Commit Graph

1984 Commits

Author SHA1 Message Date
Bernhard Posselt 4aff85cd0c add template functions for html imports 2014-09-08 21:19:44 +02:00
Lukas Reschke 70abce0482 Merge pull request #10739 from owncloud/eventsource-public
Add EventSource to the public API
2014-09-08 18:46:27 +02:00
Lukas Reschke c79c894dbb Merge pull request #10755 from owncloud/shorter_sharing_links
Shorter sharing links
2014-09-08 17:26:20 +02:00
Lukas Reschke 2d847934ed Merge pull request #10938 from owncloud/useSecureMimetype
Use secure mimetype for content delivery
2014-09-08 17:13:54 +02:00
Lukas Reschke 5de404eb92 Merge pull request #10827 from oparoz/patch-2
Libreoffice config folder needs to be set
2014-09-08 16:41:26 +02:00
Lukas Reschke fa718d2e2c Fix typo 2014-09-08 16:34:03 +02:00
Lukas Reschke 0cdfe4f8c2 Merge pull request #10911 from owncloud/template-funcs
Add template shortcut functions for style and script
2014-09-08 16:32:05 +02:00
Lukas Reschke 312ed18d15 Use secure mimetype for content delivery
Adds some hardening against potential CSP bypassed.
2014-09-08 15:57:39 +02:00
Joas Schilling c5b5378558 Add a method to get the absolute url for a route
Fix #10926
2014-09-08 14:43:14 +02:00
Joas Schilling 249558966e Set overwritewebroot when installing owncloud to avoid problems
Fix #10514
2014-09-08 14:30:13 +02:00
Robin Appelman 644755df66 Use bigger transactions when doing explicit file system scans 2014-09-08 14:15:41 +02:00
Vincent Petry 637cff68ac Merge pull request #10862 from chli1/master
fix BadRequest error if CONTENT_LENGTH not set
2014-09-08 10:00:15 +02:00
cetra3 459ead69f6 Merge branch 'master' of https://github.com/owncloud/core 2014-09-08 15:05:49 +09:30
Bernhard Posselt 7e4d244200 add shortcut functions for style and script 2014-09-06 14:25:28 +02:00
Jörn Friedrich Dreyer 8488be4d03 Keep fileid on move in objectstore, fixes #10848 2014-09-05 13:25:59 +02:00
Robin Appelman e29b7e9335 Remove explicit propagate calls 2014-09-05 11:53:24 +02:00
Robin Appelman d0e83a71aa Update cache before post hooks 2014-09-05 11:53:24 +02:00
Robin Appelman 1d8a88dd1b Fix warning in homecache 2014-09-05 11:53:23 +02:00
Robin Appelman 850542c5d6 Refactor Cache\Updater to work outside of the users home 2014-09-05 11:53:23 +02:00
kondou ecc9b42e41 Match \OC_Helper::linkToPublic() to new links and fit unittests 2014-09-04 20:44:50 +02:00
kondou a10411d2bc Readd TOKEN_LENGTH 2014-09-04 19:09:26 +02:00
Jesus Macias Portela 523680cef2 Merge pull request #10840 from owncloud/issue_10674
Solve bug with touch always return true on /lib/private/files/view.php
2014-09-04 17:29:08 +02:00
kondou 226b203e20 Use base62 and remove configuration options for link length 2014-09-04 16:20:20 +02:00
kondou c2d8eabd71 Change config.sample entry and use MediumSecurity 2014-09-04 15:52:23 +02:00
kondou 3bf725d7e0 Adapt token size to new generation and add an option for free length specification
Minimum size is 3 = 46656 tokens, maximum size is 64, which is what our DB allows.
2014-09-04 15:24:33 +02:00
kondou 2a4c51389c Use a route instead of s.php and convert tokens asap 2014-09-04 15:23:55 +02:00
kondou 0f2ad9862e Initial work on shorter links 2014-09-04 15:23:53 +02:00
Lukas Reschke 1a7df33233 Merge pull request #10818 from owncloud/enableappforgroupfix
Fix upgrade process when apps enabled for specific groups
2014-09-04 13:56:41 +02:00
chli1 712487c861 fix BadRequest error if CONTENT_LENGTH not set
If client does not send content length header on webdav upload (e.g. because the content comes from a stream and its length is not predictable) the put() method should not try to compare the content length value with the actually amount of received data, because this will always fail and results in a BadRequest exception. So the check will only be performed if $_SERVER['CONTENT_LENGTH'] is set.
2014-09-04 13:49:15 +02:00
Robin Appelman fa3393674c Better phpdoc and method naming 2014-09-04 13:26:51 +02:00
Robin Appelman 8605e2e6a5 Explicitly cast id and validate type 2014-09-04 13:26:47 +02:00
Olivier Paroz bbc2d7cf4f Typ in whichOpenOffice test 2014-09-04 12:54:20 +02:00
Joas Schilling a0e8e88bc6 Use correct language package so the subject is correctly translated
Fix #10847
2014-09-04 11:23:23 +02:00
Lukas Reschke 8fec19a872 Merge pull request #10790 from cbhp/master
added missing User-Agents
2014-09-03 22:40:12 +02:00
Jesus Macias 91c8174013 Fix code with previous comments 2014-09-03 18:21:24 +02:00
Jesus Macias 883649b69c Reset changes on 3rdparty submodule 2014-09-03 18:20:09 +02:00
cbhp c00450b2c7 always use a user-agent constant
Some providers block connections with missing user-agents. Also
user-agents are useful for analyzing requests. I've added a USER_AGENT
constant that is used in cURL and in file_get_contents.
2014-09-03 18:00:05 +02:00
Lukas Reschke 63a90a129b Use proper RNG generator
OC_Util::generateRandomBytes() only returns lowercase alphanumeric values.
We should use the new RNG which has a broader characterset.
2014-09-03 17:46:48 +02:00
Lukas Reschke 26f337d523 Only return lowercase letters and digits for backwards compatbility 2014-09-03 17:18:00 +02:00
Thomas Müller 954925eaa0 Merge pull request #10667 from pmjdebruijn/itunes-appid
defaults: add customizable defaultiTunesAppId
2014-09-03 16:26:20 +02:00
Olivier Paroz eaab067716 env:UserInstallation was already there in master
My changes were made against stable7 and I merged them to the file in master, so this version is now the properly merged file for master.
I'm just adding `owncloud-<instanceid>` to the path where temp files are stored.
2014-09-03 16:08:40 +02:00
Lukas Reschke 373d1c5e9f Merge pull request #10642 from owncloud/securityutils
Add some security utilities
2014-09-03 15:28:42 +02:00
Clark Tomlinson d64cacec43 Merge pull request #10826 from oparoz/master
Adding TIFF support to the files app
2014-09-03 09:14:35 -04:00
Clark Tomlinson 0400f7845c Merge pull request #10723 from owncloud/webdav-folder-size
adding new webdav property containing the folder size
2014-09-03 09:07:23 -04:00
Robin Appelman 65608d7c92 Use the public api to get event sources 2014-09-03 13:36:15 +02:00
Robin Appelman dad53180bc Add event source to the public api 2014-09-03 13:36:15 +02:00
Robin Appelman 54c918fe48 Initialize an event source when we start using it, not in the constructor 2014-09-03 13:35:04 +02:00
Olivier Paroz 3bf155e138 This is not a PDF, there are no pages 2014-09-03 12:32:59 +02:00
Thomas Müller 6cdb1d89ae Merge pull request #10761 from canadaduane/fix_occ_upgrade
Ensure db connection before changing cache state
2014-09-03 11:27:16 +02:00
Thomas Müller 52dc31e13c Merge pull request #10725 from owncloud/sabredav-etag-master
adding OC-ETag header
2014-09-03 11:21:47 +02:00
Lukas Reschke 77c0adb520 Merge branch 'securityutils' of https://github.com/owncloud/core into securityutils 2014-09-03 11:04:49 +02:00
Lukas Reschke 50b430ee7c Add char consts, hash the specified password for the HMAC 2014-09-03 11:03:27 +02:00
Olivier Paroz 0c3c72aec0 Libreoffice config folder needs to be set
In order to avoid conflicts between multiple instances installed on one server, it's required to define a LibreOffice configuration folder per instance.

Just like with my PR for the documents app (https://github.com/owncloud/documents/pull/353), I propose to use /tmp/owncloud-instanceid
2014-09-03 03:12:35 +02:00
Olivier Paroz b559b21dc3 Converts TIFF files to PNG 2014-09-02 22:56:39 +02:00
Olivier Paroz 1e600a0d36 Adding support for tiff files 2014-09-02 22:53:41 +02:00
Vincent Petry e05b95636b Fix upgrade process when apps enabled for specific groups
Fix issue where the currently logged user was causing side-effects when
upgrading.
Now setting incognito mode (no user) on update to make sure the whole
apps list is taken into account with getEnabledApps() or isEnabled().
2014-09-02 17:16:14 +02:00
Robin Appelman a9a37b5363 Don't automatically setup the filesystem the moment we load OC\Files\FileSystem 2014-09-02 16:15:42 +02:00
cbhp 969b41c1c9 added missing User-Agents
header "User-Agent" was missed
2014-08-31 19:44:06 +02:00
Morris Jobke 4024960a0e Merge pull request #10780 from owncloud/config-public
Extend public config interface
2014-08-31 15:54:35 +02:00
Lukas Reschke 8009df0b60 Merge pull request #10420 from owncloud/external-share-self-signed
Make external shares work with imported self signed certificates
2014-08-31 15:50:30 +02:00
Robin Appelman 0a1e5aebf1 Extend public config interface 2014-08-31 15:27:36 +02:00
Lukas Reschke ae3425d2da Merge branch 'master' into securityutils
Conflicts:
	lib/private/util.php
2014-08-31 15:21:09 +02:00
Lukas Reschke a197ef0f6c Merge pull request #10768 from owncloud/l10n-use-public
Use public api for getting l10n
2014-08-31 11:58:59 +02:00
Robin Appelman bfa0c4b78a Explicitly set the timezones 2014-08-31 11:06:18 +02:00
Lukas Reschke 4efe6f6240 Add unit tests and fix rootcerts creation bug 2014-08-31 10:47:50 +02:00
Robin Appelman e64aa330fd check for blacklisted file certificate filenames 2014-08-31 10:47:50 +02:00
Robin Appelman 79d896e830 Rename namespace 2014-08-31 10:47:50 +02:00
Robin Appelman 6044ad0e17 Cleanup certificate code 2014-08-31 10:47:50 +02:00
Robin Appelman ba8416a04f move certificate classes to their own namespace 2014-08-31 10:47:50 +02:00
Robin Appelman c158db7200 Add certificate class 2014-08-31 10:47:50 +02:00
Robin Appelman c1b11571ea Move certificate management interface from files_external to core 2014-08-31 10:47:50 +02:00
Robin Appelman 4efdbff6df No need for this folder to be world accessible 2014-08-31 10:45:11 +02:00
Robin Appelman dcc4f96d3e Verify names of certificates 2014-08-31 10:45:11 +02:00
Robin Appelman ecdbf00628 Move certificate management code to core 2014-08-31 10:45:10 +02:00
Robin Appelman d0266c0bf8 Use public api for getting l10n 2014-08-31 10:08:22 +02:00
Morris Jobke 06e6f10ce4 Add optional user ID parameter for getUseFolder 2014-08-31 09:49:19 +02:00
Duane Johnson ccf440495e Ensure db connection before changing cache state
When trying to upgrade from 7.0.0 to 7.0.2, the manual upgrade path
(e.g. ` sudo -u www-data /usr/bin/php5 ./occ upgrade`) exits with the
following fatal error:

```
/var/www/owncloud# php occ upgrade
PHP Fatal error:  Call to a member function
  disableQueryStatementCaching() on a non-object in
  /var/www/owncloud/lib/private/db.php on line 423
```

This is caused by the self::$connection static variable having not
been initialized at the point of call. Adding a self::connect() fixes
the issue.

See https://forum.owncloud.org/viewtopic.php?f=29&t=23398&p=68556#p68556
2014-08-30 15:46:56 -06:00
cetra3 6b24aa5224 Refactor internal session to write directly to $_SESSION 2014-08-30 08:48:13 +00:00
Robin Appelman 0b88355368 Merge pull request #10721 from owncloud/kill-rand
Kill insecure random number generation
2014-08-29 19:48:00 +02:00
Morris Jobke 3a4b71ffb4 Merge pull request #10734 from owncloud/fix-10268
retrieve local users, groups and group members in a sorted way
2014-08-29 19:35:32 +02:00
Lukas Reschke 35276def1c Merge pull request #10614 from owncloud/remove-ee-hack
Remove different URL for EE
2014-08-29 18:23:15 +02:00
Jörn Friedrich Dreyer 10382ef2f0 allow empty hostname and dots in service name for oracle autosetup 2014-08-29 17:09:17 +02:00
Robin Appelman 3de69ff81b Don't register the call when rendering error pages 2014-08-29 15:44:39 +02:00
Robin Appelman dd7b8e4555 Remove insecure fallback random number generation 2014-08-29 15:44:09 +02:00
Arthur Schiwon 0bb460c9b5 retrieve local users, groups and group members in a sorted way 2014-08-29 15:17:37 +02:00
Thomas Müller 96a931929e adding OC-ETag header 2014-08-29 12:09:33 +02:00
Thomas Müller 647120fb36 adding new webdav property containing the folder size 2014-08-29 11:39:02 +02:00
Jörn Friedrich Dreyer f551917a3c kill OC::$session
maintain deprecated \OC::$session when getting or setting the session via the server container or UserSession

restore order os OC::$session and OC::$CLI

remove unneded initialization of dummy session

write back session when $useCustomSession is true

log warning when deprecated app is used
2014-08-29 10:22:21 +02:00
Lukas Reschke 9ab62ad5b7 Escape error messages 2014-08-27 17:01:51 +02:00
Clark Tomlinson cb0da1178b Merge pull request #10653 from owncloud/x-forwarded-for
Add support for getting the real client IP behind proxies
2014-08-27 10:32:34 -04:00
Pascal de Bruijn 49da0a7943 defaults: add customizable defaultiTunesAppId 2014-08-27 14:07:39 +02:00
Björn Schießle c35d60f6d8 Merge pull request #9915 from suraia/unsharefromself-source
Allow specifying the item source in unshareFromSelf().
2014-08-27 10:31:35 +02:00
Lukas Reschke 3329e0f2b2 Use DI 2014-08-27 00:49:53 +02:00
Lukas Reschke d26a9c3c58 Add some security utilities
This adds some security utilities to core including:
- A library for basic crypto operations (e.g. to encrypt passwords)
- A better library for cryptographic actions which allows you to specify the charset
- A library for secure string comparisions

Remove .htaccess

Remove .htaccess

Fix typo

Add public API

Use timing constant comparision

Remove CBC constant

Adjust code

Remove confusing $this
2014-08-27 00:18:04 +02:00
Lukas Reschke 7acdd018a1 Add support for getting the real client IP behind proxies
Fixes https://github.com/owncloud/core/issues/10624

Fix copy paste fail

Add unittest for comma separated headers

Revert 3rdparty
2014-08-27 00:05:04 +02:00
Thomas Müller 2e8026a7b5 Merge pull request #10619 from owncloud/issue/6722
Add a test to break the slugifyPath() with folder and file afterwards
2014-08-26 10:33:18 +02:00
Lukas Reschke ca7e4c8c67 Add isAppstoreEnabled instead of hijacking the URL 2014-08-26 10:20:51 +02:00
Clark Tomlinson 6523c575f3 Merge pull request #10623 from owncloud/not-a-valid-resource-log-entries
Do not try to close the same resource multiple times
2014-08-25 12:52:06 -04:00
Vincent Petry c86824fa09 Merge pull request #10023 from owncloud/tmp-file-created-status
Log unsuccessful temp file creation and return false
2014-08-25 17:24:46 +02:00
Joas Schilling 989da69cff Do not try to close the same resource multiple times 2014-08-25 15:31:43 +02:00