Lukas Reschke
7dda86f371
Return proper status code in case of a CORS exception
...
When returning a 500 statuscode external applications may interpret this as an error instead of handling this more gracefully. This will now make return a 401 thus.
Fixes https://github.com/owncloud/core/issues/17742
2015-07-20 12:54:22 +02:00
Bernhard Posselt
c8e3599cad
disallow cookie auth for cors requests
...
testing ...
fixes
fix test
add php doc
fix small mistake
add another phpdoc
remove not working cors annotations from files app
2015-05-22 14:06:26 +02:00
Jenkins for ownCloud
b585d87d9d
Update license headers
2015-03-26 11:44:36 +01:00
Morris Jobke
06aef4e8b1
Revert "Updating license headers"
...
This reverts commit 6a1a4880f0
.
2015-02-26 11:37:37 +01:00
Jenkins for ownCloud
6a1a4880f0
Updating license headers
2015-02-23 12:13:59 +01:00
Lukas Reschke
07f0d76fc6
Move CSRF check
...
Because we're closing the session now before controllers are executed there are cases where we cannot write the session.
2014-11-17 15:10:53 +01:00
Lukas Reschke
cd5925036a
Check if app is enabled for user
...
Fixes https://github.com/owncloud/core/issues/12188 for AppFramework apps
2014-11-15 11:13:55 +01:00
Morris Jobke
b6a4cc20f7
Redirect after session expiry to the previous loaded page
...
* fixes #6945
2014-07-01 16:54:52 +02:00
Bernhard Posselt
5e9ea2b365
fix 8757, get rid of service locator antipattern
2014-05-28 02:15:16 +02:00
Bernhard Posselt
63f2f16b85
use new controllermethodreflector for corsmiddleware
2014-05-11 17:55:59 +02:00
Bernhard Posselt
1d45239c65
adjust license headers to new mail address
2014-05-11 17:54:08 +02:00
Bernhard Posselt
c590244fa1
add private property for reflector in security middleware
2014-05-11 17:54:08 +02:00
Bernhard Posselt
80648da431
implement most of the basic stuff that was suggested in #8290
2014-05-11 17:54:08 +02:00
Bernhard Posselt
e05192a23d
Fix method signature
2014-05-11 14:03:58 +02:00
Bernhard Posselt
9a4d204b55
add cors middleware
...
remove methodannotationreader namespace
fix namespace for server container
fix tests
fail if with cors credentials header is set to true, implement a reusable preflighted cors method in the controller baseclass, make corsmiddleware private and register it for every request
remove uneeded local in cors middleware registratio
dont uppercase cors to easily use it from routes
fix indention
comment fixes
explicitely set allow credentials header to false
dont depend on better controllers PR, fix that stuff later
split cors methods to be in a seperate controller for exposing apis
remove protected definitions from apicontroller since controller has it
2014-05-09 23:34:41 +02:00
Bernhard Posselt
7e447f4f42
make download and redirectresponse public
2014-04-20 16:12:46 +02:00
Scrutinizer Auto-Fixer
adaee6a5a1
Scrutinizer Auto-Fixes
...
This patch was automatically generated as part of the following inspection:
https://scrutinizer-ci.com/g/owncloud/core/inspections/cdfecc4e-a37e-4233-8025-f0d7252a8720
Enabled analysis tools:
- PHP Analyzer
- JSHint
- PHP Copy/Paste Detector
- PHP PDepend
2014-02-19 09:31:54 +01:00
Jörn Friedrich Dreyer
2a6a9a8cef
polish documentation based on scrutinizer patches
2014-02-06 17:02:21 +01:00
Thomas Tanghus
ad017285e1
Fix namespace for OCP\Appframework\Http
...
To avoid having to use OCP\Appframework\Http\Http in the public - and stable
- API OCP\Appframework\Http is now both a class and a namespace.
2013-10-23 05:57:34 +02:00
Thomas Müller
54e77e0e66
fixing typo
2013-10-07 00:40:37 +02:00
Thomas Müller
e071bfc144
fixing SecurityMiddleware to use OC6 API
2013-10-07 00:33:54 +02:00
Thomas Tanghus
c85621a897
Make abstract Middleware class public
...
It doesn't make sense for subclasses to have to implement
all methods.
2013-10-05 16:59:06 +02:00
Thomas Müller
9c9dc276b7
move the private namespace OC into lib/private - OCP will stay in lib/public
...
Conflicts:
lib/private/vcategories.php
2013-09-30 16:36:59 +02:00