Commit Graph

55 Commits

Author SHA1 Message Date
Lukas Reschke ba4f12baa0
Implement brute force protection
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Bjoern Schiessle 7c64e1973f
add test for needsRebundling() check 2016-07-11 15:51:48 +02:00
Johannes Ernst 66a134e69e Disallow certain malformed domain names even if they match the trusted domain expression
Stricter checking for valid domain names
2016-07-06 23:51:04 +00:00
Johannes Ernst 2b4ceae620 Trusted domain wildcard checking made shorter, supporting multiple *
Added test cases
2016-07-06 23:38:30 +00:00
Joas Schilling 94ad54ec9b Move tests/ to PSR-4 (#24731)
* Move a-b to PSR-4

* Move c-d to PSR-4

* Move e+g to PSR-4

* Move h-l to PSR-4

* Move m-r to PSR-4

* Move s-u to PSR-4

* Move files/ to PSR-4

* Move remaining tests to PSR-4

* Remove Test\ from old autoloader
2016-05-20 15:38:20 +02:00