e6b52ef4cd
Merge pull request #1347 from nextcloud/bring-back-remember-me
...
fix remember me login
2016-11-02 18:32:38 +01:00
e81d04cd8d
Merge pull request #1940 from nextcloud/new-appstore
...
Use new appstore API
2016-11-02 17:00:24 +00:00
d907666232
bring back remember-me
...
* try to reuse the old session token for remember me login
* decrypt/encrypt token password and set the session id accordingly
* create remember-me cookies only if checkbox is checked and 2fa solved
* adjust db token cleanup to store remembered tokens longer
* adjust unit tests
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-02 13:39:16 +01:00
7da3ba3f91
Merge pull request #657 from nextcloud/share-by-mail
...
New share provider: Share by mail
2016-11-02 11:04:33 +01:00
42b0a0d2af
Merge pull request #1964 from nextcloud/color-the-trusted-domain-to-alert-the-admin
...
Color the trusted domain to alert the admin a bit more
2016-11-02 10:06:35 +01:00
19af06cdea
Merge pull request #1951 from nextcloud/settingsmaxheight
...
restricted the height of the settings area in core/css/apps.css
2016-11-02 08:45:05 +01:00
122fbf0092
[tx-robot] updated from transifex
2016-11-02 01:07:09 +00:00
86b362809b
always show correct place holder, mention share by mail only if the share provider is enabled
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:41 +01:00
ce08682c2f
enabled by default and add to shipped.json
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:41 +01:00
561dd80d57
don't show 'notify by mail' option or permissions not available for mail shares
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:41 +01:00
392c8a115f
unified way to display remote shares and mail shares
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:40 +01:00
77f74b9780
handle case if no share-by-mail share provider is loaded
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:40 +01:00
a17c6a485d
add share by mail share provider
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:51:11 +01:00
0a6f02801f
introduce share by mail, ui part
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:51:11 +01:00
20f45e6fe4
[tx-robot] updated from transifex
2016-11-01 01:06:57 +00:00
8d83e239f3
Fix tests
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-31 17:17:45 +01:00
247b7f37ce
Color the trusted domain to alert the admin a bit more
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-31 12:22:21 +01:00
7f30cf9119
Remove config.php for oc.js
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-31 11:00:39 +01:00
6d2d069c17
[tx-robot] updated from transifex
2016-10-31 01:06:55 +00:00
a08a4b5981
Merge pull request #1955 from nextcloud/issue_#1776
...
Issue-1776: Add unshare function to 3-dot menu.
2016-10-30 11:27:57 +01:00
1187a8c183
[tx-robot] updated from transifex
2016-10-30 00:06:56 +00:00
bd7abc2d0a
restricted the height of the settings area in core/css/apps.css to max 80%
...
Signed-off-by: pgys <info@pexlab.space>
2016-10-29 17:50:51 +02:00
2d91831b50
Issue-1776: Add unshare function to 3-dot menu.
...
Signed-off-by: Julia Bode <julia.bode@lulisaur.us>
2016-10-29 17:07:06 +02:00
e48fa1c337
Merge pull request #1948 from nextcloud/move_away_lagacy_oc_l10n
...
Move away from legacy OC_L10N
2016-10-29 09:39:22 +02:00
035890aeb1
[tx-robot] updated from transifex
2016-10-29 00:07:14 +00:00
740659a04c
Move away from OC_L10N
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-28 21:46:28 +02:00
ad597d498d
[tx-robot] updated from transifex
2016-10-28 00:07:11 +00:00
0a2e2f70f6
Merge pull request #1929 from nextcloud/share_email_to_OCS
...
Remove notify recipient function
2016-10-27 09:03:29 +02:00
7cae758ef9
Merge pull request #1930 from nextcloud/fix_avatars_exif
...
Fix avatar on exif rotated images
2016-10-27 08:56:56 +02:00
9984eba727
[tx-robot] updated from transifex
2016-10-27 00:07:01 +00:00
b05fe45d52
Fix avatar on exif rotated images
...
Fixes #1928
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-26 21:37:11 +02:00
57e61250ac
Remove notify recipient option
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-26 20:52:36 +02:00
a973c1bfb9
[tx-robot] updated from transifex
2016-10-26 00:07:12 +00:00
015affb082
Missing returns + autoloader file
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-25 22:13:09 +02:00
6dbe417c51
Inlince oc.js if possible!
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-25 22:03:18 +02:00
d5589a15d5
Move oc.js to a proper class
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-25 22:03:02 +02:00
08268bca39
Merge pull request #1891 from nextcloud/downstream-26430
...
add upgrade command before repair, handle NeedsUpgradeException better
2016-10-25 18:42:44 +02:00
89574367bc
Merge pull request #1871 from nextcloud/use-csp-nonces
...
Use CSP nonces
2016-10-25 14:46:00 +02:00
e23a298a81
[tx-robot] updated from transifex
2016-10-25 09:36:09 +00:00
890f752a6b
Merge pull request #1452 from nextcloud/appconfig-endpoint
...
Appconfig endpoint
2016-10-25 10:57:48 +02:00
79706e0ddc
Merge pull request #1283 from nextcloud/us_files-ui-webdav-upload
...
Use Webdav PUT for uploads
2016-10-25 10:31:03 +02:00
1ff328ae65
Merge pull request #1823 from nextcloud/filepicker-folder-fix
...
Fix picking a folder with the filepicker
2016-10-25 08:22:59 +02:00
60fa82d92f
Merge pull request #1860 from ryanwr/feature-sort-favorite
...
Sort favorite files first
2016-10-25 08:22:33 +02:00
44e9f5d5a1
Merge pull request #1850 from nextcloud/filepicker-empty-folder
...
show empty folder message in filepicker
2016-10-25 08:20:57 +02:00
f374eb5f1d
More fixes to file upload
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
25d9dce067
JS utility function to compare paths
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
3e96f33995
Sort favorite files first Issue #1802
...
Signed-off-by: Ryan Welch <ryantwr@gmail.com>
2016-10-24 17:55:47 +01:00
817729dc3f
add upgrade command before repair, handle NeedsUpgradeExcaption better
2016-10-24 17:52:49 +02:00
38b3ac8213
Add ContentSecurityPolicyNonceManager
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 16:35:31 +02:00
9e6634814e
Add support for CSP nonces
...
CSP nonces are a feature available with CSP v2. Basically instead of saying "JS resources from the same domain are ok to be served" we now say "Ressources from everywhere are allowed as long as they add a `nonce` attribute to the script tag with the right nonce.
At the moment the nonce is basically just a `<?php p(base64_encode($_['requesttoken'])) ?>`, we have to decode the requesttoken since `:` is not an allowed value in the nonce. So if somebody does on their own include JS files (instead of using the `addScript` public API, they now must also include that attribute.)
IE does currently not implement CSP v2, thus there is a whitelist included that delivers the new CSP v2 policy to newer browsers. Check http://caniuse.com/#feat=contentsecuritypolicy2 for the current browser support list. An alternative approach would be to just add `'unsafe-inline'` as well as `'unsafe-inline'` is ignored by CSPv2 when a nonce is set. But this would make this security feature unusable at all in IE. Not worth it at the moment IMO.
Implementing this offers the following advantages:
1. **Security:** As we host resources from the same domain by design we don't have to worry about 'self' anymore being in the whitelist
2. **Performance:** We can move oc.js again to inline JS. This makes the loading way quicker as we don't have to load on every load of a new web page a blocking dynamically non-cached JavaScript file.
If you want to toy with CSP see also https://csp-evaluator.withgoogle.com/
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 12:27:50 +02:00
Morris Jobke
Michael Grosser
Christoph Wurst
Joas Schilling
Roeland Jago Douma
Nextcloud bot
Bjoern Schiessle
Lukas Reschke
Roeland Jago Douma
Marius Blüm
pgys
Julia Bode
Vincent Petry
ryanwr
Jörn Friedrich Dreyer