All IE versions are not able to properly upscale SVG icons unless the
said SVG files contain a "viewBox" attribute, which is not always the
case. Also we cannot guarantee that all third party apps will have this
attribute in their icons.
So for now, app icons will not be displayed in IE instead of broken
ones.
- calculate multiselect header width to exclude scrollbar
- call FileList._onResize() when sidebar is toggled ("appresized"), this
also updates the breadcrumb width
- moved global getScrollBarWidth() to OC.Util namespace
Added hack that uses a "filter" CSS with explicit URL to fix the "New"
menu by scaling down icons and also fix the folder/filetype icon in the sidebar
by scaling it up.
If a response to a $.ajax() request returns a content type of "application/javascript"
JQuery would previously execute the response body. This is a pretty unexpected
behaviour and can result in a bypass of our Content-Security-Policy as well as
multiple unexpected XSS vectors.
Controls bar calculation needs to take the sidebar visibility into
account.
Recalculation is now triggered when sidebar is toggled, using a new
app-content event "appresized".
Tipsy also supported the `fallback` element which will now not work anymore. To enhance compatibility we shall also implement it in the shim.
Fixes https://github.com/owncloud/core/issues/17870
These should be used in the future instead of location.*.
It will make it possible to stub these methods for writing unit tests
and simulating different URL schemes.
Doing this in the PHP code is not the right approach for multiple reasons:
1. A bug in the PHP code prevents them from being added to the response.
2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud)
3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations.
This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
This function is often used in a wrong and potential dangerous way... Thus we should escape the URL per default and offer developers to disable the automatic escaping via an option parameter if they really want that behaviour.
Might break some things, however, those things are then easy to fix and we really have a ton of bugs caused by this...
Fixes https://github.com/owncloud/core/issues/14228
* options for timeout in seconds and if it contains HTML
* if timeout is 0 it will show the message permanently
* removes the notification after a given (default: 5 seconds) timeframe
* based on work by @brantje
* provide JS unit tests for notifications
Moved search result type translations to search.js
Load JS translations earlier
Translations need to be loaded earlier to make sure that some JS files
like search.js get access to translations at this time.
This requires the template initialization to be moved to after session
initialization, because only after the session we have access to the
current language.
Added addTranslations and fixed de.js file
Fixed de.js to use OC.L10N.register() and use to correct expected
format.
Added JS unit tests for OC.L10N class
Include translations JS script for all apps
- Added setup checks in JavaScript
- Moved isWebDAVWorking to JS using SetupChecks
- Moved internet connection checks to an ajax call that goes through the
server
Now using a natural sort algorithm that is more consistent between JS
and PHP (although not perfect in some corner cases)
- added OC.Util.naturalSortComparator that uses the same algo that was
used for the user list
- changed user list and files list to use OC.Util.naturalSortComparator
- removed toLowerCase() and changed the comparator to use
String.localeCompare()
- added unit tests
- added OC_NaturalSort that is used by OCP\Util::naturalSortCompare()
When using big session timeout values, the interval value might
overflow and cause the setInterval() call to ping the server in a loop
without any delay.
This fix adds a maximum ping interval of 24 hours.
Forward port of 00ec5fc193 from stable6.
Snapper doesn't work at all for IE8 and IE9 and messes up with the main
container layout when enabled.
This commits disables snapper for these browsers.