mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
28,828 Commits 349 Branches 696 Tags 1.6 GiB
Commit Graph

276 Commits

Author SHA1 Message Date
Joas Schilling 87bc02c6cd Allow specifying a custom reset-password-url 2015-12-07 15:41:40 +01:00
Joas Schilling f8f3c9ecf9 Remove password reset when the user can not change the password 2015-12-07 15:14:19 +01:00
Thomas Müller 764b2932ff Merge pull request #20960 from owncloud/drop-OC_Util-getUrlContent 
Remove OC_Util::getUrlContent and replace by proper usage of public i…
 2015-12-07 10:21:16 +01:00
Thomas Müller f3d49a89fe Merge pull request #11131 from owncloud/use-phpini-wrapper 
Replacing ini_get instances with inigetwrapper usages
 2015-12-07 10:20:59 +01:00
Morris Jobke 4548a0aa90 Remove OC_Util::getUrlContent and replace by proper usage of public interfaces 2015-12-04 18:02:47 +01:00
Thomas Müller 2d1cc8aaeb Merge pull request #19461 from owncloud/reuse_code 
reuse code
 2015-12-03 13:55:50 +01:00
Lukas Reschke 2515cb17be Support pretty URLs 
This changeset allows ownCloud to run with pretty URLs, they will be used if mod_rewrite and mod_env are available. This means basically that the `index.php` in the URL is not shown to the user anymore.

Also the not deprecated functions to generate URLs have been modified to support this behaviour, old functions such as `filePath` will still behave as before for compatibility reasons.

Examples:
http://localhost/owncloud/index.php/s/AIDyKbxiRZWAAjP => http://localhost/owncloud/s/AIDyKbxiRZWAAjP
http://localhost/owncloud/index.php/apps/files/ => http://localhost/owncloud/apps/files/

Due to the way our CSS and JS is structured the .htaccess uses some hacks for the final result but could be worse... And I was just annoyed by all that users crying for the removal of `index.php` ;-)
 2015-12-01 16:46:07 +01:00
Morris Jobke 675417a75c Untangle the linkToDocs method in OC_Helper 
* now uses the proper URLGenerator interface
* add comment about DI problems
 2015-11-26 13:58:43 +01:00
Morris Jobke 728648ad77 Replace new occurences of ini_get with IniWrapper methods 2015-11-23 14:12:36 +01:00
Individual IT Services 1835462ec4 reuse code 2015-11-23 11:02:46 +01:00
Thomas Müller 2f89eef334 Merge pull request #20524 from owncloud/pgsql-version-check-error 
assume pgsql >=9 if checking the version fails
 2015-11-23 09:05:13 +01:00
Thomas Müller c565a7b042 Fix failing unit test 💀 2015-11-19 16:44:43 +01:00
Thomas Müller 9ec2850c78 Use mocks when testing isSharingDisabledForUser 2015-11-19 15:36:16 +01:00
Robin Appelman cc1db4ba87 assume pgsql >=9 if checking the version fails 2015-11-16 13:11:32 +01:00
Thomas Müller 3248db05f1 Merge pull request #17920 from andyboeh/master 
Add possibility for alternative logins to force redirection of login page
 2015-11-12 10:15:23 +01:00
Lukas Reschke c6f6a8758b Drop OC_SubAdmin and replace usages 2015-10-29 11:31:18 +01:00
Lukas Reschke 8f09d5b67c Update license headers 2015-10-26 14:04:01 +01:00
Lukas Reschke 8133d46620 Remove dependency on ICrypto + use XOR 2015-10-21 17:33:41 +02:00
Morris Jobke aa10825026 update deprecation message 2015-10-14 14:08:45 +02:00
Joas Schilling e2806b0ae8 Update list of deprecated methods 2015-10-14 14:08:45 +02:00
Morris Jobke b945d71384 update licence headers via script 2015-10-05 21:15:52 +02:00
Thomas Müller b2dd5cb616 save excluded groups in json format - fixes #10983 2015-10-01 15:37:55 +02:00
Thomas Müller 68bf4440d3 Merge pull request #19293 from owncloud/individual-it-move_initTemplate 
[jenkins] do not load unnecessary code in case of webdav
 2015-09-25 13:49:51 +02:00
Individual IT Services db84791bb0 Todo for myself to eliminate double code 
This will be in a new PR
 2015-09-25 15:43:12 +05:45
Individual IT Services 2e42f99d00 add $prepend option to addStyle() & addVendorStyle() 2015-09-25 15:41:55 +05:45
Individual IT Services bf1cb20e90 do not load unnecessary code in case of webdav 
changing from "protected static" to "protected"
as suggested by @nickvergessen
https://github.com/owncloud/core/pull/19114#discussion_r39719851

moving initTemplate() into template constr.

reduce to move initTemplate only

cleanup spaces
 2015-09-23 11:57:10 +02:00
Martin 491250320a Replaces if ($file === '.' || $file === '..') by if(\OC\Files\Filesystem::isIgnoredDir($file)). Eases to find where this operation is used. 2015-09-22 17:53:15 +02:00
Morris Jobke c4c9c5ffad Merge pull request #18684 from owncloud/explicit-upgrade-version 
Explicit upgrade version + prevent downgrades
 2015-09-09 11:08:55 +02:00
Lukas Reschke a03422c55a Cache generated result 
Saves 50ms
 2015-09-08 21:28:15 +02:00
Bjoern Schiessle 37513f9411 don't read certificates if ownCloud is not installed 2015-08-30 19:00:03 +02:00
Vincent Petry d5b0b55eef Throw exception on downgrade attempt 2015-08-30 18:07:22 +02:00
Lukas Reschke 8313a3fcb3 Add mitigation against BREACH 
While BREACH requires the following three factors to be effectively exploitable we should add another mitigation:

1. Application must support HTTP compression
2. Response most reflect user-controlled input
3. Response should contain sensitive data

Especially part 2 is with ownCloud not really given since user-input is usually only echoed if a CSRF token has been passed.

To reduce the risk even further it is however sensible to encrypt the CSRF token with a shared secret. Since this will change on every request an attack such as BREACH is not feasible anymore against the CSRF token at least.
 2015-08-14 01:31:32 +02:00
Vincent Petry b3a1aef934 Merge pull request #13641 from owncloud/cache-storage-status 
Store storage availability in database
 2015-08-07 17:31:03 +02:00
Thomas Müller c3cac887f5 - more injection 
- less static calls
- use params on sql queries
- handle sql exception on database and user creation gracefully
 2015-07-30 00:04:30 +02:00
Andreas Böhler 3a0d42ecf3 Add hook 'pre_displayLoginPage' 2015-07-28 13:00:18 +02:00
Andreas Böhler 3645308d0b Add possibility for alternative logins to force redirection of login page 2015-07-28 10:31:49 +02:00
Robin McCorkell df19cabb44 Store storage availability in database 
Storage status is saved in the database. Failed storages are rechecked every
10 minutes, while working storages are rechecked every request.

Using the files_external app will recheck all external storages when the
settings page is viewed, or whenever an external storage is saved.
 2015-07-20 16:27:26 +01:00
Morris Jobke d52e197b0d Merge pull request #16965 from owncloud/getUserFolder-in-IRootFolder 
Add getUserFolder to IRootFolder
 2015-07-09 14:29:47 +02:00
Thomas Müller 1385b1ec48 Remove OC_Appconfig 2015-07-03 18:00:16 +02:00
Thomas Müller d3ac73c0c9 Remove OC_Log 2015-07-03 18:00:16 +02:00
Vincent Petry cc373ab89a Merge pull request #15470 from rullzer/files_sharing_getUrlContent 
Move away from private static function OC_Util::getUrlContent
 2015-07-03 17:47:46 +02:00
Morris Jobke 3e97ca3b96 Add getUserFolder to IRootFolder 
* untangle DI of user specific folders
* allows to autodetect the dependency
 2015-07-03 11:11:58 +02:00
Morris Jobke f63915d0c8 update license headers and authors 2015-06-25 14:13:49 +02:00
Victor Dubiniuk 4239054383 Add type hint for OC_Channel 2015-05-27 18:03:11 +03:00
Thomas Müller 3babcd0344 Merge pull request #16339 from owncloud/master-override-channel 
Allow change update channel via public API
 2015-05-26 11:42:41 +02:00
Vincent Petry 7386257676 Merge pull request #16075 from owncloud/skeleton-copy-delay 
wait with copying the skeleton untill login and setupfs are done
 2015-05-20 13:52:08 +02:00
Christian Hoffmann 35207ae363 Clean-up of orthography, grammar 
* Changed "instead to" to "instead of".
* Changed "setup" to "set up" (past participle).
 2015-05-19 21:15:22 +02:00
Robin Appelman 077d41a9ce wait with copying the skeleton untill login and setupfs are done 2015-05-18 12:11:31 +02:00
Roeland Jago Douma 9866066d3e Depreatace OC_Util::getUrlContent 
It is just a wrapper and the other functions are deprecated already
 2015-05-18 11:03:48 +02:00
Victor Dubiniuk af814ba270 Allow change update channel via public API 2015-05-13 20:29:33 +03:00