Commit Graph

2632 Commits

Author SHA1 Message Date
Lukas Reschke 8ca78fcf3f Move requesttoken to oc-requesttoken.js 2013-01-21 20:24:18 +01:00
Lukas Reschke af8c193605 Disallow inline JS 2013-01-20 23:30:16 +01:00
Lukas Reschke 967b7947a1 Add the default-src 2013-01-20 12:19:09 +01:00
Lukas Reschke c82d6e5153 Add CSP header 2013-01-20 12:06:33 +01:00
Lukas Reschke 42b924da0e Also replace the backslash with a minus
For Windows systems
2013-01-19 19:47:26 +01:00
Bernhard Posselt f1939866f3 Merge pull request #1214 from Raydiation/master
Load Classpaths of apps before appinfo/routes.php
2013-01-19 09:44:48 -08:00
Jenkins for ownCloud a17ca3a69a [tx-robot] updated from transifex 2013-01-19 00:05:38 +01:00
Thomas Müller 31cc9aa80d Merge pull request #986 from owncloud/fixing-784-master
the maximum upload size is now part of the response of the upload and de...
2013-01-18 14:06:00 -08:00
Thomas Mueller 5ff29b4348 fixing indent 2013-01-18 20:09:03 +01:00
davidgumberg 487e401361 Typo fix (comment) /lib/base.php 2013-01-18 10:52:29 -08:00
Bart Visscher 9ffd4197ae Fix wrong word in comment 2013-01-18 16:38:40 +01:00
Björn Schießle d2c5f9bec7 fix error message, add "appid" to the output to know which app caused the error if OC_App::getStorage() fails.
Port of approved patch for stable45: https://github.com/owncloud/core/pull/1222
2013-01-18 15:14:42 +01:00
Thomas Müller 0ed635240a Merge pull request #1205 from owncloud/ocs_api
Return 401 headers when trying to access a restricted api call
2013-01-18 05:52:51 -08:00
Thomas Müller 5df57e4ada Merge pull request #1181 from owncloud/return-503-in-maintenance
in case of maintenance the error page returns http status 503.
2013-01-18 04:02:03 -08:00
Jenkins for ownCloud 824fcf6624 [tx-robot] updated from transifex 2013-01-18 00:04:36 +01:00
Bernhard Posselt 2b95ae1e6d spaces to tabs 2013-01-17 21:44:40 +01:00
Bernhard Posselt a8094abac7 load classpaths of apps before routes 2013-01-17 21:42:46 +01:00
tomneedham b4954c0c89 Correct spelling of 'Authorization' 2013-01-17 16:30:14 +00:00
Frank Karlitschek d85e440aa1 Merge pull request #1148 from seancomeau/topic/setup
Fix issue #108
2013-01-16 22:38:57 -08:00
Jenkins for ownCloud 433fa19268 [tx-robot] updated from transifex 2013-01-17 00:27:40 +01:00
Tom Needham 358671ac1d Fix incorrect indentation 2013-01-16 20:29:29 +00:00
Tom Needham 098c84a29c Return 401 headers when authentication is required for the api call 2013-01-16 20:27:43 +00:00
Bart Visscher 5bfe4adbaa Whitespace cleanup 2013-01-16 18:09:16 +01:00
Bart Visscher a8f963d9cf Spaces to tabs 2013-01-16 18:09:16 +01:00
Jan-Christoph Borchardt cb0fd30458 Merge pull request #1185 from owncloud/fixing-1162-master
handling proper display of files/folders with negative size
2013-01-16 05:18:53 -08:00
Thomas Müller 1f7bf57ece Merge pull request #1195 from owncloud/cache_prepared
Cache prepared statements in OC_DB
2013-01-15 22:23:34 -08:00
Robin Appelman f18fc1c510 Clear cached prepared statements when switching between mdb2 and pdo 2013-01-16 01:12:13 +01:00
Thomas Müller 4668f8c86e Merge pull request #1178 from owncloud/return_true_because_of_ponies
Remove uneeded return
2013-01-15 14:01:48 -08:00
Robin Appelman a08490364d Cache prepared statements in OC_DB 2013-01-15 20:21:06 +01:00
Thomas Mueller 388bb6a5e1 Merge branch 'master' into fixing-unused-and-undefined-in-master 2013-01-14 23:41:34 +01:00
Thomas Mueller 44e5c052b3 handling proper display of files/folders with negative size
refs #1162
2013-01-14 23:39:31 +01:00
Lukas Reschke ab287d2ba4 Move { to same line 2013-01-14 22:04:31 +01:00
Lukas Reschke c845e75693 Expand if to multiple lines
Oneliners are ugly.
2013-01-14 22:01:52 +01:00
Bart Visscher 53ca0db434 Merge pull request #1177 from owncloud/OC_User--isAdminUser()
Check if user is admin - bool
2013-01-14 12:53:18 -08:00
Thomas Mueller 31ce320c52 in case of maintenance the error page returns http status 503.
This is necessary to enable the desktop sync client to react properly.
Currently the SabreDAV plugin OC_Connector_Sabre_MaintenancePlugin is not executed because this error page is returned before the SabreDAV code is executed
2013-01-14 21:39:55 +01:00
Lukas Reschke eab6d7eb23 Enhanced auth is totally unmaintained and broken
Let's remove it, it's also not secure anymore with the introduction of
our API etc...
(And doesn't work with ldap etc…)
2013-01-14 21:39:49 +01:00
Sean Comeau 0132a0b2cf Rename TestException to DatabaseSetupException 2013-01-14 12:36:50 -08:00
Bart Visscher 8b2307ce4b Merge pull request #1172 from owncloud/isSubDirectory
Simplify the isSubDirectory() function
2013-01-14 12:36:38 -08:00
Sean Comeau 42cd99626e Use a custom exception instead of adding a delimiter to the error message 2013-01-14 11:57:40 -08:00
Lukas Reschke cc00c54f6a Remove uneeded returns 2013-01-14 20:18:08 +01:00
Lukas Reschke e8b45caa51 Remove uneeded return
Thx @Raydiation
2013-01-14 19:57:28 +01:00
Lukas Reschke 31b1a73e1f Check if user is admin - bool
There was no "isAdminUser()" function which returned bool. This is
irritiating as there were a loooooooot of places in the code which
checked this itself with `OC_Group::inGroup($uid, 'admin)` - why not
use a function for this?
(Especially if you consider that we might change the group name in the
future, which would lead to problems then)

Additionally, @Raydiation needed such a method for his AppFramework :)
2013-01-14 19:45:17 +01:00
Lukas Reschke 99adfbdb86 Check for string position instead of string existence
otherwise /foo/bar would be detected as a subfolder of /bar

THX @icewind1991
2013-01-14 16:51:35 +01:00
Bart Visscher fa78fbe0c3 Merge pull request #1112 from Raydiation/master
This fixes a problem that prevented app routes from being loaded after ocs_api merge
2013-01-14 07:35:14 -08:00
Jenkins for ownCloud c29310aaef [tx-robot] updated from transifex 2013-01-14 00:18:21 +01:00
Lukas Reschke b7db967dc5 Commentblocks should begin with two * 2013-01-13 14:54:18 +01:00
Lukas Reschke c27833b143 Add @brief to description 2013-01-13 14:50:31 +01:00
Lukas Reschke e151210a62 Simplify the isSubDirectory() function
isSubDirectory() checks if a specified $sub is a subdirectory of the
$parent, this is needed to prevent file inclusions.

Actually, the current code is more kind of a "hack" which I always
struggle over if browsing through source. So this should be a much
better implementation.

The implementation is really straightforward:
- [realpath()](http://php.net/manual/function.realpath.php) expands all
symbolic links and resolves references to '/./', '/../' and extra '/'
characters in the input path and return the canonicalized absolute
pathname.
- [strpos()](php.net/manual/function.strpos.php) returns FALSE if the
substring wasn't found.

Since this is an absolutely critical piece of code, I'd like to ensure
that this is absolutely safe!
2013-01-13 14:33:19 +01:00
Thomas Mueller 23896a7290 Merge branch 'master' into fixing-784-master
Conflicts:
	apps/files/js/files.js
2013-01-11 09:53:12 +01:00
Thomas Müller 60489764f3 Merge pull request #1133 from owncloud/add_linebreaks_in_sharing
add more linebreaks, replace SQL LIMIT with param
2013-01-10 15:14:14 -08:00