nextcloud

Commit Graph

Author	SHA1	Message	Date
Roeland Jago Douma	2e567918c1	Check the actual status code for 204 and 304 The header is the full http header like: HTTP/1.1 304 Not Modified So comparing this to an int always yields false This also makes the 304 RFC compliant as the resulting content length should otherwise be the length of the message and not 0. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2019-05-24 17:51:52 +00:00
Joas Schilling	50827582b6	Make sure all middlewares are only registered once Signed-off-by: Joas Schilling <coding@schilljs.com>	2019-05-06 21:38:13 +00:00
Joas Schilling	a3c9e5b11b	Add a message about disabled global routes Signed-off-by: Joas Schilling <coding@schilljs.com>	2019-03-11 12:43:39 +01:00
Joas Schilling	4e8b033281	Make sure urlParams are correctly injected in global routes Signed-off-by: Joas Schilling <coding@schilljs.com>	2019-03-11 12:30:44 +01:00
Joas Schilling	702dcfb728	Make names mandatory Signed-off-by: Joas Schilling <coding@schilljs.com>	2019-03-01 20:56:16 +01:00
Morris Jobke	0e9903c420	Merge pull request #13969 from nextcloud/enh/additional_scripts_no_on_public_pages No need to emit additonalscript event on public pages	2019-02-07 15:57:14 +01:00
Roeland Jago Douma	60e5a5eca4	Do not do redirect handling when loggin out Fixes #12568 Since the clearing of the execution context causes another reload. We should not do the redirect_uri handling as this results in redirecting back to the logout page on login. This adds a simple middleware that will just check if the ClearExecutionContext session variable is set. If that is the case it will just redirect back to the login page. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-02-06 11:29:32 +01:00
Roeland Jago Douma	b68567e9ba	Add StandaloneTemplateResponse This can be used by pages that do not have the full Nextcloud UI. So notifications etc do not load there. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-02-06 11:26:18 +01:00
Roeland Jago Douma	d88604015a	No need to emit additonalscript event on public pages There already is a separate event for this. This will make it possible to only inject code with the logged in one on default rendered pages. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-02-05 20:59:36 +01:00
Roeland Jago Douma	23245904d3	Merge pull request #13694 from b108/duplicate-functionality-in-request-class Remove duplicate functionality	2019-02-01 11:28:25 +01:00
Roeland Jago Douma	d182037bce	Emit to load additionalscripts Fixes #13662 This will fire of an event after a Template Response has been returned. There is an event for the generic loading and one when logged in. So apps can chose to load only on loged in pages. This is a more generic approach than the files app event. As some things we might want to load on other pages as well besides the files app. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-01-31 12:11:40 +01:00
Joas Schilling	92edd40e51	Make RouteConfig strict Signed-off-by: Joas Schilling <coding@schilljs.com>	2019-01-22 14:18:58 +01:00
Joas Schilling	f8b74cf0a5	Allow resources via OCS as well Signed-off-by: Joas Schilling <coding@schilljs.com>	2019-01-22 14:18:58 +01:00
b108@volgograd	bf167ad3ac	Remove duplicate functionality This functionality implemented in the next line: $requestUri = preg_replace('%/{2,}%', '/', $requestUri);	2019-01-20 13:29:58 +04:00
Roeland Jago Douma	54ff913de6	Cleanup middleware registering Fixes #12224 Since we only use the middleware at 1 location it makes no sense to register them in each and every container. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-01-03 11:50:01 +01:00
Roeland Jago Douma	514426e27d	Only trust the X-FORWARDED-HOST header for trusted proxies Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-12-17 15:54:45 +01:00
Morris Jobke	411d2dece5	Merge pull request #11786 from nextcloud/feature/password_confirmation_backend Expose password confirmation capabilities in the user backend	2018-11-06 00:44:18 +01:00
Roeland Jago Douma	2452a3ec73	Properly query the methodreflector Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-11-02 19:20:37 +01:00
Roeland Jago Douma	0e5147f001	Fix tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-11-02 19:20:37 +01:00
Roeland Jago Douma	bfb5ef4b29	The identityproof manager should be in Server Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-11-02 19:20:37 +01:00
Roeland Jago Douma	8f833a309a	No need to register it also in the DI Container Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-11-02 19:20:37 +01:00
Roeland Jago Douma	fbd0d0bdcf	The Encryption manager belongs in Server.php Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-11-02 19:20:37 +01:00
Roeland Jago Douma	9c28d2d7c4	SearchResult should be difined in Server as it is a core component Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-11-02 19:20:37 +01:00
Roeland Jago Douma	964ebed86c	The UserSession is constructed in the server Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-11-02 19:20:37 +01:00
Roeland Jago Douma	b2501dbf9a	TimeFactory is already regsitsered in the Server Container Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-11-02 19:20:37 +01:00
Roeland Jago Douma	61adb513fe	Request is already regsitered in the Server container Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-11-02 19:20:36 +01:00
Roeland Jago Douma	421a40e7db	Was already registered in Server The DIContainaer will query server anyways if it can't find it Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-11-02 19:20:35 +01:00
Roeland Jago Douma	603b672a11	Update password confirmation middleware If the userbackend doesn't allow validating the password for a given uid then there is no need to perform this check. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-11-02 13:44:45 +01:00
Morris Jobke	dccfe4bf84	Merge pull request #12036 from olivermg/master Add capability of specifying "trusted_proxies" entries in CIDR notation (IPv4)	2018-10-30 10:49:08 +01:00
Morris Jobke	c9e6a99637	Merge pull request #12085 from nextcloud/add-gss-to-excluded-backends add global site selector as user back-end which doesn't support password confirmation	2018-10-30 10:16:07 +01:00
Oliver Wegner	401ca28f07	Adding handling of CIDR notation to trusted_proxies for IPv4 Signed-off-by: Oliver Wegner <void1976@gmail.com>	2018-10-30 09:15:42 +01:00
Bjoern Schiessle	85d9f06cb8	add global site selector as user back-end which doesn't support password confirmation Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>	2018-10-27 15:43:51 +02:00
Daniel Kesselberg	986f4df2a5	Add REMOTE_ADDR to getHeader Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2018-10-25 22:26:49 +02:00
Joas Schilling	840dd4b39c	Allow to inject/mock `new \DateTime()` similar to time() Signed-off-by: Joas Schilling <coding@schilljs.com>	2018-10-09 15:38:31 +02:00
Robin Appelman	dccbdc8c01	only catch QueryException when trying to build class Signed-off-by: Robin Appelman <robin@icewind.nl>	2018-09-21 18:32:15 +02:00
Roeland Jago Douma	9319d557a4	Add wrapper Logger in DIContainer This makes sure that for example app for the context is always set. We can in the future extend this to include more info. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-09-04 10:05:25 +02:00
Robin Appelman	c0a283fefb	ensure we always return an array from `Request::getParams` Signed-off-by: Robin Appelman <robin@icewind.nl>	2018-08-28 18:11:42 +02:00
Roeland Jago Douma	8c1e75e052	Do not use file as template parameter Using file will overwrite the $file parameter in the template base. Leading to trying to include a file that is the exception message. Which will of course fail. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-08-09 16:45:25 +02:00
Roeland Jago Douma	e7338173e8	Add PublicShareMiddlewareTest Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-06-20 08:53:37 +02:00
Roeland Jago Douma	20e514690c	Don't allow public share pages if link sharing is disabled Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-06-20 08:53:37 +02:00
Roeland Jago Douma	366981fba6	Move public preview endpoint over Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-06-20 08:53:37 +02:00
Roeland Jago Douma	f36ef8ca80	Add the new PublicShareController and PublicShareMiddleware Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-06-20 08:53:35 +02:00
Joas Schilling	b4bacf46f3	Do not send a body for "No content", "Not modified" and others Signed-off-by: Joas Schilling <coding@schilljs.com>	2018-05-04 13:46:13 +02:00
Joas Schilling	f5b143e318	Allow to inject ISearchResult Signed-off-by: Joas Schilling <coding@schilljs.com>	2018-04-26 12:19:15 +02:00
Arthur Schiwon	38a90130ce	move log constants to ILogger Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-04-26 10:45:52 +02:00
Roeland Jago Douma	129a608ebe	OCP\AppFramework\App strict Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-03-09 08:42:03 +01:00
Morris Jobke	a2db959f5c	Merge pull request #8593 from eneiluj/master Allow public page access to apps with group restrictions	2018-03-08 11:27:52 +01:00
Roeland Jago Douma	3ad7daeda5	Add tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-03-08 11:05:18 +01:00
Roeland Jago Douma	340e8ef16c	Make SecurityMiddleware strict Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-03-08 10:11:47 +01:00
Joas Schilling	1dd40b1f45	Single quotes Signed-off-by: Joas Schilling <coding@schilljs.com>	2018-03-07 16:50:18 +01:00

1 2 3 4 5

227 Commits