tests
and simulating different URL schemes.
Doing this in the PHP code is not the right approach for multiple reasons:
1. A bug in the PHP code prevents them from being added to the response.
2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud)
3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations.
This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
This function is often used in a wrong and potential dangerous way... Thus we should escape the URL per default and offer developers to disable the automatic escaping via an option parameter if they really want that behaviour.
Might break some things, however, those things are then easy to fix and we really have a ton of bugs caused by this...
Fixes https://github.com/owncloud/core/issues/14228
* options for timeout in seconds and if it contains HTML
* if timeout is 0 it will show the message permanently
* removes the notification after a given (default: 5 seconds) timeframe
* based on work by @brantje
* provide JS unit tests for notifications
Moved search result type translations to search.js
Load JS translations earlier
Translations need to be loaded earlier to make sure that some JS files
like search.js get access to translations at this time.
This requires the template initialization to be moved to after session
initialization, because only after the session we have access to the
current language.
Added addTranslations and fixed de.js file
Fixed de.js to use OC.L10N.register() and use to correct expected
format.
Added JS unit tests for OC.L10N class
Include translations JS script for all apps
- Added setup checks in JavaScript
- Moved isWebDAVWorking to JS using SetupChecks
- Moved internet connection checks to an ajax call that goes through the
server
Now using a natural sort algorithm that is more consistent between JS
and PHP (although not perfect in some corner cases)
- added OC.Util.naturalSortComparator that uses the same algo that was
used for the user list
- changed user list and files list to use OC.Util.naturalSortComparator
- removed toLowerCase() and changed the comparator to use
String.localeCompare()
- added unit tests
- added OC_NaturalSort that is used by OCP\Util::naturalSortCompare()
When using big session timeout values, the interval value might
overflow and cause the setInterval() call to ping the server in a loop
without any delay.
This fix adds a maximum ping interval of 24 hours.
Forward port of 00ec5fc193 from stable6.
Julius Haertl
Joas Schilling
Vincent Petry
Morris Jobke
Christoph Wurst
Simon Eisenmann
Thomas Pulzer
Faldon
Hendrik Leppelsack
Lukas Reschke
skjnldsv
Lukas Reschke
Robin McCorkell
Christoph Wurst
Christoph Wurst
Stefan Weil
Thomas Müller
Roeland Jago Douma
matthias-g
Joas Schilling
Jan-Christoph Borchardt
Bernhard Posselt
Daniel Hansson
Joas Schilling
Jörn Friedrich Dreyer
Clark Tomlinson
Bjoern Schiessle
Robin McCorkell
kondou
Robin Appelman