Commit Graph

342 Commits

Author SHA1 Message Date
Lukas Reschke bbd5f28415 Let users configure security headers in their Webserver
Doing this in the PHP code is not the right approach for multiple reasons:

1. A bug in the PHP code prevents them from being added to the response.
2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud)
3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations.

This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
2015-03-02 19:07:46 +01:00
Morris Jobke a183b5d7e2 Merge pull request #14208 from owncloud/oc-msg-remove-object-dependency
Remove dependency from arbitrary data object structure for easier usage
2015-02-26 14:57:21 +01:00
Joas Schilling c201bc01bb Remove dependency from arbitrary data object structure for easier usage 2015-02-20 10:43:39 +01:00
Lukas Reschke 27c1409be5 Encode parameters in `OC.generateUrl` by itself
This function is often used in a wrong and potential dangerous way... Thus we should escape the URL per default and offer developers to disable the automatic escaping via an option parameter if they really want that behaviour.

Might break some things, however, those things are then easy to fix and we really have a ton of bugs caused by this...

Fixes https://github.com/owncloud/core/issues/14228
2015-02-17 14:41:06 +01:00
Lukas Reschke dfcd4acd5a Merge pull request #13771 from owncloud/fix-humanfileSize
generate valid human readable text for 0
2015-02-12 18:34:54 +01:00
Lukas Reschke 0119d429fc Second parameter is optional
Makes my IDE happier.
2015-02-11 14:01:22 +01:00
Thomas Müller ccc1f09627 generate valid human readable text for 0 - fixed #9342 2015-01-29 17:27:28 +01:00
Morris Jobke dc17019536 adjust paths for search 2015-01-14 15:15:39 +01:00
Morris Jobke 8e1904386f Add timeout for notifications
* options for timeout in seconds and if it contains HTML
* if timeout is 0 it will show the message permanently
* removes the notification after a given (default: 5 seconds) timeframe
* based on work by @brantje
* provide JS unit tests for notifications
2015-01-08 13:06:45 +01:00
Jörn Friedrich Dreyer 606f802b7b move search results below filelist, show hint when results are off screen, use js plugin mechanism 2015-01-02 10:28:41 +01:00
Jörn Friedrich Dreyer c738359a11 add paged provider 2015-01-02 10:28:41 +01:00
Jörn Friedrich Dreyer 088323aad5 move code from js.js to search.js in the search app 2015-01-02 10:28:41 +01:00
Jörn Friedrich Dreyer d3662722f6 new OC.Search, add search result formatters and handlers, use full content width for results 2015-01-02 10:28:41 +01:00
Thomas Müller 51a22431ee load showpassord.js conditionally in the template only if needed 2014-12-16 18:45:37 +01:00
Lukas Reschke be3d4fd303 Merge pull request #12360 from owncloud/files-tags
Add favorites to files app
2014-12-15 19:55:18 +01:00
Jörn Friedrich Dreyer 6602d3ac77 Merge pull request #12555 from owncloud/app_specific_search
introduce inApps[] filter for search via ajax query
2014-12-15 16:14:40 +01:00
Vincent Petry a5bb66f4a7 Added favorites feature to the files app 2014-12-15 12:10:54 +01:00
Jörn Friedrich Dreyer 1d490b559c introduce inApps[] filter for search via ajax query, make file results show up in files app only
use more flexible return type

check array with !empty instead of count
2014-12-10 15:51:59 +01:00
Vincent Petry c02ef69521 Simple Plugin system for Javascript 2014-12-01 16:20:44 +01:00
Vincent Petry 152da9796b Added function to load translations from JS
For apps that support async translation loading, a new function
OC.L10N.load() can be used to asynchronously load the translations
for a given app.
2014-11-18 12:20:01 +01:00
Vincent Petry 0f3e6cb50a Improved Javascript docs for JSDoc
Added namespaces so that JSDoc can find them.
Fixed a few warnings.
Improved some comments.
2014-10-31 13:43:30 +01:00
Vincent Petry d71cd680dd Include core translations
Moved search result type translations to search.js

Load JS translations earlier

Translations need to be loaded earlier to make sure that some JS files
like search.js get access to translations at this time.

This requires the template initialization to be moved to after session
initialization, because only after the session we have access to the
current language.
2014-10-29 10:09:12 +01:00
Vincent Petry ec1a73fab9 Added OC.L10N namespace with translation functions
Added addTranslations and fixed de.js file

Fixed de.js to use OC.L10N.register() and use to correct expected
format.

Added JS unit tests for OC.L10N class

Include translations JS script for all apps
2014-10-29 10:09:12 +01:00
Clark Tomlinson ca5abe5744 Setting moment locale based on user selection 2014-10-23 10:32:47 -04:00
Bjoern Schiessle 94a9ff1cd8 make sure that the notification gets shown again after a second try 2014-10-07 12:02:58 +02:00
Vincent Petry e65ceb08fc Moved WebDAV and internet checks to client side JS
- Added setup checks in JavaScript
- Moved isWebDAVWorking to JS using SetupChecks
- Moved internet connection checks to an ajax call that goes through the
  server
2014-09-23 11:16:14 +02:00
Lukas Reschke d2743e6ad6 Merge pull request #7254 from owncloud/core-sortalgo
Fixed JS sort comparator to be consistent between JS and PHP
2014-09-16 17:29:03 +02:00
Robin McCorkell 99d41bec5d Show original path information in trashbin and sharing views
Path will only be shown if in subdirectory, not in root.
2014-09-11 15:45:42 +01:00
Thomas Müller fd92fc7c47 Merge pull request #9753 from owncloud/filepath-css
Remove special case for css in OC.filePath
2014-09-09 13:59:19 +02:00
kondou 2a4c51389c Use a route instead of s.php and convert tokens asap 2014-09-04 15:23:55 +02:00
Thomas Müller ed2424c382 Merge pull request #10637 from owncloud/fixing-js-issues
Init vars with a value if none is provided
2014-08-29 10:16:29 +02:00
Clark Tomlinson ba0e65753b Init vars with a value if none is provided 2014-08-28 13:53:45 -04:00
Clark Tomlinson 92685acf60 Implementing moment.js
Updating Usages

Removing unused method

Adding JS Doc
2014-08-28 09:28:45 -04:00
Vincent Petry f2001a48a4 Fixed sort algo for additional cases 2014-08-11 13:28:53 +02:00
Vincent Petry 173059f6d0 Fixed file list sorting
Now using a natural sort algorithm that is more consistent between JS
and PHP (although not perfect in some corner cases)

- added OC.Util.naturalSortComparator that uses the same algo that was
  used for the user list
- changed user list and files list to use OC.Util.naturalSortComparator
- removed toLowerCase() and changed the comparator to use
  String.localeCompare()
- added unit tests
- added OC_NaturalSort that is used by OCP\Util::naturalSortCompare()
2014-08-11 13:28:53 +02:00
Jan-Christoph Borchardt a6484fbda9 fix yellow notification style 2014-07-30 18:02:53 +02:00
Vincent Petry 4fea521102 Fix enforced share expiration date to be based on share time 2014-07-21 15:01:20 +02:00
Robin Appelman e7e5333b12 Remove special case for css in OC.filePath 2014-07-21 13:03:14 +02:00
Robin Appelman 6962505095 debounce the search function 2014-07-08 15:42:58 +02:00
Morris Jobke ae8e27cc42 fix loading spinner on ctrl click a app entry- fixes #9063 2014-07-07 10:39:48 +02:00
Vincent Petry 9de3d8225b Fix parsing URL hash when no "?" was specified 2014-06-25 12:37:11 +02:00
Vincent Petry ce168c286a Added max heartbeat interval to prevent integer overflow
When using big session timeout values, the interval value might
overflow and cause the setInterval() call to ping the server in a loop
without any delay.

This fix adds a maximum ping interval of 24 hours.

Forward port of 00ec5fc193 from stable6.
2014-06-12 18:41:19 +02:00
Vincent Petry 015c5062e5 Disable snapper init for IE <= 9
Snapper doesn't work at all for IE8 and IE9 and messes up with the main
container layout when enabled.

This commits disables snapper for these browsers.
2014-06-10 17:14:49 +02:00
Jan-Christoph Borchardt 933c05566e Merge pull request #8922 from owncloud/design-controls-transparency
Bugfixes for mobile
2014-06-06 14:52:55 +02:00
Vincent Petry 5cebb6fb9b Merge pull request #4553 from owncloud/update_search_classes
Update search classes
2014-06-06 13:24:16 +02:00
Jan-Christoph Borchardt a6f9dd9c4b fix apps without app-navigation 2014-06-06 12:22:31 +02:00
Jörn Friedrich Dreyer 7c29645f22 allow apps to add translation for search result typeid 2014-06-06 11:28:43 +02:00
Vincent Petry b8ab77a475 Added debounce on resize 2014-06-06 09:50:46 +02:00
Morris Jobke 584c47b433 Disable snapper on bigger screens and on public/login page 2014-06-06 01:32:33 +02:00
Jan-Christoph Borchardt 9063a25bb4 slightly widen sidebar to 250px, works better with apps and on mobile 2014-06-05 21:19:28 +02:00