Lukas Reschke
|
cda2135966
|
Send a HSTS HTTP header to enforce SSL
|
2012-10-10 18:56:14 +02:00 |
Arthur Schiwon
|
3affeb5bd7
|
destroy invalid sessions
|
2012-10-08 13:36:11 +02:00 |
Robin Appelman
|
f8eebcbb01
|
reload the current url when login in instead of always redirecting to the default app (oc-1873)
|
2012-09-30 03:47:37 +02:00 |
Lukas Reschke
|
578aa4e425
|
Removed sectoken
This token is completly useless since an attacker can easily extract it
from the page.
|
2012-09-29 15:18:38 +02:00 |
Christian Reiner
|
743826bbf3
|
Reimplementation of CSRF protection including autorefresh
|
2012-09-28 13:30:44 +02:00 |
Lukas Reschke
|
c4fc291fa7
|
Passwords containing a ":" don't work with this explode
Thanks to mETz
|
2012-09-25 19:57:40 +02:00 |
Michael Gapczynski
|
c5f9b887ff
|
Don't call clearCache() for OC_Minimizer statically, create OC_Minimizer objects for both CSS and JS to clear cache after upgrade
|
2012-09-12 01:18:07 -04:00 |
Robin Appelman
|
46422e6dbe
|
don't use regular expresions for a simple string replace
|
2012-09-08 23:40:23 +02:00 |
Thomas Mueller
|
3829460ab8
|
adding space between) and {
|
2012-09-07 15:22:01 +02:00 |
Bart Visscher
|
5e55b4d6e7
|
Whitespace fixes in lib
|
2012-09-07 14:08:29 +02:00 |
Bart Visscher
|
9ea7817a40
|
Remove core.{css,js} cache on upgrade
|
2012-09-07 13:42:22 +02:00 |
Thomas Müller
|
9eccc0121a
|
Respect coding style
|
2012-09-05 13:22:38 +03:00 |
Thomas Müller
|
7901fc33a8
|
fixing syntax error
|
2012-09-04 15:54:38 +03:00 |
Thomas Müller
|
aff08925c1
|
fixing syntax error - sorry for that
|
2012-09-04 15:46:43 +03:00 |
Thomas Müller
|
2028500c0a
|
fixing syntax error - sorry for that
|
2012-09-04 15:42:58 +03:00 |
Thomas Müller
|
e4e0b5a822
|
Respect coding style
|
2012-09-04 15:34:09 +03:00 |
Robin Appelman
|
2508f64efe
|
set debug mode if an xdebug session is active
|
2012-09-01 20:52:13 +02:00 |
Robin Appelman
|
a7255181ad
|
fix autoloader throwing errors for non-oc classes
|
2012-09-01 15:36:52 +02:00 |
Robin Appelman
|
3dacf149de
|
allow configuring user backends in config.php
|
2012-09-01 02:50:27 +02:00 |
Robin Appelman
|
f67aef608f
|
load authentication apps on login
|
2012-09-01 02:50:27 +02:00 |
Robin Appelman
|
ebd813ae95
|
don't throw errors in the autoloader when a class doesn't exist
|
2012-09-01 02:50:27 +02:00 |
Bart Visscher
|
db18218a1b
|
Space before tab fixes
|
2012-08-29 20:34:44 +02:00 |
Bart Visscher
|
52f2e7112e
|
Whitespace fixes in lib
|
2012-08-29 20:28:45 +02:00 |
Bart Visscher
|
53e51fe46b
|
Clean user cache on login
|
2012-08-28 23:07:28 +02:00 |
Bart Visscher
|
8a02a8852f
|
Add background job for global file cache cleanup
|
2012-08-28 23:07:28 +02:00 |
Lukas Reschke
|
0d8df3f55c
|
Revert "Combine install checks in lib/base.php"
This reverts commit aa9fbf6639 .
|
2012-08-11 17:07:35 +02:00 |
Michael Gapczynski
|
465767670b
|
Check blacklist when renaming files
|
2012-08-11 11:04:04 -04:00 |
Lukas Reschke
|
8ec45870a3
|
Validate cookie properly and prevent auth bypass
BIG (!) thanks to Julien CAYSSOL
|
2012-08-10 15:28:59 +02:00 |
Jakob Sack
|
0ea4fa298c
|
Backgroundjobs: don't try to access OC_Appconfig if ownCloud has not been installed
|
2012-08-10 13:53:40 +02:00 |
Jakob Sack
|
81b997b56e
|
Merge branch 'backgroundjobs'
|
2012-08-10 13:00:51 +02:00 |
Bart Visscher
|
82b10954e7
|
Simplify loading app php script files
|
2012-08-10 12:27:37 +02:00 |
Bart Visscher
|
5e7086adc9
|
Move login handling to OC class
|
2012-08-10 12:17:13 +02:00 |
Bart Visscher
|
83403784d1
|
Always load when the requested file is css
|
2012-08-10 11:43:04 +02:00 |
Bart Visscher
|
da07245f59
|
Move OC::loadfile and OC::loadapp next to OC::handleRequest
|
2012-08-10 11:43:04 +02:00 |
Bart Visscher
|
e3c732040b
|
Make OC::loadfile and OC::loadapp protected, only used in OC::handleRequest
|
2012-08-10 11:43:04 +02:00 |
Bart Visscher
|
0973969386
|
Cleanup OC::loadfile
|
2012-08-10 11:43:04 +02:00 |
Bart Visscher
|
aa9fbf6639
|
Combine install checks in lib/base.php
|
2012-08-10 11:43:04 +02:00 |
Jakob Sack
|
889f0a1c6d
|
rename appconfig keys for backgroundjobs
|
2012-08-09 10:40:39 +02:00 |
Jakob Sack
|
13a0818fec
|
Be more precise regarding backgroundjobs mode
|
2012-08-09 01:02:05 +02:00 |
Bart Visscher
|
3387454094
|
Move login code from index.php to OC class
|
2012-08-08 22:42:51 +02:00 |
Bart Visscher
|
9156fb73fd
|
Move handling request of index.php to OC class
|
2012-08-08 22:42:50 +02:00 |
Bart Visscher
|
7522a23693
|
Remove unused RUNTIME_NOSETUPFS var
|
2012-08-08 22:42:50 +02:00 |
Bart Visscher
|
99ce7ba1df
|
Move serverHost and serverProtocol functions to OC_Request
|
2012-08-07 20:43:00 +02:00 |
Bart Visscher
|
6d0390dcca
|
Fix rewriting GET parameters with ? in REQUESTEDAPP
|
2012-08-07 20:43:00 +02:00 |
Arthur Schiwon
|
57c375ea24
|
Support for OCA namespace
|
2012-07-25 12:56:08 +02:00 |
Robin Appelman
|
33b8de91ea
|
allow a more flexible way of using user backends
|
2012-07-19 16:31:55 +02:00 |
Bart Visscher
|
621b83df72
|
Remove referer check, this is unreliable. The header doesnt need te exist, or can be wrong
|
2012-07-04 17:51:07 +02:00 |
Robin Appelman
|
12f7cb8767
|
fix running tests from cli
|
2012-06-27 13:21:45 +02:00 |
Bart Visscher
|
2f0b4983e9
|
Move app upgrade check to loading of apps
|
2012-06-27 01:05:12 +02:00 |
Brice Maron
|
09a9f5400e
|
Trim url and path of appsroot to have and standart type of path fix oc-1107
|
2012-06-25 15:50:27 +02:00 |