Thomas Citharel
ecf347bd1a
Add CSP frame-ancestors support
...
Didn't set the @since annotation yet.
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2017-09-15 15:23:10 +02:00
Nextcloud bot
113fd47f30
[tx-robot] updated from transifex
2017-09-15 00:08:08 +00:00
John Molakvoæ (skjnldsv)
1a0ac912b2
Fix webroot throw
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-09-14 08:41:10 +02:00
Nextcloud bot
7698781a1e
[tx-robot] updated from transifex
2017-09-14 00:08:12 +00:00
Morris Jobke
883574974d
Merge pull request #6458 from nextcloud/rethrow-correct-exception
...
Rethrow the correct exception when there was an error in an app conta…
2017-09-14 00:32:13 +02:00
Lukas Reschke
8ef4fcb4b7
Merge pull request #6452 from lukanetconsult/hotfix/issue-6415-undefined-variable
...
Fix undefined variable $tmpRoot
2017-09-13 22:42:42 +02:00
Nextcloud bot
5ce3c7003b
[tx-robot] updated from transifex
2017-09-13 00:08:12 +00:00
Roeland Jago Douma
9163cf9241
Fix AppPassword 2FA auth
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-12 22:28:43 +02:00
Axel Helmert
01d4967130
Fix undefined variable $tmpRoot
...
Refactoring of webroot detection left an unused variable.
Fixes : #6415
Signed-off-by: Axel Helmert <info@luka.de>
2017-09-12 12:14:27 +02:00
Joas Schilling
c4b3198ac2
Rethrow the correct exception when there was an error in an app container
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-12 11:54:13 +02:00
Julius Härtl
8391ca8792
Use IAppManager instead of private API
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-09-12 09:28:22 +02:00
Julius Härtl
b49ab065b7
Move theming related imagePath logic to ThemingDefaults
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-09-12 09:22:57 +02:00
Lukas Reschke
88731848c6
Merge pull request #6435 from nextcloud/add-exception-to-phpdoc
...
Add exceptions to PHPDoc of interface
2017-09-11 13:01:41 +02:00
William Pain
9a63ded43b
Fix uninitialized variable $this->params
...
Signed-off-by: William Pain <pain.william@gmail.com>
2017-09-11 10:01:12 +02:00
Lukas Reschke
b97f48f1af
Add exceptions to PHPDoc of interface
...
Improves static code analysis here and also keeps expectations proper.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-09-10 20:01:36 +02:00
Nextcloud bot
3f6692ee24
[tx-robot] updated from transifex
2017-09-10 00:08:23 +00:00
Morris Jobke
8a79d0cc70
Merge pull request #6414 from nextcloud/share-notification-wrong-language
...
Use the language of the recipient for the share notification
2017-09-08 19:15:05 +02:00
Morris Jobke
75c38d5d98
Merge pull request #6416 from nextcloud/make-sure-sqlite-works-without-content
...
Ask the schema whether the table and column exist
2017-09-08 19:09:38 +02:00
Morris Jobke
e9c713902e
Merge pull request #6417 from nextcloud/proper-english-nowhave
...
Improve text: 'you have now' -> 'you now have'
2017-09-08 18:29:22 +02:00
Leon Klingele
8e46e6b827
Improve text: 'you have now' -> 'you now have'
...
Signed-off-by: Leon Klingele <leon@struktur.de>
2017-09-08 13:47:11 +02:00
Joas Schilling
29e1aa57e1
Ask the schema whether the table and column exist
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-08 11:45:16 +02:00
Joas Schilling
7e625a8d22
Use the language of the recipient for the share notification
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-08 10:48:16 +02:00
Nextcloud bot
194f880073
[tx-robot] updated from transifex
2017-09-08 00:08:16 +00:00
Lukas Reschke
bab313da5d
Merge pull request #6360 from nextcloud/fix/session-timeout-refresh-csrf-token
...
Fix failing csp/nonce check due to timed out session
2017-09-07 19:51:59 +02:00
Lukas Reschke
11c7a98a2a
Merge pull request #6380 from nextcloud/cleanup-oci-setup
...
cleanup oci setup code
2017-09-07 14:11:55 +02:00
Morris Jobke
485e22acde
Merge pull request #6329 from nextcloud/ldap-password
...
Don't log LDAP password when server is not available
2017-09-07 09:25:56 +02:00
tux-rampage
7a33b9273e
Refactor webroot detection in resource locator
...
The current implementation breaks installations with symlinks to
directories inside the webroot (i.E. apps).
With this change both variants, directory and symlinks, will be detected
correctly.
Fixes : #6028
Signed-off-by: Axel Helmert <axel.helmert@luka.de>
2017-09-06 21:32:48 +02:00
Morris Jobke
a10c4517cb
Merge pull request #5571 from Luzifer/5570_backend_admin
...
Allow group backend to declare users as admins
2017-09-06 19:50:52 +02:00
Morris Jobke
5d4540f179
Merge pull request #6364 from nextcloud/fix_login_loop
...
Fix login with basic auth
2017-09-06 17:04:00 +02:00
Joas Schilling
b68609d0cf
Don't log LDAP password when server is not available
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-06 16:38:55 +02:00
Robin Appelman
2c0efae30f
cleanup oci setup code
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-06 15:55:05 +02:00
Nextcloud bot
9d930210ee
[tx-robot] updated from transifex
2017-09-06 00:08:21 +00:00
Morris Jobke
15cd21d252
Merge pull request #6358 from nextcloud/fix-mixup-of-id-and-name
...
Set the meta data before everything
2017-09-05 16:08:57 +02:00
Knut Ahlers
586cefc4f1
Add @since tag to constant
...
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2017-09-05 15:49:13 +02:00
Roeland Jago Douma
b96485b6bd
Fix login with basic auth
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-05 12:24:41 +02:00
Christoph Wurst
87aeae21e3
Fix failing csp/nonce check due to timed out session
...
The CSP nonce is based on the CSRF token. This token does not change,
unless you log in (or out). In case of the session data being lost,
e.g. because php gets rid of old sessions, a new CSRF token is gen-
erated. While this is fine in theory, it actually caused some annoying
problems where the browser restored a tab and Nextcloud js was blocked
due to an outdated nonce.
The main problem here is that, while processing the request, we write
out security headers relatively early. At that point the CSRF token
is known/generated and transformed into a CSP nonce. During this request,
however, we also log the user in because the session information was
lost. At that point we also refresh the CSRF token, which eventually
causes the browser to block any scripts as the nonce in the header
does not match the one which is used to include scripts.
This patch adds a flag to indicate whether the CSRF token should be
refreshed or not. It is assumed that refreshing is only necessary
if we want to re-generate the session id too. To my knowledge, this
case only happens on fresh logins, not when we recover from a deleted
session file.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-04 17:29:26 +02:00
Morris Jobke
e0c92c2da3
Update autoloader
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-04 15:42:34 +02:00
Joas Schilling
6dbb64c4a2
Merge setMetaData into constructor
...
This ensures that the meta data is set in the beginning
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-04 15:07:41 +02:00
Morris Jobke
4fd3240b5f
Merge pull request #6254 from nextcloud/async-bus-split
...
Allow configuring different command bus backends
2017-09-04 14:22:06 +02:00
Morris Jobke
1ebf91ec16
Add proper EOL
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-04 14:21:44 +02:00
Morris Jobke
c04a494ea7
Merge pull request #6064 from nextcloud/fix-5219-absolute-path-must-be-relative-to-files-on-theming-update
...
Still throw a locked exception when the path is not relative to $user/files/
2017-09-04 14:05:34 +02:00
Roeland Jago Douma
c4f175d079
Merge pull request #6326 from nextcloud/fix_4654_3375
...
Pass new value to triggerChange
2017-09-04 12:03:19 +02:00
Morris Jobke
139f9bd3ca
Merge pull request #6331 from nextcloud/update-repair-step
...
Generate system wide key pair (update repair step after backport)
2017-09-04 11:59:34 +02:00
Bjoern Schiessle
e195021926
update autoloader
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-09-04 11:59:00 +02:00
Morris Jobke
e33aa460f1
Merge pull request #6297 from te-online/add-mimetype-internet-shortcut
...
Add mimetype application/internet-shortcut for .url files
2017-09-04 11:55:05 +02:00
Julius Härtl
b09ce70117
Rebuild SCSS files if frontend controller value changes
...
fixes #6271
2017-09-03 17:32:41 +02:00
Nextcloud bot
27c6dc9657
[tx-robot] updated from transifex
2017-09-02 00:08:29 +00:00
Bjoern Schiessle
e039a4c191
move repair step to stable12
...
because we decided to backport it the repair step needs to be executed
already on stable12
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-09-01 11:05:11 +02:00
Roeland Jago Douma
ffe1429c4f
Pass new value to triggerChange
...
it is not used. but pass in the empty string (on delete) and the new
file (on create)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-31 21:59:27 +02:00
Thomas Ebert
93d539b0cf
Add mimetype support for .URL (Windows) and .webloc (macOS) files. Update places/link svg. Add filetype/link icon. Add repair step for mime types.
...
Signed-off-by: Thomas Ebert <thomas.ebert@te-online.net>
2017-08-31 16:53:07 +02:00