zertrin
af5380f5a8
Fix security header setting in .htaccess by adding 'onsuccess unset'
...
The headers might already be set by the system administrator at the http server
level (apache or nginx) for some or all virtualhosts.
Using "always set" in the .htaccess of Nextcloud leads to the situation where
the headers might be set twice (once in the default 'onsuccess' table and once
in the 'always' table)! Which leads to warnings in the admin area.
Adding "onsuccess unset" solves the problem, and forces the header in
the 'onsucess' table to be unset, and the header in the 'always' table to be set.
NOTE: with this change, Nextcloud overrides whatever the system administrator
might have already set
See github issues #16893 #16476 #16938 #18017 and discussion in PR #19002
Signed-off-by: zertrin <zertrin@gmail.com>
2020-03-05 11:11:09 +08:00
Nextcloud bot
48b374f683
[tx-robot] updated from transifex
2020-03-05 02:18:19 +00:00
Nextcloud bot
0f9fe74020
[tx-robot] updated from transifex
2020-03-04 02:17:52 +00:00
Roeland Jago Douma
0be52ab134
Merge pull request #19739 from nextcloud/bugfix/noid/groupid-spaces
...
Do not use replace on the group id
2020-03-03 20:24:50 +01:00
Roeland Jago Douma
65b75c8bba
Merge pull request #19764 from nextcloud/fix/transfer-ownerhip-owner-check
...
Do not allow transfer ownership when the user isn't the owner
2020-03-03 20:20:43 +01:00
Christoph Wurst
b57ffe8d75
Merge pull request #19766 from nextcloud/dependabot/composer/phpseclib/phpseclib-2.0.25
...
Bump phpseclib/phpseclib from 2.0.23 to 2.0.25
2020-03-03 19:32:01 +01:00
Christoph Wurst
6f9110932b
Bump phpseclib/phpseclib from 2.0.23 to 2.0.25
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-03 16:18:56 +01:00
Roeland Jago Douma
6ea1aef031
Merge pull request #19723 from nextcloud/bug/18603/avatar-response
...
Always use status 200 for avatar response
2020-03-03 16:15:14 +01:00
Christoph Wurst
57707aaec6
Merge pull request #19741 from nextcloud/dependabot/composer/pear/archive_tar-1.4.9
...
Bump pear/archive_tar from 1.4.8 to 1.4.9
2020-03-03 14:58:20 +01:00
Christoph Wurst
68b764bb0f
Do not allow transfer ownership when the user isn't the owner
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-03 14:48:45 +01:00
Roeland Jago Douma
aaff6a0242
Merge pull request #19755 from nextcloud/bug/19754/translate-tags
...
Fetch translate for Tags from files app
2020-03-03 12:43:01 +01:00
Daniel Kesselberg
c0009bdf6a
Fetch translate for Tags from files app
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-03-03 10:29:21 +00:00
Christoph Wurst
4efee15541
Bump pear/archive_tar from 1.4.8 to 1.4.9
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-03 08:36:02 +01:00
Nextcloud bot
26ea9681ab
[tx-robot] updated from transifex
2020-03-03 02:18:20 +00:00
blizzz
b54069189c
Merge pull request #19742 from nextcloud/bug/19740/add-msg-for-exception
...
Add message for DoesNotExistException
2020-03-02 16:19:30 +01:00
Roeland Jago Douma
64a29d01a4
Merge pull request #19731 from nextcloud/fix/15455/dont_hanlde_deleted_shares
...
Don't try to format deleted shares
2020-03-02 14:10:03 +01:00
Daniel Kesselberg
5ce9e73bad
Add message for DoesNotExistException
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-03-02 13:24:06 +01:00
Christoph Wurst
165fd30dc0
Merge pull request #19697 from nextcloud/dependabot/composer/aws/aws-sdk-php-3.133.23
...
Bump aws/aws-sdk-php from 3.93.9 to 3.133.23
2020-03-02 13:05:21 +01:00
Julius Härtl
6020a2efd9
Do not use replace on the group id
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-03-02 12:58:53 +01:00
Christoph Wurst
59837e2e9c
Bump aws/aws-sdk-php from 3.93.9 to 3.133.23
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-02 09:19:08 +01:00
Roeland Jago Douma
7613681627
Don't try to format deleted shares
...
Fixes #15455
The issue is that we have a fallback for shares to use the target. So
when the target exists again we happily format it (not that the shares
are still invalid).
This just tries to get the node. If we can't then boom.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-03-02 09:18:04 +01:00
Roeland Jago Douma
fb9a6b8134
Merge pull request #19713 from nextcloud/dependabot/npm_and_yarn/sinon-9.0.0
...
Bump sinon from 8.1.1 to 9.0.0
2020-03-02 08:08:33 +01:00
Roeland Jago Douma
02999091e0
Merge pull request #19699 from nextcloud/bugfix/19349/allow-single-file-downloads
...
Allow single file downloads so the video player works again
2020-03-02 08:05:04 +01:00
Roeland Jago Douma
1ef982a967
Merge pull request #19722 from nextcloud/bug/18727/dont-resize-svg
...
Don't try to resize a svg uploaded as background image
2020-03-02 07:40:01 +01:00
Nextcloud bot
351cd95777
[tx-robot] updated from transifex
2020-03-02 02:17:53 +00:00
Daniel Kesselberg
e35b76a12b
Don't try to resize a svg uploaded as background image.
...
image* are gd functions without support for svg hence we are not able to resize svg.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-03-01 21:19:07 +01:00
Roeland Jago Douma
48e57ebdce
Merge pull request #19714 from nextcloud/dependabot/npm_and_yarn/babel/core-7.8.6
...
Bump @babel/core from 7.8.4 to 7.8.6
2020-03-01 16:11:56 +01:00
dependabot-preview[bot]
2524a6af8c
Bump @babel/core from 7.8.4 to 7.8.6
...
Bumps [@babel/core](https://github.com/babel/babel ) from 7.8.4 to 7.8.6.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/compare/v7.8.4...v7.8.6 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-03-01 11:01:18 +00:00
Roeland Jago Douma
e0596e4d79
Merge pull request #19712 from nextcloud/dependabot/npm_and_yarn/vue-router-3.1.6
...
Bump vue-router from 3.1.5 to 3.1.6
2020-03-01 10:25:19 +01:00
dependabot-preview[bot]
1600daa9e4
Bump vue-router from 3.1.5 to 3.1.6
...
Bumps [vue-router](https://github.com/vuejs/vue-router ) from 3.1.5 to 3.1.6.
- [Release notes](https://github.com/vuejs/vue-router/releases )
- [Changelog](https://github.com/vuejs/vue-router/blob/dev/CHANGELOG.md )
- [Commits](https://github.com/vuejs/vue-router/compare/v3.1.5...v3.1.6 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-03-01 07:28:39 +00:00
Roeland Jago Douma
daa7534527
Merge pull request #19710 from nextcloud/dependabot/npm_and_yarn/babel-eslint-10.1.0
...
Bump babel-eslint from 10.0.3 to 10.1.0
2020-03-01 08:11:41 +01:00
Roeland Jago Douma
1b7cb9a6c7
Merge pull request #19709 from nextcloud/dependabot/npm_and_yarn/babel/preset-env-7.8.6
...
Bump @babel/preset-env from 7.8.3 to 7.8.6
2020-03-01 08:11:15 +01:00
Nextcloud bot
91acb72d6a
[tx-robot] updated from transifex
2020-03-01 02:18:37 +00:00
Daniel Kesselberg
68148f4073
Always use status 200 for avatar response
...
As discussed in #18603 caching a 201 response is hard. It's now possible to distinguish between generated and uploaded avatars by reading the X-NC-IsCustomAvatar (0 = generated, 1 = uploaded) header.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-03-01 00:42:24 +01:00
dependabot-preview[bot]
30d6ba7201
Bump @babel/preset-env from 7.8.3 to 7.8.6
...
Bumps [@babel/preset-env](https://github.com/babel/babel ) from 7.8.3 to 7.8.6.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.8.6 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-02-29 10:38:28 +00:00
Roeland Jago Douma
e921e27a39
Merge pull request #19707 from nextcloud/fix/noid/non-centered-nojavascript
...
Fix non-centered no javascript message
2020-02-29 11:28:18 +01:00
dependabot-preview[bot]
48158d61ed
Bump sinon from 8.1.1 to 9.0.0
...
Bumps [sinon](https://github.com/sinonjs/sinon ) from 8.1.1 to 9.0.0.
- [Release notes](https://github.com/sinonjs/sinon/releases )
- [Changelog](https://github.com/sinonjs/sinon/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sinonjs/sinon/compare/v8.1.1...v9.0.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-29 10:16:47 +00:00
dependabot-preview[bot]
c2167ab6f9
Bump babel-eslint from 10.0.3 to 10.1.0
...
Bumps [babel-eslint](https://github.com/babel/babel-eslint ) from 10.0.3 to 10.1.0.
- [Release notes](https://github.com/babel/babel-eslint/releases )
- [Commits](https://github.com/babel/babel-eslint/compare/v10.0.3...v10.1.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-29 10:14:08 +00:00
Gary Kim
ff6db60b8c
Fix non-centered no javascript message
...
Signed-off-by: Gary Kim <gary@garykim.dev>
2020-02-29 10:43:42 +08:00
Nextcloud bot
1e16fa7a8f
[tx-robot] updated from transifex
2020-02-29 02:18:30 +00:00
Christoph Wurst
0cb00912ec
Merge pull request #19664 from nextcloud/feature/revive-send-welcome-email-toggle
...
Revive the "send email to new users" toggle for the user form
2020-02-28 17:11:12 +01:00
Joas Schilling
a792a31448
Allow single file downloads so the video player works again
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-02-28 16:25:09 +01:00
Roeland Jago Douma
de34786303
Merge pull request #19493 from nextcloud/simplefile-new-lazy
...
Create SimpleFile only when writing the content
2020-02-28 16:07:02 +01:00
Christoph Wurst
d47daefe38
Revive the "send email to new users" toggle for the user form
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-02-28 14:01:03 +01:00
Joas Schilling
0f08acfe31
Merge pull request #19321 from nextcloud/enh/allow-to-overwrite-share-target-mountpoints
...
Allow to overwrite share target mountpoints
2020-02-28 13:41:13 +01:00
Christoph Wurst
36d6fca856
Merge pull request #19673 from nextcloud/dependabot/composer/php-opencloud/openstack-3.0.7
...
Bump php-opencloud/openstack from 3.0.6 to 3.0.7
2020-02-28 13:40:22 +01:00
Roeland Jago Douma
245125d81b
Bump autoloader
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-02-28 12:55:35 +01:00
Robin Appelman
63608ef461
allow writing content directly when creating new SimpleFile
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-02-28 12:55:22 +01:00
Robin Appelman
5ca1929e8c
Create SimpleFile only when writing the content
...
instead of first creating an empty file and then writing the content.
This solves the overhead of creating an empty file with the common pattern:
```php
$file = $simpleFilder->newFile('foo.txt');
$file->putContent('bar.txt');
```
roughly halving the number of storage and database operations that need to be done when creating a `SimpleFile`.
This is not automatically done with `File` because that has a more complex api which I'm more hesitant to touch.
Instead the `Folder::newFile` api has been extended to accept the content for the new file.
In my local testing, the overhead of first creating an empty file took about 20% of the time for preview generation
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-02-28 12:55:22 +01:00
Robin Appelman
fed86e8382
better tests for SimpleFolder
...
test behavior, not implementation
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-02-28 12:55:20 +01:00