Christoph Wurst
dfb4d426c2
Add two factor auth to core
2016-05-23 11:21:10 +02:00
Thomas Müller
60bafcda73
Fix #24655
2016-05-17 20:43:02 +02:00
Christoph Wurst
d8cde414bd
token based auth
...
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
2016-05-11 13:36:46 +02:00
Thomas Müller
7aca13f14c
Allow login by email address
2016-05-02 14:51:01 +02:00
Thomas Müller
739dfb5c66
Suggest cli based updater in case the instance is bigger - #23913
2016-04-18 17:09:21 +02:00
Lukas Reschke
fee95084ae
Rename `username` to `loginName`
...
UID and login name are two different things.
2016-04-15 19:02:19 +02:00
Lukas Reschke
331e4efacb
Move login form into controller
...
First step on getting the authorisation stuff cleaned up. This is only for the login form, all other stuff is still where it is.
2016-04-15 17:36:23 +02:00
Thomas Müller
fdee771aca
Add unit testing capabilities for templates ( #23708 )
...
Add unit testing capabilities for templates
2016-04-12 12:49:11 +02:00
Morris Jobke
22898fa107
Use proper shortcut methods in templates
2016-04-06 10:25:04 +02:00
Morris Jobke
1f7e02e4d4
Add detailed logs hidden and show them on request
2016-04-04 12:34:18 +02:00
Thomas Müller
1bf4c75e8b
Show individual sql schema migration steps during upgrade - on web as well as on the command line
2016-04-04 12:34:18 +02:00
Stefan Weil
62a5952a72
core: Fix typos (found by codespell)
...
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2016-04-04 10:57:17 +02:00
C. Montero Luque
0393e80c7c
Merge pull request #16857 from owncloud/printStylesheets
...
Support for print stylesheets
2016-03-31 22:13:44 +02:00
Lukas Reschke
6ad957906e
Consistently use rel=noreferrer
...
When linking to external entities we should consistently use rel=noreferrer
2016-03-20 15:27:20 +01:00
Daniel Aleksandersen
7a45f05ed5
Stupid clients only literally understand rel="icon"
...
rel="shortcut icon" hasn’t been relevant in years, isn’t in any
standards, and causes problems for simple pattern matching clients.
https://www.w3.org/TR/html/links.html#linkTypes
2016-03-08 21:09:34 +01:00
Vincent Chan
06b2f11e57
refactoring code
2016-02-10 15:28:14 +01:00
Vincent Chan
e7859f705c
Remember previous state of remember login checkbox
...
fixes #22205
2016-02-10 12:37:38 +01:00
Lukas Reschke
abc675d87e
Move update notification code into app
...
Moves the update notification code in a single app. This is required since we want to use SSO for the new updater and for this have some code running in ownCloud as well (and we don't want that in core neccessarily). This app can provide that in the future, right now it's only the update notification itself. Will continue working on the SSO right away but wanted to keep the PR small.
Furthermore also makes some more code unit-testable...
2016-02-09 18:05:51 +01:00
Vincent Petry
3b581b051f
Expose display name in JS side
...
Adds a new method `OC.getCurrentUser` to get both the user id and
display name Could be used for a future Js
2016-02-02 18:01:15 +01:00
Morris Jobke
75e6734ef4
Remove OC_Helper::imagePath and use the proper public interface
2016-01-24 18:04:20 +01:00
Morris Jobke
d6a63016ae
move lost controller to core/controller
...
* lostpassword.css is unneeded since #11696 is merged - 1b50d4f7ce
* js is already in core/js
* css is moved to core/css/lostpassword
* template is moved to core/templates/lostpassword
2016-01-20 10:42:19 +01:00
Hendrik Leppelsack
99b9ec41c1
support print stylesheets
2016-01-13 15:12:11 +01:00
Roeland Jago Douma
7e44ea5da0
Remove deprecated function OC_User::getManager
...
Private deprecated function => removed
Replaced all instances with suggested replacement
2015-12-17 16:18:34 +01:00
Roeland Jago Douma
19eeb23b91
OC_Helper::linkTo is deprecated
...
Replaced with suggested (and calling body of)
2015-12-17 10:53:21 +01:00
Lukas Reschke
4b293dffe5
Use \OCP\Util::sanitizeHTML instead of \OC_Util::sanitizeHTML
2015-12-08 08:56:47 +01:00
Joas Schilling
f8f3c9ecf9
Remove password reset when the user can not change the password
2015-12-07 15:14:19 +01:00
Lukas Reschke
f3e9106864
Don't trust update server
...
In case the update server may deliver malicious content this would allow an adversary to inject arbitrary HTML into the response. So very bad stuff.
While signing the response would be better and something we can also do in the future (considering the code signing work), this is already a good first start.
2015-11-28 12:21:53 +01:00
Jan-Christoph Borchardt
cd88854369
update page: fix heading whitespace and unbold less important sections
2015-11-25 13:16:00 +01:00
Jürgen Weigert
b167eb743f
Update untrustedDomain.php
2015-11-12 14:33:59 +01:00
Thomas Müller
2e8d8bf4ef
Merge pull request #20236 from maprambo/safari-pinned-tab-icon
...
added Safari tabbed pin icon
2015-11-09 11:12:38 +01:00
Thomas Müller
164f4d7d37
Merge pull request #18039 from owncloud/favicon-up-to-ie10
...
Add favicon for IE8-10
2015-11-06 14:51:24 +01:00
Jan-Christoph Borchardt
93f9577258
do not bold header of update screen
2015-11-05 16:36:37 +01:00
maprambo
edb1fee610
Added Safari tabbed pin icon
...
Added the necessary code and a black and inverted version of the favicon/ touch icon in svg format
2015-11-04 19:31:17 +01:00
Morris Jobke
069ed71dbe
Add favicon for IE 8+
2015-11-03 14:24:20 +01:00
Hendrik Leppelsack
cf0ebfc7aa
don't validate searchbox
2015-11-03 10:10:52 +01:00
Thomas Müller
053effaa51
Merge pull request #20220 from owncloud/keep-search-open
...
Keep searchbox open if it is in action
2015-11-02 13:58:10 +01:00
Hendrik Leppelsack
9669a2be78
keep searchbox open if it is in action
2015-11-02 12:14:54 +01:00
Joas Schilling
f04151f69b
Close the user menu when clicking it again
2015-11-02 10:09:13 +01:00
Thomas Müller
6911d8f0a4
Merge pull request #20175 from owncloud/login-arrow
...
remove unneeded icons from input fields to not distract from submit button, fix #18940
2015-10-30 15:56:13 +01:00
Jan-Christoph Borchardt
a05ea0fb1e
remove unneeded icons from input fields to not distract from submit button, fix #18940
2015-10-30 11:11:37 +01:00
Stephen Colebrook
6feb31bf96
Allow separate templates for internal and external share notifications
2015-10-29 10:24:24 +01:00
Jan-Christoph Borchardt
aed9b2a626
change wording from 'remember' to more understandable 'Stay logged in'
2015-10-23 10:44:41 +13:00
Vincent Petry
bf2a876094
Fix login arrow in login page
2015-09-29 17:13:10 +02:00
Hendrik Leppelsack
c23cac3322
fix login
2015-09-25 00:51:39 +02:00
Thomas Müller
ac8da41ccd
Merge pull request #18709 from owncloud/cleanup-login-semantics
...
Pushes input inside the bottom group - login.
2015-09-21 16:08:48 +02:00
Thomas Müller
7ff12d74d9
Merge pull request #17998 from owncloud/highres_avatar
...
Highres avatar in top bar
2015-09-16 22:03:11 +02:00
Hendrik Leppelsack
88bc478055
use label:before instead of label
2015-09-16 09:06:05 +02:00
Raghu Nayyar
7ccd02ec95
Fixes white and black checkboxes in core, files will be next.
2015-09-16 09:06:05 +02:00
Roeland Jago Douma
c39db52cfa
Use srcset to select best avatar size
...
* Allow the browser to select the best available avatar for the screen
2015-09-14 12:58:45 +02:00
Raghu Nayyar
1d9128c557
Squashing all commits in one, remove typos.
2015-09-12 15:24:56 +05:30
Lukas Reschke
436c149fbb
Prevent referer from being sent
...
Nice hardening for enhanced privacy. Especially useful when using embedded viewers such as files_pdfviewer.
2015-09-09 18:07:43 +02:00
Jan-Christoph Borchardt
acc9fa49fc
use SVG for toggle image instead of PNG, fix installation and personal settings toggle
2015-09-03 11:49:28 +02:00
Christoph Wurst
ba9457264f
add title attribute for the login button
2015-09-02 12:32:16 +02:00
Jan-Christoph Borchardt
cea3247d49
show feedback spinner for log in process
2015-08-27 21:08:46 +02:00
Jan-Christoph Borchardt
2a935f1b47
move log in button into fields and use icon instead of text
2015-08-27 20:52:47 +02:00
Morris Jobke
40b1054530
Merge pull request #18254 from owncloud/mitigate-breach
...
Add mitigation against BREACH
2015-08-24 09:14:27 +02:00
Jan-Christoph Borchardt
f21cf516da
fix wording of update header
2015-08-20 12:59:13 +02:00
Morris Jobke
06d8edd963
Merge pull request #17434 from owncloud/update-showappnameonappupdate
...
Display app names in update page for app updates
2015-08-20 11:50:01 +02:00
Vincent Petry
a2674b2b30
Additions to update page
...
Apps to update and to disable will always be shown.
Main title changes only when apps need updated, not core.
Added bullet style.
Exclude incompatible apps from updated apps list.
2015-08-20 11:14:30 +02:00
Vincent Petry
b919ae96f0
Display app names in update page for app updates
...
Whenever the update page is displayed for apps, show app names instead
of the core update text.
2015-08-19 18:03:35 +02:00
Lukas Reschke
df2ce8a075
Remove search box $_POST since it is unused
2015-08-14 01:31:32 +02:00
Jan-Christoph Borchardt
e16cf0c45f
more understandable 'Wrong password' feedback
2015-08-12 18:43:09 +02:00
Thomas Müller
aff11d7a79
Merge pull request #17966 from owncloud/remove-mssql
...
Remove remainings of mssql
2015-07-29 22:59:31 +02:00
Thomas Müller
5ed38a75d6
Remove remainings of mssql
2015-07-29 18:19:31 +02:00
Jan-Christoph Borchardt
0b27bcba76
add theme-color for better Android browser integration
2015-07-29 18:16:01 +02:00
Brewal
eac117fc8f
Changed a p element by a div
...
A p element cannot contain a div element (here `<div style="clear: both;"></div>`). It should be change by a div element to fits standards.
2015-06-08 15:22:52 +02:00
Jan-Christoph Borchardt
78a0464354
replace logo-wide on share page as well with better icon + text
2015-05-22 00:04:47 +02:00
Morris Jobke
176b9674d2
Add hint about additional PHP database modules
...
* fixes #16391
2015-05-18 22:59:35 +02:00
Morris Jobke
cd516eedcd
Use OC.Notification for update notifications
...
* instead of a static rendering inside PHP use the
JS OC.Notification.showTemporary to hide the
notification after 7 seconds automatically
* fixes #14811
2015-05-03 17:26:03 +02:00
Jörn Friedrich Dreyer
8964c5068c
do not disclose information, show generic error on login page
...
Conflicts:
core/templates/login.php
lib/base.php
2015-04-10 09:12:37 +02:00
Jan-Christoph Borchardt
dd7e519cda
add link to installation documentation to setup page
2015-04-09 11:39:46 +02:00
Lukas Reschke
0816cf9142
Add experimental applications switch
...
Allows administrators to disable or enabled experimental applications as well as show the trust level.
2015-04-03 13:21:24 +02:00
Volker E
f4502b4670
fixing #15344 - `title` has no added value here (not on screen readers not for robots)
2015-04-01 21:10:48 +02:00
Morris Jobke
1a06f8df57
add title to entries in app menu
2015-04-01 09:10:19 +02:00
Jan-Christoph Borchardt
cd88ddddaf
fix accessibility of ownCloud logo and navigation entries, fix #15013g
2015-03-26 10:31:00 +01:00
Morris Jobke
e07a2fd8a2
Merge pull request #15012 from Volker-E/master
...
fixing #15011 by adding ARIA roles where distinct
2015-03-24 12:07:26 +01:00
Volker E
599ee5ce4e
fixing #15023 , getting comments out of HTML output
2015-03-21 07:10:46 +01:00
Robin Appelman
2df20aaffb
show exception type in debug mode
2015-03-20 03:51:21 +01:00
Volker E
0e4d52f9d2
fixing #15027 , cleaning up obsolete IE5-7 workaround code
2015-03-19 09:10:58 +01:00
Volker E
0d0c73cf2b
fixing #15011 by adding ARIA roles where distinct
2015-03-18 19:29:15 +01:00
Volker E
790324b313
addressing #14984 removing redundant type attributes
2015-03-18 05:33:17 +01:00
Volker E
4c46d0c46c
addressing #14983 obsolete Google Chrome Frame
2015-03-18 02:11:47 +01:00
Volker E
6ad76b5cc2
addressing #14982 self-closing tags ending slash doesn't have a purpose & should be removed
2015-03-17 23:57:23 +01:00
Volker E
25b77159c4
adressing #14979 meta charset declaration should be first in head
2015-03-17 23:36:05 +01:00
Volker E
e8c99a60ec
addressing #14978 - remove html root classes targeting IE6/IE7
2015-03-17 23:16:42 +01:00
Volker E
f3cd552797
addressing #14978 - remove html root classes targeting IE6/IE7
2015-03-17 22:35:20 +01:00
Roeland Jago Douma
1a0f9c375b
Avatar controller moved to AppFrameWork
...
* Original avatarcontroller migrated to the appframework
* Added DataDisplayResponse that show data inline in the browser (used
to retrun the image)
* Removed some unneeded code
* Added unit tests for the avatarcontroller
2015-03-11 16:37:42 +01:00
Joas Schilling
0f09989824
Maintenance mode message might be misleading
2015-03-02 09:51:25 +01:00
Lukas Reschke
8818165e07
Fix avatars in master
2015-02-27 12:03:58 +01:00
Jan-Christoph Borchardt
83bc951630
Merge pull request #12213 from sebomoto/add-loadfeedback
...
Add loadfeedback
2015-02-18 19:42:18 +01:00
Lukas Reschke
20d57c8bfe
Remove Null Byte Check
...
This is not relevant anymore since we require PHP 5.4
2015-02-17 14:19:20 +01:00
Lukas Reschke
c6705ab574
Merge pull request #13890 from owncloud/add-no-referrer
...
Add `rel="noreferrer"` where possible and switch to HTTPS
2015-02-16 14:36:44 +01:00
Lode Hoste
27b35500a7
Disable application-specific favicons for non-user pages
2015-02-11 20:09:03 +01:00
Joas Schilling
4172ba48d4
Deduplicate template code and do not translate the links
2015-02-09 16:01:52 +01:00
Morris Jobke
b05e4e085c
Merge pull request #13435 from Zillode/app-favicon
...
Allow application-specific favicons
2015-02-07 13:29:18 +01:00
cmeh
6abb28e2a6
Update installation.php
...
In line 161, "SQLite" has now the same capitalisation as in line 159.
2015-02-06 11:19:56 +01:00
Thomas Müller
d748368ecb
Don't highly discourage
2015-02-05 17:21:10 +01:00
Sebastian Bolt
7ffd2557ff
changed image to classed div for spinner animation
2015-02-04 22:27:38 +01:00
Thomas Müller
f86c73c9f6
enhance sqlite warning on admin page as well as during setup - fixes #13906
2015-02-04 20:55:54 +01:00
Lukas Reschke
b432ea29c9
Add `rel="noreferrer"` where possible and switch to HTTPS
...
Just to follow good practise and prevent some automated scanners to complain about "Cross-domain Referer leakage".
2015-02-04 16:25:37 +01:00