Frank Karlitschek
|
cd16c5e479
|
implement a simple request token session garbage collector
|
2012-06-11 12:13:08 +02:00 |
Thomas Tanghus
|
1cb1980d62
|
Categories: Turned the debugging down a bit.
|
2012-06-11 03:05:33 +02:00 |
Thomas Tanghus
|
e79e18d866
|
Copy/paste error.
|
2012-06-11 02:40:55 +02:00 |
Lukas Reschke
|
3f9b967be7
|
Sanitizing user input
|
2012-06-11 00:36:58 +02:00 |
Lukas Reschke
|
f8d2e21c66
|
Sanitize user input
|
2012-06-11 00:23:35 +02:00 |
Lukas Reschke
|
27d1c1bb94
|
Sanitize user input
|
2012-06-11 00:14:28 +02:00 |
Lukas Reschke
|
9f276729c2
|
Using POST instead of GET.
|
2012-06-10 23:38:26 +02:00 |
Lukas Reschke
|
380aab470f
|
Sanitzing user input
|
2012-06-10 23:16:59 +02:00 |
Michael Gapczynski
|
3c57fb935b
|
Mount personal mount points into filesystem
|
2012-06-10 16:34:44 -04:00 |
Michael Gapczynski
|
dd8303b975
|
Stop AWS SDK from looking for configuration files, forgot to include lib/cachecore
|
2012-06-10 16:34:44 -04:00 |
Thomas Tanghus
|
40f8419fdf
|
Contacts: 11th hour fix for invalid VCARD from CardDAV.
|
2012-06-10 20:56:55 +02:00 |
Frank Karlitschek
|
bf4626da93
|
prevent XSS
|
2012-06-10 19:52:23 +02:00 |
Bartek Przybylski
|
c11f6cc3f9
|
fix variable name and undefined index notice
|
2012-06-10 17:25:50 +02:00 |
Bartek Przybylski
|
76f20eb57c
|
fix first time image loading error
|
2012-06-10 13:05:00 +02:00 |
Thomas Tanghus
|
f90c8738ab
|
Contacts: Used non-existent var.
|
2012-06-10 12:48:39 +02:00 |
Bartek Przybylski
|
0838b4c225
|
gallery: removing search provider for now
|
2012-06-10 09:52:33 +02:00 |
Frank Karlitschek
|
3947aa3ef7
|
apps paging is not yet implemented. increase pagesize to 100 as a quickfix
|
2012-06-09 22:00:28 +02:00 |
Michiel de Jong
|
995f9c7348
|
sanitize scope and host
|
2012-06-09 21:08:24 +02:00 |
Michiel de Jong
|
322fd51261
|
avoid clickjacking
|
2012-06-09 21:08:24 +02:00 |
Michael Gapczynski
|
ab41b57f62
|
Add Dropbox storage backend
|
2012-06-09 15:02:48 -04:00 |
Michiel de Jong
|
b46903fa76
|
sanitize when logged in as another user
|
2012-06-09 20:39:24 +02:00 |
Frank Karlitschek
|
897bfa8814
|
finally fix the updater. next is an automatic updater. but this is a bit more tricky.
|
2012-06-09 17:43:02 +02:00 |
Robin Appelman
|
d065b2d29e
|
prevent opening non-music files through the media ajax api
|
2012-06-09 17:39:14 +02:00 |
Robin Appelman
|
601bac746d
|
use absolute path for file proxies
|
2012-06-09 17:34:13 +02:00 |
Georg Ehrke
|
e7f6f7e452
|
fix another XSS
|
2012-06-09 16:45:37 +02:00 |
Georg Ehrke
|
c9214afff8
|
fix XSS in Calendar
|
2012-06-09 16:35:35 +02:00 |
Thomas Tanghus
|
b16136642b
|
Bump version to trigger db update.
|
2012-06-09 16:05:21 +02:00 |
Robin Appelman
|
ba1dec64c1
|
load all apps when loging in, needed for apps listening to login hooks
|
2012-06-09 15:58:30 +02:00 |
Georg Ehrke
|
9c644fe53b
|
Merge branch 'master' of gitorious.org:owncloud/owncloud
|
2012-06-09 15:40:48 +02:00 |
Georg Ehrke
|
2862740674
|
increase height of event dialog
|
2012-06-09 15:38:03 +02:00 |
Thomas Tanghus
|
6e9fea341b
|
Changed preferences configvalue to clob. Fixes several bugs e.g. oc-825 and oc-743.
|
2012-06-09 15:36:28 +02:00 |
Robin Appelman
|
ec55eaef5b
|
dont load apps when displaying the login page
and only load authentication apps during login
|
2012-06-09 15:28:57 +02:00 |
Bartek Przybylski
|
43501309e3
|
add function in filesystem to strip webroot
|
2012-06-09 15:26:26 +02:00 |
Bartek Przybylski
|
120997112c
|
handle encrypted images files in oc_image
|
2012-06-09 15:22:18 +02:00 |
Georg Ehrke
|
531132d64f
|
fix a bug in when
|
2012-06-09 15:15:00 +02:00 |
Georg Ehrke
|
cfb9c764ca
|
fix creation of monthly repeated events
|
2012-06-09 15:15:00 +02:00 |
Bartek Przybylski
|
001293a702
|
removing app access check, fix title for links in tiles
|
2012-06-09 15:12:50 +02:00 |
Robin Appelman
|
cfe219fbb9
|
fix potential xss in multiselect
|
2012-06-09 15:07:16 +02:00 |
Frank Karlitschek
|
344299a074
|
add two csrf check calls. Review and lot´s of porting needed.
|
2012-06-09 15:05:14 +02:00 |
Thomas Tanghus
|
081e1874cb
|
Contacts: Use POST instead of GET.
|
2012-06-09 15:00:44 +02:00 |
Thomas Tanghus
|
88341e5797
|
Code cleanup.
|
2012-06-09 15:00:44 +02:00 |
Georg Ehrke
|
28ab92ee76
|
make use of post instead of get
|
2012-06-09 14:41:26 +02:00 |
Bart Visscher
|
4aee5a7ce4
|
Tasks: Use POST for ajax calls that change data
|
2012-06-09 14:39:41 +02:00 |
Bart Visscher
|
014895aeab
|
Check for missing path_info, also use OC_Response for 404 error
|
2012-06-09 14:39:41 +02:00 |
Robin Appelman
|
76de92477f
|
fix infinite redirect during setup for windows hosts
|
2012-06-09 14:38:05 +02:00 |
Georg Ehrke
|
bdd12df4a2
|
fix loading of OC::$REQUESTEDAPP if WTFE the app parameter is given but empty aka /?app
|
2012-06-08 22:31:44 +02:00 |
Bartek Przybylski
|
201a40a1a3
|
tabs for spaces, fix array key name
|
2012-06-08 21:55:28 +02:00 |
Bartek Przybylski
|
0c7431e57d
|
hide share button until sharing wont be fixed
|
2012-06-08 21:44:33 +02:00 |
Bartek Przybylski
|
8bc22907b8
|
adding navigation bar to gallery
|
2012-06-08 21:44:33 +02:00 |
Bartek Przybylski
|
6b0a2ae60e
|
remove old code
|
2012-06-08 21:44:32 +02:00 |