Commit Graph

33749 Commits

Author SHA1 Message Date
Lukas Reschke c385423d10 Merge pull request #479 from nextcloud/add-bruteforce-throttler
Implement brute force protection
2016-07-21 00:31:02 +02:00
Lukas Reschke c1589f163c
Mitigate race condition 2016-07-20 23:09:27 +02:00
Lukas Reschke adf67fac96
JSON encode the values 2016-07-20 22:47:33 +02:00
Lukas Reschke ba4f12baa0
Implement brute force protection
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Roeland Jago Douma e42f2f2650
AppFramework do not get default response
The OCSResponse differs from other responses in that it defaults to
XML. However we fell back to json by default.

This makes sure that if nothing is set we don't pass anything.
Which defaults then to the controllers default (which is often 'json')
but in the case of the OCSResponse 'xml'.
2016-07-20 22:05:43 +02:00
Lukas Reschke 020a2a6958 Merge pull request #476 from nextcloud/port-same-site-cookies
[master] Port Same-Site Cookies to master
2016-07-20 21:35:02 +02:00
Lukas Reschke a17ba2f488 Merge pull request #466 from nextcloud/escape-special-characters
Escape special characters (#25429)
2016-07-20 21:24:19 +02:00
Roeland Douma 78cad699fe Merge pull request #475 from nextcloud/ocs-middleware
Add OCS Middleware
2016-07-20 21:04:25 +02:00
Morris Jobke 9a7b27b238 Merge pull request #461 from nextcloud/session-styling
Minor sessions/app password improvements
2016-07-20 20:57:06 +02:00
Morris Jobke e08278494d Merge pull request #471 from nextcloud/storage-fopenspecialchars
Added storage tests for fopen with special chars
2016-07-20 20:56:59 +02:00
Roeland Douma 1088916eda Merge pull request #390 from nextcloud/occ-user
More occ user management commands
2016-07-20 20:36:33 +02:00
Roeland Douma 9f219f55f2 Merge pull request #467 from nextcloud/use-clipboard-api
Use clipboard api
2016-07-20 20:11:08 +02:00
Roeland Douma 26cf51403e Merge pull request #464 from nextcloud/master-change-load-order
[master] Change load order of auth backends so that we can throw an exception …
2016-07-20 20:08:22 +02:00
Roeland Douma ffc345b141 Merge pull request #468 from nextcloud/stringid-fix
Cast share id to string (#25402)
2016-07-20 20:06:46 +02:00
Roeland Jago Douma cff5be3d63
Deprecate \OCP\API 2016-07-20 20:03:53 +02:00
Roeland Jago Douma 5f32b57332
Add unit tests 2016-07-20 20:03:49 +02:00
Roeland Jago Douma ea47974a08
Add OCSMiddleware to catch OCS exceptions
* OCSException
* OCSBadRequestException
* OCSForbiddenException
* OCSNotFoundException
2016-07-20 20:03:49 +02:00
Lukas Reschke a299fa38a9
[master] Port Same-Site Cookies to master
Fixes https://github.com/nextcloud/server/issues/50
2016-07-20 18:37:57 +02:00
Morris Jobke 032e6b1701 Merge pull request #473 from nextcloud/ux-improvement-share-dialog
only show additional edit permissions for folders
2016-07-20 18:34:55 +02:00
Bjoern Schiessle 1ab1e000e8
move closing div to the right place 2016-07-20 18:34:32 +02:00
Morris Jobke e9c85e02ac Merge pull request #462 from nextcloud/master-explode
[master] Use explode() instead of split()
2016-07-20 18:31:11 +02:00
Morris Jobke e2abe70514 Merge pull request #470 from nextcloud/sftp-renameoverwritedir
Fix overwriting folders on rename with SFTP
2016-07-20 18:31:06 +02:00
Björn Schießle 7cdf6402ff Merge pull request #472 from nextcloud/show-app-name-in-errormsg
Show app name in error message if app could not be loaded. (#25441)
2016-07-20 18:20:49 +02:00
Morris Jobke 1264e9644f Merge pull request #402 from nextcloud/smb-notifications
smb update notifications
2016-07-20 16:19:21 +02:00
Robin Appelman 2ba5785d68 sort tokens 2016-07-20 15:59:00 +02:00
Bjoern Schiessle 77d2338bd2
only show additional edit permissions for folders 2016-07-20 15:24:51 +02:00
Klaas Freitag 99316ec02c
Show app name in error message if app could not be loaded. (#25441) 2016-07-20 15:16:16 +02:00
Vincent Petry 631af42b3a
Added storage tests for fopen with special chars
This makes it possible to test special chars with unit tests.
There is already a test for directories but there was none for file
names.
2016-07-20 15:13:24 +02:00
Vincent Petry d372836efc
Fix overwriting folders on rename with SFTP
This aligns the behavior with other storages and also fixes the failing
unit test testRenameOverWriteDirectory
2016-07-20 15:12:27 +02:00
Vincent Petry e5c4f53eea
Cast share id to string (#25402) 2016-07-20 15:10:10 +02:00
Thomas Müller 4d67429cf0
Use an icon to set the email instead of a button with string 2016-07-20 15:07:46 +02:00
Thomas Müller daaa3ded8d
Add clipboard button to public share link 2016-07-20 15:07:41 +02:00
Aaron Wood 7c0de08cc4
Escape special characters (#25429)
* Escape LIKE parameter

* Escape LIKE parameter

* Escape LIKE parameter

* Escape LIKE parameter

* Escape LIKE parameter

* Use correct method in the AbstractMapping class

* Change the getNamesBySearch method so that input can be properly escaped while still supporting matches

* Don't escape hardcoded wildcard
2016-07-20 14:46:47 +02:00
Juan Pablo Villafañez c376eb9f90
Fix file permissions for SMB (read-only folders will be writeable) (#25301)
* Fix file permissions for SMB (read-only folders will be writeable)

* Read-only folders won't be deletable

* Added comment for the read-only behaviour for folders
2016-07-20 14:45:42 +02:00
Thomas Müller e795f7b106
Change load order of auth backends so that we can throw an exception in OCA\DAV\Connector\Sabre\Auth - fixes #25362 (#25476) 2016-07-20 14:40:52 +02:00
Lukas Reschke 4f90447150
[master] Use explode() instead of split()
Sync from https://github.com/owncloud/core/pull/25488
2016-07-20 14:36:39 +02:00
Lukas Reschke b37e1ed17f Merge pull request #460 from nextcloud/issue-459-html-decoded-error-message-when-uploading-folder
Fix the HTML encoding when uploading a folder in FF when using french…
2016-07-20 14:31:41 +02:00
Robin Appelman 703794339c right allign last activity 2016-07-20 14:26:03 +02:00
Robin Appelman 341948155d fix apppassword table with only a few entries being streched 2016-07-20 14:25:23 +02:00
Robin Appelman 66db0f3155 Change "recent activity" to "last activity" 2016-07-20 14:25:03 +02:00
Robin Appelman eb3410322e improve matching safari user agent 2016-07-20 14:13:23 +02:00
Joas Schilling 45c99c226b
Fix the HTML encoding when uploading a folder in FF when using french l10n 2016-07-20 13:03:27 +02:00
Joas Schilling f414c664f2 Merge pull request #458 from nextcloud/remove-ee-apps-from-shipped.json
Remove pre-fork EE apps from shipped.json
2016-07-20 12:18:40 +02:00
Joas Schilling 5632cb9a3b
Remove pre-fork EE apps from shipped.json 2016-07-20 11:19:55 +02:00
Nextcloud bot 78e0bdc003
[tx-robot] updated from transifex 2016-07-20 00:09:13 +00:00
Roeland Douma 76fd95bddb Merge pull request #448 from nextcloud/master-guzzle
[master] Update third-party reference
2016-07-19 21:45:52 +02:00
Morris Jobke 21b05b646f Merge pull request #452 from nextcloud/session-passwords-design
Adjust wording and layout of Sessions and App passwords personal settings
2016-07-19 20:57:54 +02:00
Lukas Reschke 189eb3e7ff
[master] Update third-party reference
For https://github.com/nextcloud/3rdparty/pull/7
2016-07-19 20:48:16 +02:00
Lukas Reschke 56496f98ab Merge pull request #451 from nextcloud/github-link
fix Github link in Personal and Admin settings Version note
2016-07-19 20:46:23 +02:00
Morris Jobke a3ea826b82 Merge pull request #446 from nextcloud/cron-radio-buttons-color
Use the themed radio buttons for cron selection
2016-07-19 17:54:16 +02:00