Lukas Reschke
70c228a7cc
Get rid of passing a reference
...
Fixes https://github.com/owncloud/core/issues/14643
2015-12-08 08:56:46 +01:00
Joas Schilling
87bc02c6cd
Allow specifying a custom reset-password-url
2015-12-07 15:41:40 +01:00
Joas Schilling
f8f3c9ecf9
Remove password reset when the user can not change the password
2015-12-07 15:14:19 +01:00
Thomas Müller
764b2932ff
Merge pull request #20960 from owncloud/drop-OC_Util-getUrlContent
...
Remove OC_Util::getUrlContent and replace by proper usage of public i…
2015-12-07 10:21:16 +01:00
Thomas Müller
f3d49a89fe
Merge pull request #11131 from owncloud/use-phpini-wrapper
...
Replacing ini_get instances with inigetwrapper usages
2015-12-07 10:20:59 +01:00
Morris Jobke
4548a0aa90
Remove OC_Util::getUrlContent and replace by proper usage of public interfaces
2015-12-04 18:02:47 +01:00
Thomas Müller
2d1cc8aaeb
Merge pull request #19461 from owncloud/reuse_code
...
reuse code
2015-12-03 13:55:50 +01:00
Lukas Reschke
2515cb17be
Support pretty URLs
...
This changeset allows ownCloud to run with pretty URLs, they will be used if mod_rewrite and mod_env are available. This means basically that the `index.php` in the URL is not shown to the user anymore.
Also the not deprecated functions to generate URLs have been modified to support this behaviour, old functions such as `filePath` will still behave as before for compatibility reasons.
Examples:
http://localhost/owncloud/index.php/s/AIDyKbxiRZWAAjP => http://localhost/owncloud/s/AIDyKbxiRZWAAjP
http://localhost/owncloud/index.php/apps/files/ => http://localhost/owncloud/apps/files/
Due to the way our CSS and JS is structured the .htaccess uses some hacks for the final result but could be worse... And I was just annoyed by all that users crying for the removal of `index.php` ;-)
2015-12-01 16:46:07 +01:00
Morris Jobke
675417a75c
Untangle the linkToDocs method in OC_Helper
...
* now uses the proper URLGenerator interface
* add comment about DI problems
2015-11-26 13:58:43 +01:00
Morris Jobke
728648ad77
Replace new occurences of ini_get with IniWrapper methods
2015-11-23 14:12:36 +01:00
Individual IT Services
1835462ec4
reuse code
2015-11-23 11:02:46 +01:00
Thomas Müller
2f89eef334
Merge pull request #20524 from owncloud/pgsql-version-check-error
...
assume pgsql >=9 if checking the version fails
2015-11-23 09:05:13 +01:00
Thomas Müller
c565a7b042
Fix failing unit test 💀
2015-11-19 16:44:43 +01:00
Thomas Müller
9ec2850c78
Use mocks when testing isSharingDisabledForUser
2015-11-19 15:36:16 +01:00
Robin Appelman
cc1db4ba87
assume pgsql >=9 if checking the version fails
2015-11-16 13:11:32 +01:00
Thomas Müller
3248db05f1
Merge pull request #17920 from andyboeh/master
...
Add possibility for alternative logins to force redirection of login page
2015-11-12 10:15:23 +01:00
Lukas Reschke
c6f6a8758b
Drop OC_SubAdmin and replace usages
2015-10-29 11:31:18 +01:00
Lukas Reschke
8f09d5b67c
Update license headers
2015-10-26 14:04:01 +01:00
Lukas Reschke
8133d46620
Remove dependency on ICrypto + use XOR
2015-10-21 17:33:41 +02:00
Morris Jobke
aa10825026
update deprecation message
2015-10-14 14:08:45 +02:00
Joas Schilling
e2806b0ae8
Update list of deprecated methods
2015-10-14 14:08:45 +02:00
Morris Jobke
b945d71384
update licence headers via script
2015-10-05 21:15:52 +02:00
Thomas Müller
b2dd5cb616
save excluded groups in json format - fixes #10983
2015-10-01 15:37:55 +02:00
Thomas Müller
68bf4440d3
Merge pull request #19293 from owncloud/individual-it-move_initTemplate
...
[jenkins] do not load unnecessary code in case of webdav
2015-09-25 13:49:51 +02:00
Individual IT Services
db84791bb0
Todo for myself to eliminate double code
...
This will be in a new PR
2015-09-25 15:43:12 +05:45
Individual IT Services
2e42f99d00
add $prepend option to addStyle() & addVendorStyle()
2015-09-25 15:41:55 +05:45
Individual IT Services
bf1cb20e90
do not load unnecessary code in case of webdav
...
changing from "protected static" to "protected"
as suggested by @nickvergessen
https://github.com/owncloud/core/pull/19114#discussion_r39719851
moving initTemplate() into template constr.
reduce to move initTemplate only
cleanup spaces
2015-09-23 11:57:10 +02:00
Martin
491250320a
Replaces if ($file === '.' || $file === '..') by if(\OC\Files\Filesystem::isIgnoredDir($file)). Eases to find where this operation is used.
2015-09-22 17:53:15 +02:00
Morris Jobke
c4c9c5ffad
Merge pull request #18684 from owncloud/explicit-upgrade-version
...
Explicit upgrade version + prevent downgrades
2015-09-09 11:08:55 +02:00
Lukas Reschke
a03422c55a
Cache generated result
...
Saves 50ms
2015-09-08 21:28:15 +02:00
Bjoern Schiessle
37513f9411
don't read certificates if ownCloud is not installed
2015-08-30 19:00:03 +02:00
Vincent Petry
d5b0b55eef
Throw exception on downgrade attempt
2015-08-30 18:07:22 +02:00
Lukas Reschke
8313a3fcb3
Add mitigation against BREACH
...
While BREACH requires the following three factors to be effectively exploitable we should add another mitigation:
1. Application must support HTTP compression
2. Response most reflect user-controlled input
3. Response should contain sensitive data
Especially part 2 is with ownCloud not really given since user-input is usually only echoed if a CSRF token has been passed.
To reduce the risk even further it is however sensible to encrypt the CSRF token with a shared secret. Since this will change on every request an attack such as BREACH is not feasible anymore against the CSRF token at least.
2015-08-14 01:31:32 +02:00
Vincent Petry
b3a1aef934
Merge pull request #13641 from owncloud/cache-storage-status
...
Store storage availability in database
2015-08-07 17:31:03 +02:00
Thomas Müller
c3cac887f5
- more injection
...
- less static calls
- use params on sql queries
- handle sql exception on database and user creation gracefully
2015-07-30 00:04:30 +02:00
Andreas Böhler
3a0d42ecf3
Add hook 'pre_displayLoginPage'
2015-07-28 13:00:18 +02:00
Andreas Böhler
3645308d0b
Add possibility for alternative logins to force redirection of login page
2015-07-28 10:31:49 +02:00
Robin McCorkell
df19cabb44
Store storage availability in database
...
Storage status is saved in the database. Failed storages are rechecked every
10 minutes, while working storages are rechecked every request.
Using the files_external app will recheck all external storages when the
settings page is viewed, or whenever an external storage is saved.
2015-07-20 16:27:26 +01:00
Morris Jobke
d52e197b0d
Merge pull request #16965 from owncloud/getUserFolder-in-IRootFolder
...
Add getUserFolder to IRootFolder
2015-07-09 14:29:47 +02:00
Thomas Müller
1385b1ec48
Remove OC_Appconfig
2015-07-03 18:00:16 +02:00
Thomas Müller
d3ac73c0c9
Remove OC_Log
2015-07-03 18:00:16 +02:00
Vincent Petry
cc373ab89a
Merge pull request #15470 from rullzer/files_sharing_getUrlContent
...
Move away from private static function OC_Util::getUrlContent
2015-07-03 17:47:46 +02:00
Morris Jobke
3e97ca3b96
Add getUserFolder to IRootFolder
...
* untangle DI of user specific folders
* allows to autodetect the dependency
2015-07-03 11:11:58 +02:00
Morris Jobke
f63915d0c8
update license headers and authors
2015-06-25 14:13:49 +02:00
Victor Dubiniuk
4239054383
Add type hint for OC_Channel
2015-05-27 18:03:11 +03:00
Thomas Müller
3babcd0344
Merge pull request #16339 from owncloud/master-override-channel
...
Allow change update channel via public API
2015-05-26 11:42:41 +02:00
Vincent Petry
7386257676
Merge pull request #16075 from owncloud/skeleton-copy-delay
...
wait with copying the skeleton untill login and setupfs are done
2015-05-20 13:52:08 +02:00
Christian Hoffmann
35207ae363
Clean-up of orthography, grammar
...
* Changed "instead to" to "instead of".
* Changed "setup" to "set up" (past participle).
2015-05-19 21:15:22 +02:00
Robin Appelman
077d41a9ce
wait with copying the skeleton untill login and setupfs are done
2015-05-18 12:11:31 +02:00
Roeland Jago Douma
9866066d3e
Depreatace OC_Util::getUrlContent
...
It is just a wrapper and the other functions are deprecated already
2015-05-18 11:03:48 +02:00