Arthur Schiwon
af91efd315
when downloading from web, skip files that are not accessible
...
* avoids a 403, but enables download of resources that are not restricted
* single file downloads still cause 403
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-12-19 13:05:10 +01:00
Julius Härtl
9e5d6114d5
Use files node API for single file downloads
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-12-19 13:05:09 +01:00
Christoph Wurst
723f017b12
Deprecate hooks, emitter and Symfony dispatcher mechanisms
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-11 10:04:36 +01:00
Roeland Jago Douma
47bc0cc8a8
Do not disable authentication apps
...
For #18249
If an app encounters an error during loading of app.php the app is
normally disabled. However. We should make sure that this doesn't happen
for authentication apps (looking at your user_saml).
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-10 12:02:16 +01:00
Christoph Wurst
5bf3d1bb38
Update license headers
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-05 15:38:45 +01:00
Roeland Jago Douma
68748d4f85
Some php-cs fixes
...
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-22 20:52:10 +01:00
Christian Oliff
417fd12d3a
HTTPS link to https://en.wikipedia.org/wiki/Server-sent_events
...
prevents a redirect
2019-11-15 16:19:28 +09:00
Arthur Schiwon
af6c788efc
pass through ServerNotAvailableException on app init
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-11-14 17:20:14 +01:00
Roeland Jago Douma
c0398e9a38
Merge pull request #17830 from nextcloud/global-quota-return-quota
...
actually return the quote when getting global storage info
2019-11-07 23:53:04 +01:00
Arthur Schiwon
f9bfd48e12
switch to Files Node API for zip generation
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-11-07 09:45:23 +01:00
Robin Appelman
5df98d7265
actually return the quote when getting global storage info
...
prevents 'undefined' index errors when 'include external storage in quota' is enabled
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-06 10:18:47 +01:00
Roeland Jago Douma
e71f222082
Cleanup theming mess
...
* Do not do translations in the constructor. This gets called to early
so there is no user yet. Which means we can't obtain the locale. Which
means we store the wrong translation instance.
* Same for the theming app magic. Just use the parent call when needed.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-25 13:31:19 +02:00
Julius Härtl
a9c089064b
Deprecate TemplateManager
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-10-16 09:54:17 +02:00
Joas Schilling
ad7d13a87c
Print the error pages as error so we load less scripts and might be able to view it
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-09-16 19:38:43 +02:00
Roeland Jago Douma
b3f663b8aa
Merge pull request #16859 from PhrozenByte/patch-1
...
Add IAppManager::getAppWebPath()
2019-09-09 12:20:27 +02:00
Daniel Rudolf
2d56664e35
Improve usage of IAppManager::getAppWebPath()
...
Deprecate \OC_App::getAppWebPath() and \OC_App::getAppPath()
Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
2019-09-05 18:35:40 +02:00
Samuel CHEMLA
94eb77a535
Fix sanity checks #16963
...
Signed-off-by: Samuel CHEMLA <chemla.samuel@gmail.com>
2019-09-01 22:27:08 +02:00
Joas Schilling
92862c51f5
Always check via http and https whether htaccess is working
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-23 14:33:58 +02:00
Joas Schilling
810ee7d811
Make the auto-disabled list more broad
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-15 11:12:45 +02:00
Arthur Schiwon
d0409548c6
instead of upsert, fallback to default query on PgSQL <= 9.4
...
because there is no upsert yet
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-08-14 09:05:11 +02:00
J0WI
1b074f48d8
Remove duplicated spaces
...
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2019-08-11 20:11:50 +02:00
J0WI
3f2932c75a
Sort headers
...
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2019-08-11 20:11:50 +02:00
J0WI
76cbd7db6e
Add X-Frame-Options header to .htaccess
...
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2019-08-11 20:11:49 +02:00
Roeland Jago Douma
323f40a493
Merge pull request #16461 from nextcloud/fix/noid/pgsql-version
...
fixes the check for postgresql
2019-07-26 12:32:04 +02:00
Arthur Schiwon
8b1126e6d2
fixes the check for postgresql
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-18 18:34:10 +02:00
Morris Jobke
605d0874a4
Removes unused OC_API::register
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-18 11:27:09 +02:00
Joas Schilling
9d121985dc
Merge pull request #15540 from nextcloud/bugfix/noid/prevent-faulty-logs-from-nested-setupFS-calls
...
Prevent faulty logs from nested setupFS calls
2019-06-21 12:00:22 +02:00
Christoph Wurst
7d1fc2b8e8
Fix missing login hook wih Apache/SAML
...
Without this patch the hook does not transport the information whether the login is
done with an app password or not. The suspicious login app requires the parameter
to function correctly, hence adding it will make suspicious login detection also possible
with SAML users.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-06-11 07:29:00 +02:00
Joas Schilling
22fa6421e5
Prevent faulty logs from nested setupFS calls
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-05-15 10:22:51 +02:00
Morris Jobke
361836675c
Show supported apps in app management
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-13 13:36:02 +02:00
Morris Jobke
f095bd1642
Use non-absolute logout URL to fix wrong URL in reverse proxy scenario
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-08 18:02:00 +02:00
Roeland Jago Douma
3b1e16458d
Forbid eval on legacy responses
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-04-09 09:58:23 +02:00
Roeland Jago Douma
769cb629ae
allow enforcing apps to ignore the max version
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-20 15:16:11 +01:00
Joas Schilling
c6a69ba925
Remove the upload and memory setting
...
* Remove unneeded private method phpFileSize()
* Bump autoloader
* Remove setUploadLimit tests
* Remove integrity check hacks for upload limit
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-04 12:14:22 +01:00
Joas Schilling
0c77cd21f9
Make sure maintenance mode is always casted to bool
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-02-22 08:25:41 +01:00
Roeland Jago Douma
65964a537a
Move jquery.ocdialog.scss to bundle
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-14 13:38:24 +01:00
Roeland Jago Douma
ea951136d1
Move jquery-ui-fixes to bundle
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-14 13:31:49 +01:00
Roeland Jago Douma
a498b72dec
Move the contactsmenu handlebars templates to the bundle
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-04 10:56:52 +01:00
Roeland Jago Douma
f1b0332920
Do not try to load js moved to bundle
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-01 10:39:47 +01:00
Morris Jobke
5fe151f7c4
Merge pull request #13927 from nextcloud/remove-dead-code
...
Don't call apc_delete_file and apc_clear_cache anymore
2019-02-01 10:17:55 +01:00
Daniel Kesselberg
9104e028a3
Remove deleteFromOpcodeCache & clearOpcodeCache
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-01-30 17:36:14 +01:00
Daniel Kesselberg
1638f89e89
Don't call apc_delete_file and apc_clear_cache anymore
...
There is no apc for PHP7+ so there is no need to check if exist.
accelerator_reset looks even more ancient.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-01-30 16:28:47 +01:00
Robert Dailey
a170bf80ec
Improve data directory write checking for NFS mounts
...
If `is_writable()` fails, fall back to logic that attempts to create a file
and then checks if it exists. If this check fails, an error occurs as it
did before.
Discussion on this solution was found here:
https://help.nextcloud.com/t/write-errors-for-nfs-mount/23328
Fixes #7124
Signed-off-by: Robert Dailey <rcdailey@gmail.com>
2019-01-24 20:39:52 -06:00
Roeland Jago Douma
e3de4edc51
Urlencode the requesttoken
...
Followup of #13757
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-23 16:16:31 +01:00
Roeland Jago Douma
ebd9f30d85
Request plain logout url
...
By requesting the plain logout url we allow it to be properly cached by
the caching router. We just add the requesttoken manually.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-23 14:06:03 +01:00
Christoph Wurst
83068c39e5
Update select2, include css
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-01-09 15:02:01 +01:00
Christoph Wurst
1e80259051
Remove core.js
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-01-09 15:02:00 +01:00
Christoph Wurst
208788173d
Npmize (vendor) scripts
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-01-09 15:01:59 +01:00
Daniel Kesselberg
5ee6e5b8c6
Use OC_Util::getVersion instead of getSystemValue
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-12-07 11:42:12 +01:00
Daniel Kesselberg
6016d45ca9
Use version to generate docversion
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-12-07 11:42:12 +01:00
Morris Jobke
ea6ea7f4c3
PHP module is named mbstring
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-12-04 17:22:11 +01:00
Peter Kraume
79b8703f29
Set Referrer-Policy also in addSecurityHeaders()
...
Fix : #12689
Signed-off-by: Peter Kraume <peter.kraume@gmx.de>
2018-11-27 16:39:06 +01:00
Christoph Wurst
1b85ef4bf2
Fix string doc type casing
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-11-15 11:57:05 +01:00
Joas Schilling
ea21aa3f7a
Use numeric placeholders if there are multiple, so that RTL languages can operate better
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-09 14:32:14 +02:00
Morris Jobke
db345e4c6d
Deprecate unused, private OC_Helper::linkToPublic
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-08 18:29:52 +02:00
Morris Jobke
7971ba5cc6
Merge pull request #10898 from nextcloud/feature/10684/default-logo-color-theme-colors
...
Switches the default logo color depending on the primary color
2018-10-08 10:33:22 +02:00
Morris Jobke
e0ed64366c
Merge pull request #11613 from nextcloud/add-missing-throw-statement
...
add missing throw statement to doc block
2018-10-04 16:28:08 +02:00
Bjoern Schiessle
1d4a80f37d
add missing throw statement to doc block
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-04 15:23:07 +02:00
Morris Jobke
cdb3ffb293
Remove unused code in legacy classes
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-03 22:07:51 +02:00
Michael Weimann
d855c38e07
Moves the logo files to logo
...
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-10-02 08:37:54 +02:00
Daniel Kesselberg
d4dec43f8f
Dont use find to lookup binaries
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-29 20:25:19 +02:00
Roeland Jago Douma
c9e93b8084
Compile contactmenu handlebars templates
...
Fixes #11029
For https://github.com/orgs/nextcloud/projects/18
Ship the compiled handlebars templates. This makes it possible to have a
scricter CSP.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-27 20:33:58 +02:00
Bjoern Schiessle
bb86a8ca36
add back-end as parameter to the pre-login hook
...
This is needed for the Global Scale setup to allow the master
node to perform different operations during login, depending
on the user management. Because in case of SAML, the authentication
at the idp happens at the master node.
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-09-14 17:23:06 +02:00
Robin Appelman
be9ab8b879
also catch exceptions when loading apps
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-24 17:16:54 +02:00
Daniel Kesselberg
bfa49410a2
Drop support for xcache
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-08-12 17:14:08 +02:00
Roeland Jago Douma
c74a5250e5
Check if HTTP_USER_AGENT is set before using it
...
Sentry reported some errors regarding this. Apparently not everybody
sets a user agent. If it is not set we assume this is not IE ;)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-08-08 13:32:03 +02:00
Morris Jobke
7eb74186ef
Merge pull request #8380 from nextcloud/bugfix/noid/reenable-disabled-apps
...
Re-enable apps that got automatically disabled while updating
2018-07-25 11:37:10 +02:00
John Molakvoæ (skjnldsv)
da0bdd1391
Design structure fixes
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-07-21 16:09:13 +02:00
Morris Jobke
e0d9c43c95
Merge pull request #8188 from arnowelzel/master
...
Avoid error messages for restricted opcache API
2018-07-20 11:48:44 +02:00
John Molakvoæ (skjnldsv)
a24cad1a1c
Fix accessibility invert
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-07-19 08:16:58 +02:00
Morris Jobke
478b95cc20
Try to not run into the white page of death and still log something in the web server error log
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-06-29 11:22:05 +02:00
Morris Jobke
b0a296e2e1
Do not use HTTP code OC_Response constants anymore
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-06-26 16:14:15 +02:00
Morris Jobke
79d9841bce
Replace hardcoded status headers with calls to http_response_code()
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-06-26 16:14:15 +02:00
Morris Jobke
1399f6bece
Server exception error pages by default with a 500 status code
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-06-26 11:44:24 +02:00
Morris Jobke
8c155cd51c
Server error/hint pages with a 500 error code to avoid it being seen instead of the actual resource
...
* found while reviewing #7205
* allow to specify a special status code
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-06-26 11:44:24 +02:00
Eric Masseran
a34f70ce0a
Change status code when config is write protected
...
Add hint msg, you can make config file read only
If the config.php is not writable, print an error message: #6893
- set config writable
- or set option to keep it read only
Signed-off-by: Eric Masseran <rico.masseran@gmail.com>
2018-06-26 09:36:17 +02:00
Joas Schilling
4b49f810b7
Re-enable apps that got automatically disabled while updating
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-06-26 09:15:52 +02:00
Roeland Jago Douma
8ebc3d90a0
Merge pull request #9518 from nextcloud/feature/5986/public_share_controller_middleware
...
Public share middleware & controller
2018-06-21 10:09:20 +02:00
John Molakvoæ (skjnldsv)
71ce8f3107
Split css variables and fix url variables
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-06-20 19:17:06 +02:00
Roeland Jago Douma
366981fba6
Move public preview endpoint over
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-20 08:53:37 +02:00
John Molakvoæ (skjnldsv)
21441fad9b
Added new search standard
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-06-19 23:53:20 +02:00
John Molakvoæ (skjnldsv)
e5f08620d4
Better design for core search, fixes and style to scss
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-06-19 23:53:19 +02:00
Julius Härtl
b4a7be20c8
Properly clear cache
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-06-06 11:40:09 +02:00
Julius Härtl
1a034ce699
Implement update functionality
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-06-06 11:40:09 +02:00
Roeland Jago Douma
f7b518fdbf
Get correct version of an app
...
Related to #8929
We should get the version of the app. Not of the appfolder. Else there
is no way to properly compare the versions.
Now note that installing in 1 go will still fail. But at least on the
next page load the new version will be properly detected.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-03 08:22:03 +02:00
Roeland Jago Douma
db96b0bb0b
Make it possible to make external storages read only
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-01 15:18:56 +02:00
Arthur Schiwon
38a90130ce
move log constants to ILogger
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-26 10:45:52 +02:00
Robin Appelman
46d0d0cda1
fix appinfo parsing when a single localized option is provided
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-04-17 11:14:03 +02:00
Daniel Calviño Sánchez
90fdf83ca7
Use zip32 only if there are less than 65536 files
...
A zip32 file can contain, at most, 65535 files (and folders), so take
that constraint into account.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-04-06 15:59:30 +02:00
Roeland Jago Douma
4a73f645e5
Use zip32 if possible
...
* OSX doesn't handle 64zip that well
* Some other implentations don't handle it perfectly either
* If the file is belog 4GiB (some overhead) => zip32
* This covers the 99% case I bet
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-04-06 15:59:30 +02:00
Roeland Jago Douma
b2e34167eb
Merge pull request #8976 from nextcloud/dep_user_code
...
Remove deprecated functions from OCP\User
2018-03-28 08:23:57 +02:00
Roeland Jago Douma
1e13b3a8fa
Merge pull request #8994 from nextcloud/deprecate-theme-sync-clients
...
Deprecate theme sync clients
2018-03-28 08:23:16 +02:00
Julius Härtl
cf4d27b115
Use customclient_* values by default and do not use them in custom themes anymore
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-03-26 19:26:36 +02:00
Roeland Jago Douma
91cc44a4e6
Remove deprecated OC_Group_Backend
...
* Private class
* Has been deprecated since NC10
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-26 14:19:04 +02:00
Roeland Jago Douma
7ebd96416c
Remove deprecated OCP\User::getDisplayname
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-25 20:42:03 +02:00
Roeland Jago Douma
6c8caa1641
Remove deprecated \OCP\User::getUsers
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-25 20:33:24 +02:00
Morris Jobke
f843b7edfe
Merge pull request #8506 from nextcloud/use-appmanager
...
Use isInstalled of AppManger instead of reimplement it
2018-03-22 09:55:19 +01:00
Morris Jobke
78211a58e6
Remove unused methods of OC_Json
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-03-21 14:36:34 +01:00
Morris Jobke
514de5dfa1
Use isInstalled of AppManger instead of reimplement it
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-03-21 11:34:18 +01:00
Roeland Jago Douma
68871caf3c
Remove unused private function
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-19 11:32:10 +01:00