Commit Graph

474 Commits

Author SHA1 Message Date
Robert Scheck 25a2cb8c6e Only request "IndexIgnore" if mod_autoindex is loaded
Signed-off-by: Robert Scheck <robert@fedoraproject.org>
2017-02-20 13:09:15 +01:00
Morris Jobke c5dffc465c Merge pull request #3472 from nextcloud/enable-avatars-always
Always enable avatars
2017-02-14 09:22:02 -06:00
Morris Jobke 200a28255e
Always enable avatars
* we introduced this setting in the begining because our
  avatar support caused some performance issues, but we
  fixed them and should only provide one way how Nextcloud
  looks

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-13 17:53:33 -06:00
Morris Jobke fa684c0ef0
Add comment about log.condition
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-13 15:32:57 -06:00
Robin Appelman 8c1ed7507a
Add option to enable locking debug logging
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-02-13 15:03:46 +01:00
Morris Jobke 2a6006b927
Fix config.sample.php
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-01-30 16:52:30 -06:00
Joas Schilling 05884bcd7c Merge pull request #3178 from nextcloud/default-value-logdateformat
fix default value for logdateformat
2017-01-27 12:08:57 +01:00
Morris Jobke a13ea677ed
add comment about ISO 8601 and PHP 🙈
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-01-23 13:39:08 -06:00
Morris Jobke 2316083256
fix default value for logdateformat - fixes #3107
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-01-19 20:08:15 -06:00
Morris Jobke 12e3b357d4
Fix default of mail_smtpmode - fixes #3102
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-01-19 19:59:53 -06:00
Morris Jobke 61d4198ae1 Merge pull request #3133 from nextcloud/j-ed-master
added parameter default values
2017-01-18 15:03:39 -06:00
Stefano Probst 9df58081d6 Fix style in comment
Add missing grave accent to fix the highlighting in the documentation.
2017-01-18 16:39:44 +01:00
j-ed cd84cba32b
added parameter default values
based on a source code analysis (looking for getSystemValue() function) I added the default values of the prameters

Update config.sample.php

replaced three backticks by two.

applied various fixes

- removed default value for 'objectstore' because it has not default value.
- removed default value for 'tempdirectory' because it is unset.
- changed default value for 'theme' to "Defaults to the theming app which is shipped since Nextcloud 9"
- fixed typo in default value of 'minimum.supported.desktop.version', after double-checking the version
  number in /apps/dav/lib/Connector/Sabre/BlockLegacyClientPlugin.php:71.

Signed-off-by: Juergen Edner <juergen@eisfair.org>
2017-01-17 18:29:38 -06:00
Joas Schilling bf043deba3
Kill APC because it requires PHP 5.4
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-05 10:58:34 +01:00
Felix A. Epp 98bdef8d83 Cahnge URL for desktop clients directly to pop-up
by adding `/#install-clients` to the URL

Signed-off-by: Felix A. Epp <work@felixepp.de>
2016-12-08 12:40:52 +01:00
Morris Jobke 7aa510b2f0
Document updater channel & check for correct PHP version in updater
* see https://github.com/nextcloud/updater/issues/53

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-12-06 00:19:13 +01:00
Felix Epp 1614b310ef Add system config htaccess.IgnoreFrontController for prettyURLs w/o mod_env
Added the system config which sets all conditions to true that query the
FrontControllerActive mod_env variable.

Signed-off-by: Felix A. Epp <work@felixepp.de>
2016-11-16 22:28:49 +01:00
Jörn Friedrich Dreyer 4a9361905d
make object prefix configurable 2016-11-14 15:10:56 +01:00
Lukas Reschke 32cf661215
Use new appstore API
This change introduces the new appstore API in Nextcloud.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-31 17:17:44 +01:00
Thomas Müller 1f90949e66
Set 2.0.0 as minimum requirement for the desktop client in config.sample.php 2016-10-25 18:03:19 +02:00
Morris Jobke cc28f82b36
Add config option to update charset of mysql to utf8mb4
* fully optional
* requires additional options set in the database
2016-10-19 00:15:01 +02:00
Joas Schilling 615b69677e
Use the same URL everywhere
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-09-27 14:52:22 +02:00
Joas Schilling 0cec06d0c8
Change updater URL 2016-09-08 12:30:17 +02:00
Joas Schilling 4ad0c383ad Merge pull request #523 from Faldon/master
Renamed file logging
2016-07-25 11:41:24 +02:00
Thomas Pulzer ba3f4f118e Changed logtype to file instead of owncloud.
- Updated the config sample to point to log_type='file'
- Renamed the Class for logfile logging to File in namespace 'OC\Log\'.
  Changed the occurrences of 'OC\Log\Owncloud' to 'OC\Log\File'.
- Renamed the Class for log:file command to File in namespace 'OC\Core\Command\Log\File'.
  Changed registration of the command to use 'OC\Core\Command\Log\File'.
- Changed default Syslog tag to Nextcloud
- Retained backwards compatibility for configs with 'logtype' => 'owncloud'

- Adjusted tests for the new file log.

Closes #490.
2016-07-22 11:44:19 +02:00
Joas Schilling 04b5cb849e
Fix typo 2016-07-22 09:55:38 +02:00
Joas Schilling 9c6c902220
Make the changes from 6ccd2c5678 persistant 2016-07-21 12:26:48 +02:00
Lukas Reschke ba4f12baa0
Implement brute force protection
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Roeland Jago Douma 72464f1ce4
Remove asset pipelin
Fixes #215

The asset pipeline has shown to do more harm than good. Some apps fail
hard with it. Also it makes sure that you download a huge file on each
unvisited page.
2016-07-15 20:14:11 +02:00
Joas Schilling bb287c0036
Fix warnings from building docs 2016-07-13 14:30:50 +02:00
Lukas Reschke c8ba8f637e Merge pull request #314 from jernst/master
Allow wildcard * to be used in trusted domains
2016-07-07 19:34:11 +02:00
Johannes Ernst c2309f1bcd Extended documentation on trusted_domains to cover ports and wildcards. 2016-07-07 16:23:20 +00:00
Morris Jobke 68b03a0eab Fix config sample text 2016-07-06 08:59:38 +02:00
Thomas Pulzer 90b7f74da7 Changed name of default logfile from owncloud.log to nextcloud.log. 2016-07-04 11:50:32 +02:00
Patric Lenhart 46d6839914 replaced ownCloud by Nextcloud in config sample 2016-06-20 20:00:18 +02:00
= 60f4f99002 revise updater.server.url to reflect nextcloud.org URL, also it's comment 2016-06-16 09:16:20 -04:00
Joas Schilling 1d2cdfb9fd
Fix URL for client downloads 2016-06-01 16:58:57 +02:00
Vincent Petry b5f455f5ac Merge pull request #24812 from owncloud/fkammer-enhancement-cache-folder-gc-ttl
Make chunk cache ttl configurable
2016-05-25 11:07:31 +02:00
Christoph Wurst a922957f76
add default token auth config on install, upgrade and add it to sample config 2016-05-24 18:02:52 +02:00
Vincent Petry 51b0036d8f
Changed labels of chunk TTL to mention chunks 2016-05-24 15:18:56 +02:00
Frederik Kammer 299520b322
Add config value for cache gc ttl 2016-05-24 14:55:26 +02:00
Carla Schroder 1f12551329 clarify filesystem_check_changes in config.sample.php 2016-05-23 09:25:51 -07:00
Joas Schilling 92c21fd6f4
Do not lock the cron anymore so we can have multiple workers 2016-05-21 01:59:25 +02:00
Lukas Reschke 52add798d4 Do not automatically try to enable index.php-less URLs (#24539)
The current logic for mod_rewrite relies on the fact that people have properly configured ownCloud, basically it reads from the `overwrite.cli.ur
l` entry and then derives the `RewriteBase` from it.

This usually works. However, since the ownCloud packages seem to install themselves at `/owncloud` (because subfolders are cool or so…) _a lot_ of people have just created a new Virtual Host for it or have simply symlinked the path etc.

This means that `overwrite.cli.url` is wrong, which fails hard if it is used as RewriteBase since Apache does not know where it should serve files from. In the end the ownCloud instance will not be accessible anymore and users will be frustrated. Also some shared hosters like 1&1 (because using shared hosters is so awesome… ;-)) have somewhat dubious Apache configurations or use versions of mod_rewrite from the mediveal age. (because updating is money or so…)

Anyhow. This makes this explicitly an opt-in configuration flag. If `htaccess.RewriteBase` is set then it will configure index.php-less URLs, if
admins set that after installation and don't want to wait until the next ownCloud version they can run `occ maintenance:update:htaccess`.

For ownCloud 9.0 we also have to add a repair step to make sure that instances that already have a RewriteBase configured continue to use it by copying it into the config file. That way all existing URLs stay valid. That one is not in this PR since this is unneccessary in master.

Effectively this reduces another risk of breakage when updating from ownCloud 8 to ownCloud 9.

Fixes https://github.com/owncloud/core/issues/24525, https://github.com/owncloud/core/issues/24426 and probably some more.
2016-05-12 09:43:26 +02:00
Jörn Friedrich Dreyer e03f9e8103 allow configuration of memcached options (#23729)
* allow configuration of memcache options

Use production values for memcached as explained in http://apprize.info/php/scaling/15.html

The current implementiation uses ascii based serialization. This PR should reduce traffic to the memcached server.

cc @MorrisJobke @FelixBoehm

* add config sample

* merge config options, throw hint on config error

* fix typo

* fix config sample
2016-05-11 19:38:00 +02:00
Lukas Reschke 8b428d84c0
Make update server URL configurable
Currently testing the updates is a big problem and not really super easy possible. Since we now have a new updater server we should also make this configurable so that people can properly test updates.
2016-05-09 11:25:58 +02:00
Roeland Douma 0c5f915377 Merge pull request #24054 from owncloud/data_fingerprint
Add data-fingerprint property
2016-04-19 14:24:27 +02:00
Lukas Reschke 51975d360a Merge pull request #24037 from owncloud/file_versions_default
link to file_versioning.rst
2016-04-18 21:13:30 +02:00
Thomas Müller 739dfb5c66
Suggest cli based updater in case the instance is bigger - #23913 2016-04-18 17:09:21 +02:00
Roeland Jago Douma 1fa13f666b
Add config text 2016-04-18 16:08:27 +02:00
Carla Schroder 912693af49 link to file_versioning.rst
which describes files_versions and config.php settings
backports to 8.2
2016-04-15 12:04:45 -07:00
Joas Schilling 04232cdcdb
Fix deprecated usages
Warning: -convert-to is deprecated.  Use --convert-to instead.
Warning: -outdir is deprecated.  Use --outdir instead.
2016-04-15 10:50:18 +02:00
Thomas Müller dc061bae42
Kill movable 3rdparty 2016-04-14 17:59:49 +02:00
Thomas Müller 91e73328b8 Document an example wait timeout for MySQL in case the web hoster is killing the connection too early - fixes #15407
This reverts commit e9a9af3493.
2016-04-12 15:10:39 +02:00
Thomas Müller e9a9af3493 Revert "Document an example wait timeout for MySQL in case the web hoster is killing the connection too early - fixes #15407"
This reverts commit acad7b30be.
2016-04-12 15:09:50 +02:00
Thomas Müller acad7b30be Document an example wait timeout for MySQL in case the web hoster is killing the connection too early - fixes #15407 2016-04-12 15:08:12 +02:00
Robin Appelman cdedda99e4 Make lock ttl configurable 2016-04-07 08:24:13 +02:00
Phil Davis 8e70351bda Minor grammar in config.sample.php
Fix this here in the source so it will propogate into the documentation.
Edit was already applied in https://github.com/owncloud/documentation/pull/2208 but needs to be done here at the source.
2016-03-03 04:31:57 +05:45
RealRancor 4a0d91a043 Add Versions app header to config.sample.php 2016-03-02 12:51:04 +01:00
Robin Appelman 49d3a7d0bb add config sample 2016-03-01 15:29:19 +01:00
Morris Jobke 0a66734416 Revert "setting to skip migration tests by default" 2016-02-03 12:59:47 +01:00
Thomas Müller 85174d8526 Merge pull request #22084 from owncloud/configphp-fixes
small corrections; Web is capitalized, webroot is one lowercase word
2016-02-03 11:35:43 +01:00
Carla Schroder 7d49bb6323 small corrections; Web is capitalized, webroot is one lowercase word 2016-02-03 10:06:44 +01:00
Morris Jobke 2e444e6e37 setting to skip migration tests by default
* if you install owncloud via package it is not
  possible to skip migration tests
* this also allows to disable migration tests for
  an instance by default
2016-02-03 09:08:27 +01:00
Vincent Petry 899f9bd113 Allow custom implementation of system tag managers
Added config.php option to replace the default implementation of system
tag manager and system tag object mapper.

Also adjusted the comments manager factory to inject the server container
2016-01-20 16:36:10 +01:00
Roeland Jago Douma 67b7ebccd1 [Share 2.0] Add share provider factory
* Add providers
* Add share manager to server container
* Use share manager from server container
* Properly get the share manager
2016-01-13 16:35:14 +01:00
Thomas Müller eac5d9fb3a Merge pull request #21336 from owncloud/system-root-certs
Allow admins to add system wide root certificates
2016-01-12 15:01:46 +01:00
Robin Appelman 0d0377ebfb Add a config option to enable certificate management 2016-01-12 12:58:45 +01:00
Morris Jobke 8b6b042ffd Add config switch to disable the .well-known URL check 2016-01-12 09:53:23 +01:00
Thomas Müller 71999ef820 Merge pull request #21139 from owncloud/makeswifturltypeconfigurable
make url type configurable
2016-01-08 12:34:58 +01:00
Robin Appelman 32fe3a7d5e remove mention of 'filesystem_check_changes' => 2 from the config sample 2016-01-07 08:57:15 +01:00
JohannesKleine c95d1b2625 Update config.sample.php
I corrected the word order.
2015-12-31 14:48:19 +01:00
blizzz 99e25cded9 enforce_home_folder_naming_rule cannot be configured in config.php 2015-12-16 21:50:47 +01:00
Jörn Friedrich Dreyer eae8500a86 make url type configurable 2015-12-11 10:19:28 +01:00
Arthur Schiwon 2ce2de0ae5 add icommentsmanger and icomment implementation
register CommentsManager service, allow override, document in config.sample.php

don't insert autoincrement ids in tests, because of dislikes from oracle and pgsql

specify timezone in null date

only accepts strings for ID parameter that can be converted to int

replace forgotten hardcoded IDs in tests

react on deleted users

react on file deletion

Postgresql compatibility

lastInsertId needs *PREFIX* with the table name

do not listen for file deletion, because it is not reliable (trashbin, external storages)

add runtime cache for comments
2015-12-09 14:34:23 +01:00
Joas Schilling 87bc02c6cd Allow specifying a custom reset-password-url 2015-12-07 15:41:40 +01:00
Lukas Reschke 2515cb17be Support pretty URLs
This changeset allows ownCloud to run with pretty URLs, they will be used if mod_rewrite and mod_env are available. This means basically that the `index.php` in the URL is not shown to the user anymore.

Also the not deprecated functions to generate URLs have been modified to support this behaviour, old functions such as `filePath` will still behave as before for compatibility reasons.

Examples:
http://localhost/owncloud/index.php/s/AIDyKbxiRZWAAjP => http://localhost/owncloud/s/AIDyKbxiRZWAAjP
http://localhost/owncloud/index.php/apps/files/ => http://localhost/owncloud/apps/files/

Due to the way our CSS and JS is structured the .htaccess uses some hacks for the final result but could be worse... And I was just annoyed by all that users crying for the removal of `index.php` ;-)
2015-12-01 16:46:07 +01:00
Lukas Reschke 78cad94ff4 Add support for Redis password auth
For enhanced security it is recommended to configure Redis to only accept connections with a password. (http://redis.io/topics/security)

This is especially critical since Redis supports the LUA scripting language and thus a simple SSRF vulnerability (as proven in http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-escape/ for example) may lead to a remote code execution.
2015-10-30 20:19:23 +01:00
Morris Jobke 3b249f1967 Revert "setting to skip migration tests by default"
This reverts commit 7cbdd9b90b.
2015-10-27 21:25:11 +01:00
Steffen Lindner 7bbf586b9b Add syslog_tag docu to sample config 2015-10-23 13:43:41 +02:00
RealRancor b2ae4cab52 Restructure config.sample.php of master 2015-10-13 09:38:28 +02:00
Thomas Müller bb4246c9a8 Merge pull request #19207 from RealRancor/fix_mount.json_dir
Path to mount.json needs to be absolute in config.sample.php
2015-10-06 15:31:49 +02:00
Lukas Reschke 94f2121980 Add notice about X-Forwarded-For 2015-10-05 09:10:07 +02:00
Morris Jobke 7cbdd9b90b setting to skip migration tests by default
* if you install owncloud via package it is not
  possible to skip migration tests
* this also allows to disable migration tests for
  an instance by default
2015-10-01 14:23:25 +02:00
Carla Schroder 4e1923816c Markup fixes to trash bin section 2015-09-30 08:50:32 -07:00
RealRancor a4ceb5fafe Path to mount.json needs to be absolute in config.sample.php 2015-09-29 17:05:25 +02:00
Morris Jobke 60b87048c1 Add doc to config.sample for enforce LDAP home folder naming rule
* ref #16891
2015-09-25 14:32:05 +02:00
Carla Schroder 4410ca5035 add example for 3rdparty configuration 2015-09-23 10:38:46 +02:00
Lukas Reschke 63b2bc136a Move mimetype files into /resources/config/ 2015-09-22 16:43:28 +02:00
Lukas Reschke a8e8a9dfb9 Move certificate bundle into resources/config/ 2015-09-22 16:43:28 +02:00
Phil Davis a165710e99 Minor text typos
that I noticed while looking at some code.
2015-09-21 23:04:25 +05:45
Thomas Müller c9c4626750 Merge pull request #19059 from owncloud/logginglevels
correction to logging levels
2015-09-16 09:20:47 +02:00
Carla Schroder 11555a9c06 correction to logging levels 2015-09-15 09:17:59 -07:00
Victor Dubiniuk d57f3bf9cc Update options description 2015-09-15 17:08:54 +03:00
Victor Dubiniuk c3e055549e Improvements 2015-09-15 17:08:54 +03:00
Victor Dubiniuk 7ef937d8ad Add versions obligation 2015-09-15 17:08:54 +03:00
Frank Karlitschek 7562e4959b Merge pull request #18658 from owncloud/configurable-temp
Configurable temporary directory
2015-09-12 22:04:41 +02:00
Robin McCorkell c3a327dc38 Add config.sample.php parameter for tempdirectory 2015-09-06 18:11:34 +01:00
Robin Appelman 389c8077b0 update config sample 2015-09-02 17:31:02 +02:00
Morris Jobke e88b380973 Remove DEBUG constant and use config value
* introduces config.php option 'debug' that defaults to false
* migrate DEBUG constant to config value
2015-08-24 15:14:05 +02:00
Morris Jobke c7b0d50cb2 Merge pull request #18369 from owncloud/occ-log
occ commands to manage logging
2015-08-20 12:57:05 +02:00
Robin McCorkell 2663f12dc7 config.sample.php logging documentation clarification 2015-08-19 12:55:39 +01:00
Carla Schroder 05b738ac01 clean up typos in config.sample.php 2015-08-17 10:38:42 -07:00
Thomas Müller 326de6f9b4 Merge pull request #18065 from owncloud/new-trashbin-retention
New trashbin retention
2015-08-12 13:13:45 +02:00
Robin McCorkell 8944af57cb Set default `forwarded_for_headers` to 'HTTP_X_FORWARDED_FOR' 2015-08-10 23:04:52 +02:00
Victor Dubiniuk 4ef2615788 Enhance trashbin expiration settings 2015-08-10 20:40:43 +02:00
Vincent Petry 7c9405a921 Disable filesystem_check_changes by default
This will prevent detecting remote changes done in the data folder /
root storage by default. In the rare cases where the data folder is
shared with other apps/users outside ownCloud and change detection is
needed, the admin will have to set the option explicitly from now on.

Note that this doesn't affect external storages which have their own
setting in the mount options.
2015-07-29 12:01:12 +02:00
Morris Jobke 1006ec56ce Merge pull request #17481 from rullzer/mimetype-list
Move mimetypes.list.php to config/mimetypemapping.dist.json
2015-07-13 08:31:18 +02:00
Roeland Jago Douma 032ffc969e Move mimetypealiases.json to mimetypealiases.dist.json 2015-07-10 10:17:49 +02:00
Roeland Jago Douma eea56dc309 MimeTypes now also supports httpd/unix-directory
Since we both use dir and httpd/unix-directory in OC they should map to
the same icon.

Fixes #17527
2015-07-09 14:19:31 +02:00
Roeland Jago Douma 895d29adf1 Move mimetypemapping.json to mimetypemapping.dist.json
This allows users to create their own mapping file to extend our current
mappings. This makes sure that custom mappings are not lost on OC
upgrades.
2015-07-08 17:16:12 +02:00
Roeland Jago Douma 35fba1ef9f Move mimetypes.list.php to config/mimetypemapping.json
This allows users to add new mimetypemappings (extention -> mimetype)
themself. And not have to wait until a new release for updated
mimetypes.

Fixes: #15384
2015-07-08 13:18:58 +02:00
Morris Jobke d68b48d86f [config sample] improve RST markup and wording 2015-07-07 15:57:38 +02:00
Morris Jobke 6fac36b589 [config sample] Update info about appstore 2015-07-07 09:13:57 +02:00
Roeland Jago Douma c8145cdbd6 Javascript mimetype icon resolver
This makes it possible to retrieve the icon for mimetypes in javascript.
It makes no additional queries to the server to retrieve the mimetype.

* config/mimetypealiases.json added
* mimetype.js: this is where the logic resides to convert from mimetype
  to icon url
* mimetypelist.js: generated file with a list of mimetype mapping (aliases)
  and the list of icon files
* ./occ maintenance:mimetypesjs : new command for occ to gernerate
  mimetypes.js
* unit tests updated and still work
* javascript tests added
* theming support
* folder of the theme is now present in javascript (OC.theme.folder)
2015-07-06 16:32:10 +02:00
Morris Jobke 44c3fa9108 refine sample config text 2015-07-06 09:11:05 +02:00
Morris Jobke 8359ca43db [config sample] merge Miscellaneous & All other options 2015-07-06 09:07:35 +02:00
Vincent Petry eadf789519 Rename experimental to transactional file locking 2015-06-26 11:10:10 +02:00
Morris Jobke fc064212b9 [config.sample.php] set correct default value for skeletondirectory 2015-06-19 11:08:34 +02:00
Lukas Reschke 9e48f7f3ba Remove MSSQL completely from list 2015-06-17 19:22:14 +02:00
Carla Schroder ea9c21f94e remove mssql from supported dbs 2015-06-17 07:33:57 -07:00
Lukas Reschke b806502cdb Properly quote memcache.locking 2015-06-02 21:46:57 +02:00
Robin Appelman 6b965d71d1 add seperate config option for locking memcache backend 2015-06-01 13:22:56 +02:00
Vincent Petry 2f4f468399 Added config switch for file locking 2015-06-01 13:22:56 +02:00
Carla Schroder 155150cad3 fix formatting error 2015-05-28 11:55:19 -07:00
Thomas Müller a52afb040a Merge pull request #15965 from owncloud/conditional-logging
Conditional logging
2015-05-19 12:00:19 +02:00
Lukas Reschke 8082433474 Update CA bundle 2015-05-12 10:07:10 +02:00
Morris Jobke e79c255cab Conditional logging
* Log condition for log level increase based on conditions. Once one of these
   conditions is met, the required log level is set to debug. This allows to
   debug specific requests, users or apps

 * Supported conditions (setting `log_condition` in `config.php`):
    - `shared_secret`: if a request parameter with the name `log_secret` is set to
                this value the condition is met
    - `users`:  if the current request is done by one of the specified users,
                this condition is met
    - `apps`:   if the log message is invoked by one of the specified apps,
                this condition is met
 * fix unit test and add app log condition test
2015-05-08 15:58:33 +02:00
Lukas Reschke 21ad4400af Reword configuration text 2015-04-20 21:08:45 +02:00
Lukas Reschke 6b31d325d6 Wording 2015-04-20 11:13:05 +02:00
Lukas Reschke 4ea205e262 Block old legacy clients
This Pull Request introduces a SabreDAV plugin that will block all older clients than 1.6.1 to connect and sync with the ownCloud instance.

This has multiple reasons:

1. Old ownCloud client versions before 1.6.0 are not properly working with sticky cookies for load balancers and thus generating sessions en masse
2. Old ownCloud client versions tend to be horrible buggy

In some cases we had in 80minutes about 10'000 sessions created by a single user. While this change set does not really "fix" the problem as 3rdparty legacy clients are affected as well, it is a good work-around and hopefully should force users to update their client
2015-04-20 11:12:17 +02:00
Michael Telatynski 8ebf9de3f8 Memcache\Redis Add DB Select Functionality 2015-04-15 21:24:38 +01:00
Lukas Reschke ba52f6f8fc Merge pull request #15314 from owncloud/app-categories-15274
Add different trust levels to AppStore interface
2015-04-09 10:07:32 +02:00
Lukas Reschke 0cd29e00d1 Fix wording 2015-04-08 21:24:03 +02:00
Olivier Paroz 74bf9806b0 Introducing the maximum size preview
The first time we're asked to generate a preview we'll generate one of the maximum dimension indicated in the configuration and all future resizing requests will be done on that preview in order to not waste time converting the same file over and over.

One of the fixes required for #12465
2015-04-07 16:45:59 +02:00
Lukas Reschke 0816cf9142 Add experimental applications switch
Allows administrators to disable or enabled experimental applications as well as show the trust level.
2015-04-03 13:21:24 +02:00
Olivier Paroz 8ec6dfdbf8 Split image provider in one sub-class per media type 2015-04-02 10:31:24 +02:00
Lukas Reschke 5f044ebf1b Add wrapper for Guzzle 2015-03-25 16:04:41 +01:00
Morris Jobke bd57fcb539 fix typo in config.sample.php 2015-03-18 17:08:54 +01:00
Morris Jobke 04eef93b25 Merge pull request #13648 from oparoz/sfnt-fonts-preview
Add support for font previews
2015-03-11 15:56:32 +01:00
Robin McCorkell 0e4933e6d2 Refactor \OC\Memcache\Factory
Caches divided up into two groups: distributed and local. 'Low latency' is an
alias for local caches, while the standard `create()` call tries to get
distributed caches first, then local caches.

Memcache backend is set in `config.php`, with the keys `memcache.local` and
`memcache.distributed`. If not set, `memcache.distributed` defaults to the value
of `memcache.local`.
2015-03-05 11:36:34 +00:00
Morris Jobke f1d74e8803 Merge pull request #14651 from owncloud/add-some-headers-to-htaccess-for-my-best-friend-jenkins
Let users configure security headers in their Webserver
2015-03-04 09:36:01 +01:00
Thomas Müller 0af2ea8b28 Merge pull request #14586 from owncloud/proper-appcodechecker-docu
proper description of appcodechecker in config sample
2015-03-03 12:59:51 +01:00
Lukas Reschke bbd5f28415 Let users configure security headers in their Webserver
Doing this in the PHP code is not the right approach for multiple reasons:

1. A bug in the PHP code prevents them from being added to the response.
2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud)
3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations.

This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
2015-03-02 19:07:46 +01:00
Morris Jobke 8cf61c09c8 fix link for Preview documentation 2015-03-02 10:45:22 +01:00
Morris Jobke 297285249a fix line breaks in config.sample.php 2015-03-02 10:44:18 +01:00
Morris Jobke 7452d0434a proper description of appcodechecker in config sample 2015-02-27 20:02:07 +01:00
Olivier Paroz f49805eea5 Add support for font previews 2015-02-24 22:00:54 +01:00
Bernhard Posselt 5b506ab518 use flock instead of just checking if there is a file to prevent deadlocks when the process crashed or the unlink wasnt done
move cron.lock into top directory to prevent external storage issues

use tmp directory lock file

use new config interface

incorporate #13770

add dots
2015-02-24 15:41:20 +01:00
Lukas Reschke b20174bdad Allow AppFramework applications to specify a custom CSP header
This change allows AppFramework applications to specify a custom CSP header for example when the default policy is too strict. Furthermore this allows us to partially migrate away from CSS and allowed eval() in our JavaScript components.

Legacy ownCloud components will still use the previous policy. Application developers can use this as following in their controllers:
```php
$response = new TemplateResponse('activity', 'list', []);
$cspHelper = new ContentSecurityPolicyHelper();
$cspHelper->addAllowedScriptDomain('www.owncloud.org');
$response->addHeader('Content-Security-Policy', $cspHelper->getPolicy());
return $response;
```

Fixes https://github.com/owncloud/core/issues/11857 which is a pre-requisite for https://github.com/owncloud/core/issues/13458 and https://github.com/owncloud/core/issues/11925
2015-02-16 11:00:41 +01:00