Commit Graph

4474 Commits

Author SHA1 Message Date
Thomas Tanghus b6ee4c458b Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4 2012-06-14 18:00:45 +02:00
Thomas Tanghus 5b1a14f9ea Contacts: Implement CSRF prevention. 2012-06-14 18:00:13 +02:00
Bjoern Schiessle 60bd2562d8 fixed bug #996: first picture in folder is repeated in the last position behaving like a directory 2012-06-14 15:16:13 +02:00
Bjoern Schiessle df4737f52a prevent xss attacks also if some javascript ends up in the alt-tag 2012-06-14 14:19:12 +02:00
Thomas Tanghus 3e143601fe Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4 2012-06-14 13:53:05 +02:00
Thomas Tanghus 625cd822c3 Backport CSRF prevention. 2012-06-14 13:52:22 +02:00
Bjoern Schiessle cd759aee00 fixed xss vulnerability in un-packed version of jquery.fancybox and repack it 2012-06-14 13:45:33 +02:00
Bjoern Schiessle 544f97f034 debugging output removed 2012-06-14 13:19:11 +02:00
Bjoern Schiessle 4a47fa255d xss vulnerability fixed for fancybox image viewer 2012-06-14 13:18:59 +02:00
Bjoern Schiessle b0420ee8be suppress warning if /dev/urandom is not readable (bug #997) 2012-06-14 13:18:50 +02:00
Georg Ehrke f9af0ef703 fix another ui bug of calendar 2012-06-13 22:21:23 +02:00
Georg Ehrke 92a11011b1 another ui fix 2012-06-13 22:15:12 +02:00
Georg Ehrke 4ff11308a3 fix a ui bug for calendar sharing 2012-06-13 22:13:24 +02:00
Georg Ehrke e543ec6eb6 show username of the body who shares in the summary 2012-06-13 22:07:30 +02:00
Thomas Tanghus 3e339f3d66 Remove check for encryption. 2012-06-13 19:04:47 +02:00
Thomas Tanghus 9e7c28835b Allow same host redirects (/somepath). 2012-06-13 18:32:07 +02:00
Thomas Tanghus f589df7366 Redirect HTTP Auth requests to REQUEST_URI. Partial fix for http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-874 2012-06-13 18:31:36 +02:00
Bjoern Schiessle 48ee265170 urlencode link fort password reset (bug #970) 2012-06-13 17:26:30 +02:00
Michael Gapczynski 7868b25dcc Fix incorrect creation of filesystem for user@group in data folder during shares 2012-06-12 21:34:35 -04:00
Georg Ehrke 48116cf9ab increase version of calendar app to force db upgrade 2012-06-12 19:54:07 +02:00
Georg Ehrke d54fc6dfd4 increase possible size of uri in database - fix oc-140 2012-06-12 19:54:07 +02:00
Bjoern Schiessle 635a2f8ec9 Label the delete operation "unshare" for files in the "Shared" folder to reduce
confusion about the operation.
2012-06-12 16:32:00 +02:00
Bjoern Schiessle ef6b6ac230 block slashes only for new files and new folders but not for file upload from url (bug #964) 2012-06-12 14:16:09 +02:00
Thomas Tanghus cee9d400c0 Contacts: Final (for now) fix to encoding probs on import. 2012-06-12 12:33:37 +02:00
Arthur Schiwon b70226b493 Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4 2012-06-12 11:57:36 +02:00
Bjoern Schiessle 4501407283 committed patch (bug #967) to add missing translations for file actions 2012-06-12 11:41:13 +02:00
Bjoern Schiessle 107c2de25d applied patch provided by bug #966 to fix broken user specific quota settings 2012-06-12 11:22:25 +02:00
Thomas Tanghus 2473348c5d Add .vimrc to .gitignore. 2012-06-11 22:53:20 +02:00
Thomas Tanghus 210b71502b Fix copy/paste error. 2012-06-11 22:18:14 +02:00
Thomas Tanghus e0a5e3e992 Fix js for missing address fields. 2012-06-11 22:15:56 +02:00
Thomas Tanghus c75a7966de Contacts: Fix encoding errors, import errors, developer headache, paint cute kittens and pink clouds ;-) 2012-06-11 22:15:31 +02:00
Arthur Schiwon 266c5238c9 LDAP: offer config option for Group Display Name attribute 2012-06-11 16:50:54 +02:00
Thomas Tanghus 74eece2620 Contacts: Fix NOTE also on add, not just save. 2012-06-11 12:56:41 +02:00
Arthur Schiwon c110308c1e Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4 2012-06-11 12:14:10 +02:00
Arthur Schiwon 7f5e8e39c4 ldap: check array for emptiness, not nullness 2012-06-11 12:13:55 +02:00
Lukas Reschke 6da717b644 Merge branch 'stable4' of gitorious.org:owncloud/owncloud into stable4
Backport for sanitized user data.
2012-06-11 11:57:36 +02:00
Lukas Reschke d294373f47 Sanitzing user input 2012-06-11 11:56:54 +02:00
Lukas Reschke f8337c9d72 Using POST instead of GET. 2012-06-11 11:56:11 +02:00
Lukas Reschke cc653a8a40 Sanitize user input 2012-06-11 11:54:45 +02:00
Lukas Reschke 8f09299e24 Sanitizing user input 2012-06-11 11:54:03 +02:00
Bart Visscher f2216dc9d2 Gallery: Fix database creation on update, also only from version less then 0.5 2012-06-11 11:20:51 +02:00
Thomas Tanghus a21fd725d6 Categories: Turned the debugging down a bit. 2012-06-11 03:07:20 +02:00
Thomas Tanghus c898a8a6c9 Contacts: 11th hour fix for invalid VCARD from CardDAV. 2012-06-10 20:54:52 +02:00
Thomas Tanghus cdac0eae46 Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4 2012-06-10 20:47:35 +02:00
Frank Karlitschek cfea28101a 4.0.2 2012-06-10 20:31:31 +02:00
Frank Karlitschek 6a44d02898 XSS-- 2012-06-10 19:54:04 +02:00
Bartek Przybylski 3970be3d7f fix variable name and undefined index notice 2012-06-10 17:25:19 +02:00
Bartek Przybylski 31d48d4ba4 adding missing file 2012-06-10 13:20:49 +02:00
Bartek Przybylski de6b683b50 fix first time image loading error 2012-06-10 13:19:22 +02:00
Bartek Przybylski 2dca0926b0 gallery: removing search provider for now 2012-06-10 13:19:17 +02:00