Commit Graph

257 Commits

Author SHA1 Message Date
Lukas Reschke cda2135966 Send a HSTS HTTP header to enforce SSL 2012-10-10 18:56:14 +02:00
Arthur Schiwon 3affeb5bd7 destroy invalid sessions 2012-10-08 13:36:11 +02:00
Robin Appelman f8eebcbb01 reload the current url when login in instead of always redirecting to the default app (oc-1873) 2012-09-30 03:47:37 +02:00
Lukas Reschke 578aa4e425 Removed sectoken
This token is completly useless since an attacker can easily extract it
from the page.
2012-09-29 15:18:38 +02:00
Christian Reiner 743826bbf3 Reimplementation of CSRF protection including autorefresh 2012-09-28 13:30:44 +02:00
Lukas Reschke c4fc291fa7 Passwords containing a ":" don't work with this explode
Thanks to mETz
2012-09-25 19:57:40 +02:00
Michael Gapczynski c5f9b887ff Don't call clearCache() for OC_Minimizer statically, create OC_Minimizer objects for both CSS and JS to clear cache after upgrade 2012-09-12 01:18:07 -04:00
Robin Appelman 46422e6dbe don't use regular expresions for a simple string replace 2012-09-08 23:40:23 +02:00
Thomas Mueller 3829460ab8 adding space between) and { 2012-09-07 15:22:01 +02:00
Bart Visscher 5e55b4d6e7 Whitespace fixes in lib 2012-09-07 14:08:29 +02:00
Bart Visscher 9ea7817a40 Remove core.{css,js} cache on upgrade 2012-09-07 13:42:22 +02:00
Thomas Müller 9eccc0121a Respect coding style 2012-09-05 13:22:38 +03:00
Thomas Müller 7901fc33a8 fixing syntax error 2012-09-04 15:54:38 +03:00
Thomas Müller aff08925c1 fixing syntax error - sorry for that 2012-09-04 15:46:43 +03:00
Thomas Müller 2028500c0a fixing syntax error - sorry for that 2012-09-04 15:42:58 +03:00
Thomas Müller e4e0b5a822 Respect coding style 2012-09-04 15:34:09 +03:00
Robin Appelman 2508f64efe set debug mode if an xdebug session is active 2012-09-01 20:52:13 +02:00
Robin Appelman a7255181ad fix autoloader throwing errors for non-oc classes 2012-09-01 15:36:52 +02:00
Robin Appelman 3dacf149de allow configuring user backends in config.php 2012-09-01 02:50:27 +02:00
Robin Appelman f67aef608f load authentication apps on login 2012-09-01 02:50:27 +02:00
Robin Appelman ebd813ae95 don't throw errors in the autoloader when a class doesn't exist 2012-09-01 02:50:27 +02:00
Bart Visscher db18218a1b Space before tab fixes 2012-08-29 20:34:44 +02:00
Bart Visscher 52f2e7112e Whitespace fixes in lib 2012-08-29 20:28:45 +02:00
Bart Visscher 53e51fe46b Clean user cache on login 2012-08-28 23:07:28 +02:00
Bart Visscher 8a02a8852f Add background job for global file cache cleanup 2012-08-28 23:07:28 +02:00
Lukas Reschke 0d8df3f55c Revert "Combine install checks in lib/base.php"
This reverts commit aa9fbf6639.
2012-08-11 17:07:35 +02:00
Michael Gapczynski 465767670b Check blacklist when renaming files 2012-08-11 11:04:04 -04:00
Lukas Reschke 8ec45870a3 Validate cookie properly and prevent auth bypass
BIG (!) thanks to Julien CAYSSOL
2012-08-10 15:28:59 +02:00
Jakob Sack 0ea4fa298c Backgroundjobs: don't try to access OC_Appconfig if ownCloud has not been installed 2012-08-10 13:53:40 +02:00
Jakob Sack 81b997b56e Merge branch 'backgroundjobs' 2012-08-10 13:00:51 +02:00
Bart Visscher 82b10954e7 Simplify loading app php script files 2012-08-10 12:27:37 +02:00
Bart Visscher 5e7086adc9 Move login handling to OC class 2012-08-10 12:17:13 +02:00
Bart Visscher 83403784d1 Always load when the requested file is css 2012-08-10 11:43:04 +02:00
Bart Visscher da07245f59 Move OC::loadfile and OC::loadapp next to OC::handleRequest 2012-08-10 11:43:04 +02:00
Bart Visscher e3c732040b Make OC::loadfile and OC::loadapp protected, only used in OC::handleRequest 2012-08-10 11:43:04 +02:00
Bart Visscher 0973969386 Cleanup OC::loadfile 2012-08-10 11:43:04 +02:00
Bart Visscher aa9fbf6639 Combine install checks in lib/base.php 2012-08-10 11:43:04 +02:00
Jakob Sack 889f0a1c6d rename appconfig keys for backgroundjobs 2012-08-09 10:40:39 +02:00
Jakob Sack 13a0818fec Be more precise regarding backgroundjobs mode 2012-08-09 01:02:05 +02:00
Bart Visscher 3387454094 Move login code from index.php to OC class 2012-08-08 22:42:51 +02:00
Bart Visscher 9156fb73fd Move handling request of index.php to OC class 2012-08-08 22:42:50 +02:00
Bart Visscher 7522a23693 Remove unused RUNTIME_NOSETUPFS var 2012-08-08 22:42:50 +02:00
Bart Visscher 99ce7ba1df Move serverHost and serverProtocol functions to OC_Request 2012-08-07 20:43:00 +02:00
Bart Visscher 6d0390dcca Fix rewriting GET parameters with ? in REQUESTEDAPP 2012-08-07 20:43:00 +02:00
Arthur Schiwon 57c375ea24 Support for OCA namespace 2012-07-25 12:56:08 +02:00
Robin Appelman 33b8de91ea allow a more flexible way of using user backends 2012-07-19 16:31:55 +02:00
Bart Visscher 621b83df72 Remove referer check, this is unreliable. The header doesnt need te exist, or can be wrong 2012-07-04 17:51:07 +02:00
Robin Appelman 12f7cb8767 fix running tests from cli 2012-06-27 13:21:45 +02:00
Bart Visscher 2f0b4983e9 Move app upgrade check to loading of apps 2012-06-27 01:05:12 +02:00
Brice Maron 09a9f5400e Trim url and path of appsroot to have and standart type of path fix oc-1107 2012-06-25 15:50:27 +02:00