Commit Graph

4566 Commits

Author SHA1 Message Date
Frank Karlitschek bf4626da93 prevent XSS 2012-06-10 19:52:23 +02:00
Bartek Przybylski c11f6cc3f9 fix variable name and undefined index notice 2012-06-10 17:25:50 +02:00
Bartek Przybylski 76f20eb57c fix first time image loading error 2012-06-10 13:05:00 +02:00
Thomas Tanghus f90c8738ab Contacts: Used non-existent var. 2012-06-10 12:48:39 +02:00
Bartek Przybylski 0838b4c225 gallery: removing search provider for now 2012-06-10 09:52:33 +02:00
Frank Karlitschek 3947aa3ef7 apps paging is not yet implemented. increase pagesize to 100 as a quickfix 2012-06-09 22:00:28 +02:00
Michiel de Jong 995f9c7348 sanitize scope and host 2012-06-09 21:08:24 +02:00
Michiel de Jong 322fd51261 avoid clickjacking 2012-06-09 21:08:24 +02:00
Michael Gapczynski ab41b57f62 Add Dropbox storage backend 2012-06-09 15:02:48 -04:00
Michiel de Jong b46903fa76 sanitize when logged in as another user 2012-06-09 20:39:24 +02:00
Frank Karlitschek 897bfa8814 finally fix the updater. next is an automatic updater. but this is a bit more tricky. 2012-06-09 17:43:02 +02:00
Robin Appelman d065b2d29e prevent opening non-music files through the media ajax api 2012-06-09 17:39:14 +02:00
Robin Appelman 601bac746d use absolute path for file proxies 2012-06-09 17:34:13 +02:00
Georg Ehrke e7f6f7e452 fix another XSS 2012-06-09 16:45:37 +02:00
Georg Ehrke c9214afff8 fix XSS in Calendar 2012-06-09 16:35:35 +02:00
Thomas Tanghus b16136642b Bump version to trigger db update. 2012-06-09 16:05:21 +02:00
Robin Appelman ba1dec64c1 load all apps when loging in, needed for apps listening to login hooks 2012-06-09 15:58:30 +02:00
Georg Ehrke 9c644fe53b Merge branch 'master' of gitorious.org:owncloud/owncloud 2012-06-09 15:40:48 +02:00
Georg Ehrke 2862740674 increase height of event dialog 2012-06-09 15:38:03 +02:00
Thomas Tanghus 6e9fea341b Changed preferences configvalue to clob. Fixes several bugs e.g. oc-825 and oc-743. 2012-06-09 15:36:28 +02:00
Robin Appelman ec55eaef5b dont load apps when displaying the login page
and only load authentication apps during login
2012-06-09 15:28:57 +02:00
Bartek Przybylski 43501309e3 add function in filesystem to strip webroot 2012-06-09 15:26:26 +02:00
Bartek Przybylski 120997112c handle encrypted images files in oc_image 2012-06-09 15:22:18 +02:00
Georg Ehrke 531132d64f fix a bug in when 2012-06-09 15:15:00 +02:00
Georg Ehrke cfb9c764ca fix creation of monthly repeated events 2012-06-09 15:15:00 +02:00
Bartek Przybylski 001293a702 removing app access check, fix title for links in tiles 2012-06-09 15:12:50 +02:00
Robin Appelman cfe219fbb9 fix potential xss in multiselect 2012-06-09 15:07:16 +02:00
Frank Karlitschek 344299a074 add two csrf check calls. Review and lot´s of porting needed. 2012-06-09 15:05:14 +02:00
Thomas Tanghus 081e1874cb Contacts: Use POST instead of GET. 2012-06-09 15:00:44 +02:00
Thomas Tanghus 88341e5797 Code cleanup. 2012-06-09 15:00:44 +02:00
Georg Ehrke 28ab92ee76 make use of post instead of get 2012-06-09 14:41:26 +02:00
Bart Visscher 4aee5a7ce4 Tasks: Use POST for ajax calls that change data 2012-06-09 14:39:41 +02:00
Bart Visscher 014895aeab Check for missing path_info, also use OC_Response for 404 error 2012-06-09 14:39:41 +02:00
Robin Appelman 76de92477f fix infinite redirect during setup for windows hosts 2012-06-09 14:38:05 +02:00
Georg Ehrke bdd12df4a2 fix loading of OC::$REQUESTEDAPP if WTFE the app parameter is given but empty aka /?app 2012-06-08 22:31:44 +02:00
Bartek Przybylski 201a40a1a3 tabs for spaces, fix array key name 2012-06-08 21:55:28 +02:00
Bartek Przybylski 0c7431e57d hide share button until sharing wont be fixed 2012-06-08 21:44:33 +02:00
Bartek Przybylski 8bc22907b8 adding navigation bar to gallery 2012-06-08 21:44:33 +02:00
Bartek Przybylski 6b0a2ae60e remove old code 2012-06-08 21:44:32 +02:00
Bartek Przybylski 71b04717ab adding missing file 2012-06-08 21:44:31 +02:00
Bartek Przybylski 9e434dea60 tabs for spaces, removing thumbnail on file removal 2012-06-08 21:44:31 +02:00
Bart Visscher ac36512102 Don't use substr to get first char of string 2012-06-08 21:38:10 +02:00
Bart Visscher b9a1524508 Smarter code for OC_FileProxy 2012-06-08 21:38:10 +02:00
Bart Visscher 6af980c20c Add cache for getStorage and getInternalPath functions.
These are called for almost every file operation.
2012-06-08 21:38:10 +02:00
Bart Visscher d9d6876be9 Add stat cache to OC_Connector_Sabre_Node and OC_Connector_Sabre_File
Speeds up access of directories with large number of files.
2012-06-08 21:38:10 +02:00
Bart Visscher 7c5c257bf6 Comment layout and spelling fixes 2012-06-08 21:38:10 +02:00
Thomas Tanghus 0a49bae87a Contacts: Closed stupid XSS hole. Thanks AnybodyElse ;-) 2012-06-08 20:39:54 +02:00
Michael Gapczynski 8fcdccdcdc Add Amazon Web Services SDK to 3rdparty for Amazon S3 external storage 2012-06-08 13:48:38 -04:00
Michael Gapczynski 4b3ae60558 Working UI for external storage mount configuration 2012-06-08 11:42:29 -04:00
Arthur Schiwon f70615106f typo in var 2012-06-08 14:57:27 +02:00