Lukas Reschke
e48fa1c337
Merge pull request #1948 from nextcloud/move_away_lagacy_oc_l10n
...
Move away from legacy OC_L10N
2016-10-29 09:39:22 +02:00
Nextcloud bot
035890aeb1
[tx-robot] updated from transifex
2016-10-29 00:07:14 +00:00
Morris Jobke
a78f6e9586
Use OCP\\IL10N in tests too
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-28 23:04:36 +02:00
Morris Jobke
48ce0ef19c
Merge pull request #1926 from nextcloud/fix-comment-mentions-in-activities
...
Fix comment mentions in activities
2016-10-28 22:47:15 +02:00
Roeland Jago Douma
83e7cfd13a
Fix more tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-28 22:16:28 +02:00
Roeland Jago Douma
740659a04c
Move away from OC_L10N
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-28 21:46:28 +02:00
Joas Schilling
286482656b
Fix comment mentions in activities
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-28 12:32:10 +02:00
Jörn Friedrich Dreyer
f8352fcb8d
introduce callForSeenUsers and countSeenUsers ( #26361 )
...
* introduce callForSeenUsers and countSeenUsers
* add tests
* oracle should support not null on clob
* since 9.2.0
2016-10-28 08:44:05 +02:00
Nextcloud bot
ad597d498d
[tx-robot] updated from transifex
2016-10-28 00:07:11 +00:00
Morris Jobke
d4969abc9d
Merge pull request #1800 from nextcloud/nextcloud-rich-object-strings
...
Nextcloud rich object strings
2016-10-27 15:30:58 +02:00
Nextcloud bot
9984eba727
[tx-robot] updated from transifex
2016-10-27 00:07:01 +00:00
Morris Jobke
cde7f535bd
Merge pull request #1738 from nextcloud/comments-provide-displaynames-with-mentions
...
comment mentions: show displayname not uid
2016-10-26 14:02:49 +02:00
Morris Jobke
ffb0e91b60
Merge pull request #1907 from nextcloud/downstream-26164
...
Highlight files and update storage stats at end of upload (#26164 )
2016-10-26 13:17:35 +02:00
Nextcloud bot
a973c1bfb9
[tx-robot] updated from transifex
2016-10-26 00:07:12 +00:00
Roeland Jago Douma
1b6ba5ad32
Merge pull request #1911 from nextcloud/downstream-26477
...
Fix malformed attribute in files app
2016-10-25 22:04:43 +02:00
Roeland Jago Douma
d89c1a49c1
Merge pull request #1913 from nextcloud/downstream-26441
...
Require to use at least desktop client 2.0 by default
2016-10-25 22:04:15 +02:00
Arthur Schiwon
b12b52b73b
fix JS test and introduce tests for rendering mentions to displaynames
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-25 18:33:59 +02:00
Thomas Müller
9df3869bfc
Fix unit tests for BlockLegacyClientPlugin
2016-10-25 18:03:10 +02:00
Thomas Müller
1c39b30d50
Require to use at least desktop client 2.0 by default
2016-10-25 18:01:25 +02:00
Morris Jobke
fa4bf7b0b0
Merge pull request #1906 from nextcloud/downstream-26460
...
Remove any detailed information about the exception in the browser er…
2016-10-25 17:58:19 +02:00
Vincent Petry
e456df14ab
Fix malformed attribute in files app
2016-10-25 17:32:59 +02:00
Vincent Petry
50b8221255
Highlight files and update storage stats at end of upload ( #26164 )
...
Properly trigger the "stop" even from the uploader.
Also update storage stats at the end of all uploads instead of for each
upload.
2016-10-25 14:51:44 +02:00
Thomas Müller
726994ecae
Remove any detailed information about the exception in the browser error plugin
2016-10-25 14:47:33 +02:00
Morris Jobke
89574367bc
Merge pull request #1871 from nextcloud/use-csp-nonces
...
Use CSP nonces
2016-10-25 14:46:00 +02:00
Morris Jobke
01a85a98f2
Merge pull request #1876 from nextcloud/shareesAPI_email
...
Add ShareesAPI E-mail search
2016-10-25 13:53:59 +02:00
Morris Jobke
c0adc3c2cf
Merge pull request #1883 from nextcloud/downstream-26145
...
Storage 503 message improvements
2016-10-25 13:19:46 +02:00
Nextcloud bot
e23a298a81
[tx-robot] updated from transifex
2016-10-25 09:36:09 +00:00
Morris Jobke
e8c359d86e
Merge pull request #1897 from nextcloud/fix-public-button
...
fix button on public upload page for mobile
2016-10-25 11:03:21 +02:00
Joas Schilling
890f752a6b
Merge pull request #1452 from nextcloud/appconfig-endpoint
...
Appconfig endpoint
2016-10-25 10:57:48 +02:00
Lukas Reschke
79706e0ddc
Merge pull request #1283 from nextcloud/us_files-ui-webdav-upload
...
Use Webdav PUT for uploads
2016-10-25 10:31:03 +02:00
Roeland Jago Douma
60fa82d92f
Merge pull request #1860 from ryanwr/feature-sort-favorite
...
Sort favorite files first
2016-10-25 08:22:33 +02:00
Jan-Christoph Borchardt
d4515ae603
fix button on public upload page
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2016-10-24 23:26:56 +02:00
Roeland Jago Douma
c8a13f644e
Only enable files_drop plugin when we actuall do files_drop
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Roeland Jago Douma
0abcc630a5
Fix public files_drop page
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Roeland Jago Douma
7a6dbeb398
Make files_drop work
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Roeland Jago Douma
e73a11d106
Fix permision mask
...
If we move a file from the temp part file to the original file we don't
need update permissions.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry
f374eb5f1d
More fixes to file upload
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry
f72ffa2f11
Fix js unit tests for webdav put upload changes
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry
786e858d23
Add support for chunked upload
...
Hacked around Blueimp's jquery.fileupload to make it work with our new
chunking API.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry
c68e273664
Goodbye Iframe transport !
...
Not needed any more in IE >= 11
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry
59c5be1cc5
Use Webdav PUT for uploads in the web browser
...
- uses PUT method with jquery.fileupload for regular and public file
lists
- for IE and browsers that don't support it, use POST with iframe
transport
- implemented Sabre plugin to handle iframe transport and redirect the
embedded PUT request to the proper handler
- added RFC5995 POST to file collection with "add-member" property to
make it possible to auto-rename conflicting file names
- remove obsolete ajax/upload.php and obsolete ajax routes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
ryanwr
3e96f33995
Sort favorite files first Issue #1802
...
Signed-off-by: Ryan Welch <ryantwr@gmail.com>
2016-10-24 17:55:47 +01:00
Lukas Reschke
38b3ac8213
Add ContentSecurityPolicyNonceManager
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 16:35:31 +02:00
Vincent Petry
44cf67accd
Storage 503 message improvements
...
"Storage not available" is now "Storage temporarily not available".
Exceptions are now logged in DEBUG level, not FATAL.
2016-10-24 15:43:15 +02:00
Roeland Jago Douma
a28528a254
Add ShareesAPI E-mail search
...
* Allow to search for SHARE_TYPE_EMAIL (4)
* Added tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 14:59:32 +02:00
Joas Schilling
b130267e58
Import the used classes
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-24 14:33:54 +02:00
Roeland Jago Douma
b4ebf03bef
Fix tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 13:25:59 +02:00
Lukas Reschke
9e6634814e
Add support for CSP nonces
...
CSP nonces are a feature available with CSP v2. Basically instead of saying "JS resources from the same domain are ok to be served" we now say "Ressources from everywhere are allowed as long as they add a `nonce` attribute to the script tag with the right nonce.
At the moment the nonce is basically just a `<?php p(base64_encode($_['requesttoken'])) ?>`, we have to decode the requesttoken since `:` is not an allowed value in the nonce. So if somebody does on their own include JS files (instead of using the `addScript` public API, they now must also include that attribute.)
IE does currently not implement CSP v2, thus there is a whitelist included that delivers the new CSP v2 policy to newer browsers. Check http://caniuse.com/#feat=contentsecuritypolicy2 for the current browser support list. An alternative approach would be to just add `'unsafe-inline'` as well as `'unsafe-inline'` is ignored by CSPv2 when a nonce is set. But this would make this security feature unusable at all in IE. Not worth it at the moment IMO.
Implementing this offers the following advantages:
1. **Security:** As we host resources from the same domain by design we don't have to worry about 'self' anymore being in the whitelist
2. **Performance:** We can move oc.js again to inline JS. This makes the loading way quicker as we don't have to load on every load of a new web page a blocking dynamically non-cached JavaScript file.
If you want to toy with CSP see also https://csp-evaluator.withgoogle.com/
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 12:27:50 +02:00
Roeland Jago Douma
f589f1a1d6
Move files_sharing Controllers => Controller
...
lib/Controller is the default location for controllers. So lets put them
all in there.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 11:46:25 +02:00
Roeland Jago Douma
6604e76e94
Fix middleware tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 09:52:34 +02:00