Frank Karlitschek
|
bf4626da93
|
prevent XSS
|
2012-06-10 19:52:23 +02:00 |
Bartek Przybylski
|
c11f6cc3f9
|
fix variable name and undefined index notice
|
2012-06-10 17:25:50 +02:00 |
Bartek Przybylski
|
76f20eb57c
|
fix first time image loading error
|
2012-06-10 13:05:00 +02:00 |
Thomas Tanghus
|
f90c8738ab
|
Contacts: Used non-existent var.
|
2012-06-10 12:48:39 +02:00 |
Bartek Przybylski
|
0838b4c225
|
gallery: removing search provider for now
|
2012-06-10 09:52:33 +02:00 |
Frank Karlitschek
|
3947aa3ef7
|
apps paging is not yet implemented. increase pagesize to 100 as a quickfix
|
2012-06-09 22:00:28 +02:00 |
Michiel de Jong
|
995f9c7348
|
sanitize scope and host
|
2012-06-09 21:08:24 +02:00 |
Michiel de Jong
|
322fd51261
|
avoid clickjacking
|
2012-06-09 21:08:24 +02:00 |
Michael Gapczynski
|
ab41b57f62
|
Add Dropbox storage backend
|
2012-06-09 15:02:48 -04:00 |
Michiel de Jong
|
b46903fa76
|
sanitize when logged in as another user
|
2012-06-09 20:39:24 +02:00 |
Frank Karlitschek
|
897bfa8814
|
finally fix the updater. next is an automatic updater. but this is a bit more tricky.
|
2012-06-09 17:43:02 +02:00 |
Robin Appelman
|
d065b2d29e
|
prevent opening non-music files through the media ajax api
|
2012-06-09 17:39:14 +02:00 |
Robin Appelman
|
601bac746d
|
use absolute path for file proxies
|
2012-06-09 17:34:13 +02:00 |
Georg Ehrke
|
e7f6f7e452
|
fix another XSS
|
2012-06-09 16:45:37 +02:00 |
Georg Ehrke
|
c9214afff8
|
fix XSS in Calendar
|
2012-06-09 16:35:35 +02:00 |
Thomas Tanghus
|
b16136642b
|
Bump version to trigger db update.
|
2012-06-09 16:05:21 +02:00 |
Robin Appelman
|
ba1dec64c1
|
load all apps when loging in, needed for apps listening to login hooks
|
2012-06-09 15:58:30 +02:00 |
Georg Ehrke
|
9c644fe53b
|
Merge branch 'master' of gitorious.org:owncloud/owncloud
|
2012-06-09 15:40:48 +02:00 |
Georg Ehrke
|
2862740674
|
increase height of event dialog
|
2012-06-09 15:38:03 +02:00 |
Thomas Tanghus
|
6e9fea341b
|
Changed preferences configvalue to clob. Fixes several bugs e.g. oc-825 and oc-743.
|
2012-06-09 15:36:28 +02:00 |
Robin Appelman
|
ec55eaef5b
|
dont load apps when displaying the login page
and only load authentication apps during login
|
2012-06-09 15:28:57 +02:00 |
Bartek Przybylski
|
43501309e3
|
add function in filesystem to strip webroot
|
2012-06-09 15:26:26 +02:00 |
Bartek Przybylski
|
120997112c
|
handle encrypted images files in oc_image
|
2012-06-09 15:22:18 +02:00 |
Georg Ehrke
|
531132d64f
|
fix a bug in when
|
2012-06-09 15:15:00 +02:00 |
Georg Ehrke
|
cfb9c764ca
|
fix creation of monthly repeated events
|
2012-06-09 15:15:00 +02:00 |
Bartek Przybylski
|
001293a702
|
removing app access check, fix title for links in tiles
|
2012-06-09 15:12:50 +02:00 |
Robin Appelman
|
cfe219fbb9
|
fix potential xss in multiselect
|
2012-06-09 15:07:16 +02:00 |
Frank Karlitschek
|
344299a074
|
add two csrf check calls. Review and lot´s of porting needed.
|
2012-06-09 15:05:14 +02:00 |
Thomas Tanghus
|
081e1874cb
|
Contacts: Use POST instead of GET.
|
2012-06-09 15:00:44 +02:00 |
Thomas Tanghus
|
88341e5797
|
Code cleanup.
|
2012-06-09 15:00:44 +02:00 |
Georg Ehrke
|
28ab92ee76
|
make use of post instead of get
|
2012-06-09 14:41:26 +02:00 |
Bart Visscher
|
4aee5a7ce4
|
Tasks: Use POST for ajax calls that change data
|
2012-06-09 14:39:41 +02:00 |
Bart Visscher
|
014895aeab
|
Check for missing path_info, also use OC_Response for 404 error
|
2012-06-09 14:39:41 +02:00 |
Robin Appelman
|
76de92477f
|
fix infinite redirect during setup for windows hosts
|
2012-06-09 14:38:05 +02:00 |
Georg Ehrke
|
bdd12df4a2
|
fix loading of OC::$REQUESTEDAPP if WTFE the app parameter is given but empty aka /?app
|
2012-06-08 22:31:44 +02:00 |
Bartek Przybylski
|
201a40a1a3
|
tabs for spaces, fix array key name
|
2012-06-08 21:55:28 +02:00 |
Bartek Przybylski
|
0c7431e57d
|
hide share button until sharing wont be fixed
|
2012-06-08 21:44:33 +02:00 |
Bartek Przybylski
|
8bc22907b8
|
adding navigation bar to gallery
|
2012-06-08 21:44:33 +02:00 |
Bartek Przybylski
|
6b0a2ae60e
|
remove old code
|
2012-06-08 21:44:32 +02:00 |
Bartek Przybylski
|
71b04717ab
|
adding missing file
|
2012-06-08 21:44:31 +02:00 |
Bartek Przybylski
|
9e434dea60
|
tabs for spaces, removing thumbnail on file removal
|
2012-06-08 21:44:31 +02:00 |
Bart Visscher
|
ac36512102
|
Don't use substr to get first char of string
|
2012-06-08 21:38:10 +02:00 |
Bart Visscher
|
b9a1524508
|
Smarter code for OC_FileProxy
|
2012-06-08 21:38:10 +02:00 |
Bart Visscher
|
6af980c20c
|
Add cache for getStorage and getInternalPath functions.
These are called for almost every file operation.
|
2012-06-08 21:38:10 +02:00 |
Bart Visscher
|
d9d6876be9
|
Add stat cache to OC_Connector_Sabre_Node and OC_Connector_Sabre_File
Speeds up access of directories with large number of files.
|
2012-06-08 21:38:10 +02:00 |
Bart Visscher
|
7c5c257bf6
|
Comment layout and spelling fixes
|
2012-06-08 21:38:10 +02:00 |
Thomas Tanghus
|
0a49bae87a
|
Contacts: Closed stupid XSS hole. Thanks AnybodyElse ;-)
|
2012-06-08 20:39:54 +02:00 |
Michael Gapczynski
|
8fcdccdcdc
|
Add Amazon Web Services SDK to 3rdparty for Amazon S3 external storage
|
2012-06-08 13:48:38 -04:00 |
Michael Gapczynski
|
4b3ae60558
|
Working UI for external storage mount configuration
|
2012-06-08 11:42:29 -04:00 |
Arthur Schiwon
|
f70615106f
|
typo in var
|
2012-06-08 14:57:27 +02:00 |