Commit Graph

46445 Commits

Author SHA1 Message Date
Joas Schilling 909745acfd
Fix default types of activity event member variables
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-15 11:45:17 +02:00
Morris Jobke 8177fdb0f6
Merge pull request #11765 from nextcloud/feature/mandatory-2fa-for-groups
Mandatory 2FA for groups
2018-10-15 10:58:05 +02:00
Roeland Jago Douma d65438f931
Compile federationscope menu handlebars template
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-15 10:44:24 +02:00
Morris Jobke e36d4a990d
Merge pull request #10439 from eugulixes/improve-encrypt-all-and-decrypt-all-commands
Check if TTY is invalid in encryption:encrypt-all and encryption:decrypt-all
2018-10-15 09:15:58 +02:00
Christoph Wurst 83e994c11f
Make it possible to enforce mandatory 2FA for groups
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-15 08:22:52 +02:00
Roeland Jago Douma 82a5833217
Merge pull request #11028 from nextcloud/feature/no_eval_csp
Move to stricter CSP
2018-10-14 21:17:43 +02:00
Roeland Jago Douma 056a74e323
Fix plural function to be hardcoded
No more weird eval to construct a plural function.
We just use the plural function from symfony.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-14 20:45:36 +02:00
Christoph Wurst 365f68372f
Use jQuery.getScript to dynamically load script
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-14 20:45:36 +02:00
Roeland Jago Douma 5b61ef9213
Disallow unsafe-eval by default
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-14 20:45:34 +02:00
Evgeny Golyshev ec2f02f4a0 Check if TTY is invalid in encryption:encrypt-all and encryption:decrypt-all
Signed-off-by: Evgeny Golyshev <eugulixes@gmail.com>
2018-10-14 15:06:14 +03:00
Patrik Kernstock 0fca815b4d
Merge pull request #11782 from nextcloud/bugfix/11099/fix-htaccess-referrer
Add "Referrer-Policy" to htaccess file, addresses issue #11099
2018-10-13 18:17:22 +02:00
Roeland Jago Douma 78589a2f9b
Merge pull request #11802 from nextcloud/bugfix/noid/fix-password_by_talk-not-a-boolean
Fix a case where "password_by_talk" was not a boolean
2018-10-13 11:10:48 +02:00
Morris Jobke 24a2107e03
Fix a case where "password_by_talk" was not a boolean (e.g. null or "0") and actively cast it to a boolean
This was the error message that we have seen:

```
Argument 1 passed to OC\\Share20\\Share::setSendPasswordByTalk() must be of the type boolean, null given, called in apps/sharebymail/lib/ShareByMailProvider.php on line 981
```

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-12 17:01:54 +02:00
Morris Jobke 85694c6d76
Merge pull request #11771 from nextcloud/techdebt/noid/strict-activity-events
Make activity events strict
2018-10-12 16:28:26 +02:00
Bjoern Schiessle 1b0b159685
add more tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-12 16:11:48 +02:00
Roeland Jago Douma a834e2742e
Merge pull request #11793 from nextcloud/dependabot/npm_and_yarn/settings/nextcloud-vue-0.2.0
Bump nextcloud-vue from 0.1.5 to 0.2.0 in /settings
2018-10-12 13:48:19 +02:00
Roeland Jago Douma d9ffd6db4e
Rebuild settings
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-12 13:05:28 +02:00
dependabot[bot] d2f6f5d98d
Bump nextcloud-vue from 0.1.5 to 0.2.0 in /settings
Bumps [nextcloud-vue](https://github.com/nextcloud/vue-components) from 0.1.5 to 0.2.0.
- [Release notes](https://github.com/nextcloud/vue-components/releases)
- [Commits](https://github.com/nextcloud/vue-components/compare/v0.1.5...v0.2.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-12 10:29:41 +00:00
Joas Schilling 16817f3743
Make activity events strict
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-12 12:12:12 +02:00
Morris Jobke b5753d0efa
Merge pull request #11759 from nextcloud/feature/11504/sharing-favicon
Use default favicon on sharing pages
2018-10-12 10:30:21 +02:00
Robin Appelman ee84d83519
move versions webui over to the dav api
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-11 20:42:41 +02:00
Roeland Jago Douma 0afb0381e5
Merge pull request #11775 from nextcloud/followup/11769
3rdparty to master followup of #11769
2018-10-11 20:23:17 +02:00
Roeland Jago Douma 1fcb5db266
Merge pull request #11764 from nextcloud/fix/11637/sharedstorageroot
Do not pass '.' along as path
2018-10-11 20:18:44 +02:00
Patrik Kernstock 8cdd906d66 Add "Referrer-Policy" to htaccess file, addresses issue #11099
Signed-off-by: Patrik Kernstock <info@pkern.at>
2018-10-11 19:44:05 +02:00
Roeland Jago Douma dd8350b3b3
Merge pull request #10778 from suntorytimed/patch-1
check for empty string
2018-10-11 19:05:38 +02:00
Julius Härtl 2538079876
Use default favicon on sharing pages
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-11 16:29:24 +02:00
Roeland Jago Douma ce15c6c0b3
3rdparty to master followup of #11769
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-11 15:49:31 +02:00
Roeland Jago Douma 12f921f043
Merge pull request #11769 from nextcloud/3rdparty/remove/random_compat
Remove random_compat
2018-10-11 15:48:03 +02:00
Roeland Jago Douma eed1e6e21c
Merge pull request #11766 from Birkenstab/feature/allow-same-origin-referrer-policy
Allow "same-origin" as "Referrer-Policy"
2018-10-11 15:24:17 +02:00
Joas Schilling f48d5dc27e
Remove random_compat
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-11 14:45:11 +02:00
Roeland Jago Douma 51e96dc3f6
Normalize getUnjailedPath
Fixes #11637

If we do not normalize the unjailed path we might end up with a path
like files/user/folder/. which can break on objectstores

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-11 14:43:48 +02:00
Moritz Beck b68661ed6e
Allow "same-origin" as "Referrer-Policy"
Fixes #11531

Although "same-origin" is more strict than e.g. strict-origin it showed up a warning in setupcheck
Based on https://scotthelme.co.uk/a-new-security-header-referrer-policy/

Signed-off-by: Moritz Beck <git@birkenstab.de>
2018-10-11 13:17:26 +02:00
Morris Jobke 6e56a7b31e
Merge pull request #11745 from nextcloud/ci/php73
Make php7.3 compatible
2018-10-11 12:23:10 +02:00
Morris Jobke fe45db6ae2
Merge pull request #11744 from burned42/fix_percent_sign_breaking_all_files_view
Remove duplicate call to decodeURIComponent
2018-10-11 12:20:07 +02:00
Roeland Jago Douma fa15c5e636
Merge pull request #11756 from nextcloud/ignore-session-lifetime-if-it-can-not-be-converted-to-a-number
Ignore "session_lifetime" if it can not be converted to a number
2018-10-11 11:42:41 +02:00
Roeland Jago Douma 87eefbd192
Add 7.3 CI to drone
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-11 11:20:48 +02:00
Roeland Jago Douma f675698551
Allow php7.3
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-11 11:20:48 +02:00
Daniel Calviño Sánchez c2916b62d3 Ignore "session_lifetime" if it can not be converted to a number
When "session_lifetime" can not be converted to a number the interval
becomes a NaN due to dividing it by 2. This NaN was "dragged" over all
the other mathematical operations and caused the csrftoken to be got
again and again due to an infinite loop with no pauses in "setInterval".
Now, the interval is set to the default value instead if the
"session_lifetime" can not be converted to a number.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-10-11 10:53:25 +02:00
Roeland Jago Douma 82d4732a01
Merge pull request #11750 from nextcloud/3rdparty/symfony-3.4.17
[3rdparty] Symfony-3.4.17
2018-10-11 10:33:13 +02:00
Roeland Jago Douma 9142e92814
[3rdparty] Symfony-3.4.17
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-11 09:27:05 +02:00
Morris Jobke 9277d242b0
Merge pull request #11746 from nextcloud/ci/php72-syntax
Add syntax ci job for php7.2
2018-10-11 09:05:14 +02:00
Bernd Stellwag 0f030d885b Remove duplicate call to decodeURIComponent
Signed-off-by: Bernd Stellwag <burned@zerties.org>
2018-10-11 08:00:28 +02:00
Roeland Jago Douma 6680966f7c
Ignore the RiakCache
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-10 22:27:54 +02:00
Roeland Jago Douma 04c80c681d
Add syntax ci job for php7.2
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-10 22:15:59 +02:00
Roeland Jago Douma 793f53c94b
Merge pull request #11701 from nextcloud/dependachristoph/bower/pin-versions
Pin Bower versions
2018-10-10 21:21:16 +02:00
Roeland Jago Douma 2a690db553
Merge pull request #11675 from nextcloud/feature/enforce-2fa-admin-settings
Add admin interface to enforce 2FA
2018-10-10 20:40:30 +02:00
Patrik Kernstock 6a00521128 Use error styling for exception message
Signed-off-by: Patrik Kernstock <info@pkern.at>
2018-10-10 18:28:26 +02:00
Patrik Kernstock 4cd7cf86db Using Throwable instead of Exception
Signed-off-by: Patrik Kernstock <info@pkern.at>
2018-10-10 17:32:50 +02:00
Bjoern Schiessle fd5fc24da2
some small fixes and improvements
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-10 16:07:01 +02:00
Morris Jobke 0acae1d4aa
Merge pull request #11719 from nextcloud/techdebt/noid/allow-to-mock-new-datetime
Allow to inject/mock `new \DateTime()` similar to time()
2018-10-10 14:54:15 +02:00